Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infection of trojan. System not working well.


  • This topic is locked This topic is locked
9 replies to this topic

#1 monkeyjoker

monkeyjoker

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 25 September 2017 - 01:49 AM

Hi everyone. When I run the scan with Malwarebytes Antimalware. In the results it showed trojan I removed it. And I ran the scan again this time I found nothing. But it is still in my PC. The real problem is it is consuming my internet bandwidth. I need help here. I am using windows 7-professional 32-bit operating system. And also I need some fixes in my system. After the infection of trojan I lost some of my program files in my system It is not working properly. First I need to remove this malware.

Edited by Platypus, 25 September 2017 - 02:04 AM.
Moved from Logs forum, no logs posted. Deleted duplicate.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:43 AM

Posted 25 September 2017 - 10:16 AM

Let's run a few others and see.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
lv0mVRW.pngJunkware Removal Tool
  • Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 monkeyjoker

monkeyjoker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 25 September 2017 - 01:03 PM

MiniToolBox by Farbar  Version: 17-06-2016
Ran by naresh (administrator) on 25-09-2017 at 21:49:10
Running from "F:\progams\Joker prgms"
Microsoft Windows 7 Professional  Service Pack 1 (X86)
Model: DL-H61MXEL Manufacturer: DIGILITE
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
127.0.0.1 genuine.microsoft.com
127.0.0.1 mpa.one.microsoft.com
127.0.0.1 sls.microsoft.com
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global defaultcurhoplimit=64 icmpredirects=enabled taskoffload=enabled
add route prefix=0.0.0.0/0 interface="Local Area Connection" nexthop=172.28.32.1 publish=Yes
add address name="Local Area Connection" address=172.28.32.61 mask=255.255.252.0
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : Madhava
   Primary Dns Suffix  . . . . . . . : knm
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : knm
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 00-17-7C-0F-22-B2
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::840e:fd43:9576:82d4%12(Preferred) 
   IPv4 Address. . . . . . . . . . . : 172.28.32.61(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.252.0
   Default Gateway . . . . . . . . . : 172.28.32.1
   DHCPv6 IAID . . . . . . . . . . . : 301995900
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-FD-E0-5E-00-17-7C-0F-22-B2
   DNS Servers . . . . . . . . . . . : 172.28.28.1
                                       8.8.8.8
   NetBIOS over Tcpip. . . . . . . . : Enabled
 
Tunnel adapter Teredo Tunneling Pseudo-Interface:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
 
Tunnel adapter Reusable ISATAP Interface {1A2B076A-F89E-4AD0-B73B-00411F5AAF97}:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  login.dvrc.net1
Address:  172.28.28.1
 
Name:    google.com
Addresses:  2404:6800:4009:807::200e
  216.58.203.206
 
 
Pinging google.com [216.58.203.206] with 32 bytes of data:
Reply from 216.58.203.206: bytes=32 time=52ms TTL=54
Reply from 216.58.203.206: bytes=32 time=55ms TTL=54
 
Ping statistics for 216.58.203.206:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 52ms, Maximum = 55ms, Average = 53ms
Server:  login.dvrc.net1
Address:  172.28.28.1
 
Name:    yahoo.com
Addresses:  2001:4998:58:c02::a9
  2001:4998:44:204::a7
  2001:4998:c:a06::2:4008
  98.138.253.109
  98.139.180.149
  206.190.36.45
 
 
Pinging yahoo.com [98.139.180.149] with 32 bytes of data:
Reply from 98.139.180.149: bytes=32 time=240ms TTL=43
Reply from 98.139.180.149: bytes=32 time=231ms TTL=43
 
Ping statistics for 98.139.180.149:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 231ms, Maximum = 240ms, Average = 235ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
Reply from 127.0.0.1: bytes=32 time<1ms TTL=64
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 12...00 17 7c 0f 22 b2 ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 10...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      172.28.32.1     172.28.32.61    276
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      172.28.32.0    255.255.252.0         On-link      172.28.32.61    276
     172.28.32.61  255.255.255.255         On-link      172.28.32.61    276
    172.28.35.255  255.255.255.255         On-link      172.28.32.61    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      172.28.32.61    276
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      172.28.32.61    276
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0      172.28.32.1  Default 
===========================================================================
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 12    276 fe80::/64                On-link
 12    276 fe80::840e:fd43:9576:82d4/128
                                    On-link
  1    306 ff00::/8                 On-link
 12    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
 
========================= Event log errors: ================================
 
Could not start eventlog service, could not read events.
 
The service name is invalid.
 
More help is available by typing NET HELPMSG 2185.
 
 
=========================== Installed Programs ============================
 
4Videosoft 3D Converter 5.1.8 (HKLM\...\{8C9467CB-02EF-4948-B1F3-725EEFA6D571}_is1) (Version:  - )
Adobe Acrobat Reader DC (HKLM\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Adobe Photoshop 7.0 (HKLM\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)
Adobe Refresh Manager (HKLM\...\{AC76BA86-0804-1033-1959-001824237067}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
FastStone Image Viewer 6.3 (HKLM\...\FastStone Image Viewer) (Version: 6.3 - FastStone Soft)
Folder Lock (HKCU\...\Folder Lock) (Version:  - New Softwares.net Inc.)
FormatFactory 3.00 (HKLM\...\FormatFactory) (Version: 3.00 - Free Time)
Google Chrome (HKLM\...\Google Chrome) (Version: 61.0.3163.100 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.5 - Google Inc.) Hidden
Guardius (HKCU\...\Guardius) (Version: 1.0.0.26 - Perion Ltd.)
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - Tonec Inc.)
K-Lite Mega Codec Pack 13.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 13.4.0 - KLCP)
Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
NVIDIA PhysX (HKLM\...\{64F67489-76BB-4CDD-A236-F954BE774B35}) (Version: 9.09.0025 - NVIDIA Corporation)
Pandora Service (HKLM\...\4F6D5E84-5826-4394-9F40-3A9A19165651_is1) (Version:  - Pandora.TV)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Plex Media Server (HKLM\...\{43DD2A09-F547-4E27-9320-0BD928E781D6}) (Version: 1.8.4235 - Plex, Inc.) Hidden
Plex Media Server (HKLM\...\{8b910e84-0e70-4ba1-bde8-87fb1efb9688}) (Version: 1.8.3.4235 - Plex, Inc.)
Realtek Ethernet Controller Driver (HKLM\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
SmartView for IE (HKLM\...\{E9563CD0-B68D-4554-8C17-7C79F9951EB3}) (Version: 1.0.0.0 - DeviceVM, Inc.)
Stopping Plex (HKLM\...\{C0D1A9A3-6C62-4231-A297-971C5535B29C}) (Version: 1.8.4235 - Plex, Inc.) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
VC80CRTRedist - 8.0.50727.6195 (HKLM\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vuze (HKLM\...\8461-7759-5462-8226) (Version: 5.7.5.0 - Azureus Software, Inc.)
WhatsApp (HKCU\...\WhatsApp) (Version: 0.2.5863 - WhatsApp)
WinRAR 5.50 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
 
========================= Devices: ================================
 
Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus
Device ID: ROOT\UMBUS\0000
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
========================= Memory info: ===================================
 
Percentage of memory in use: 57%
Total physical RAM: 2922.64 MB
Available physical RAM: 1256.25 MB
Total Virtual: 5843.61 MB
Available Virtual: 4018.44 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:29.19 GB) (Free:1.09 GB) NTFS
2 Drive d: () (Fixed) (Total:145.49 GB) (Free:22.58 GB) NTFS
3 Drive e: () (Fixed) (Total:145.49 GB) (Free:34.39 GB) NTFS
4 Drive f: () (Fixed) (Total:145.49 GB) (Free:82.28 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\MADHAVA
 
Administrator            Guest                    naresh                   
 
 
**** End of log ****
 
TDSSkiller report : 
 
22:00:19.0347 0x13e0  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
22:00:22.0741 0x13e0  ============================================================
22:00:22.0741 0x13e0  Current date / time: 2017/09/25 22:00:22.0741
22:00:22.0741 0x13e0  SystemInfo:
22:00:22.0741 0x13e0  
22:00:22.0741 0x13e0  OS Version: 6.1.7601 ServicePack: 1.0
22:00:22.0741 0x13e0  Product type: Workstation
22:00:22.0741 0x13e0  ComputerName: MADHAVA
22:00:22.0741 0x13e0  UserName: naresh
22:00:22.0741 0x13e0  Windows directory: C:\Windows
22:00:22.0741 0x13e0  System windows directory: C:\Windows
22:00:22.0741 0x13e0  Processor architecture: Intel x86
22:00:22.0741 0x13e0  Number of processors: 4
22:00:22.0741 0x13e0  Page size: 0x1000
22:00:22.0741 0x13e0  Boot type: Normal boot
22:00:22.0742 0x13e0  CodeIntegrityOptions = 0x00000000
22:00:22.0742 0x13e0  ============================================================
22:00:27.0054 0x13e0  KLMD registered as C:\Windows\system32\drivers\15617864.sys
22:00:27.0054 0x13e0  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23889, osProperties = 0x0
22:00:27.0622 0x13e0  System UUID: {9CD03DDA-D94D-99A4-5DEB-F4717CAB0A81}
22:00:28.0339 0x13e0  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:00:28.0349 0x13e0  ============================================================
22:00:28.0349 0x13e0  \Device\Harddisk0\DR0:
22:00:28.0350 0x13e0  MBR partitions:
22:00:28.0350 0x13e0  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:00:28.0350 0x13e0  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A63800
22:00:28.0361 0x13e0  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3A9632F, BlocksNum 0x122F8DF1
22:00:28.0375 0x13e0  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x15D8F15F, BlocksNum 0x122F8DF1
22:00:28.0405 0x13e0  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x28087F8F, BlocksNum 0x122F8DF1
22:00:28.0406 0x13e0  ============================================================
22:00:28.0475 0x13e0  C: <-> \Device\Harddisk0\DR0\Partition2
22:00:28.0542 0x13e0  D: <-> \Device\Harddisk0\DR0\Partition3
22:00:28.0607 0x13e0  E: <-> \Device\Harddisk0\DR0\Partition4
22:00:28.0628 0x13e0  F: <-> \Device\Harddisk0\DR0\Partition5
22:00:28.0629 0x13e0  ============================================================
22:00:28.0629 0x13e0  Initialize success
22:00:28.0629 0x13e0  ============================================================
22:00:29.0663 0x1594  ============================================================
22:00:29.0663 0x1594  Scan started
22:00:29.0663 0x1594  Mode: Manual; 
22:00:29.0663 0x1594  ============================================================
22:00:29.0663 0x1594  KSN ping started
22:00:29.0914 0x1594  KSN ping finished: true
22:00:31.0174 0x1594  ================ Scan system memory ========================
22:00:31.0174 0x1594  System memory - ok
22:00:31.0175 0x1594  ================ Scan services =============================
22:00:31.0672 0x1594  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
22:00:31.0679 0x1594  1394ohci - ok
22:00:31.0718 0x1594  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
22:00:31.0728 0x1594  ACPI - ok
22:00:31.0767 0x1594  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
22:00:31.0769 0x1594  AcpiPmi - ok
22:00:31.0875 0x1594  [ 9B112FDA1D5FB7B75627461001AC692A, 2EDF7C8FD59CD5FCD19FA528F60CBD6DDB9A8076AE0280B11D8EA8EAF7D39958 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:00:31.0878 0x1594  AdobeARMservice - ok
22:00:31.0966 0x1594  [ 3E27E2DAA6869642B2DCB85C777E38B7, FB60068DFEA117006D8236DE73CC5A9B65272C6F739E2C8D1DD771360B9D989F ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:00:31.0976 0x1594  AdobeFlashPlayerUpdateSvc - ok
22:00:32.0012 0x1594  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
22:00:32.0026 0x1594  adp94xx - ok
22:00:32.0127 0x1594  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
22:00:32.0138 0x1594  adpahci - ok
22:00:32.0158 0x1594  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
22:00:32.0162 0x1594  adpu320 - ok
22:00:32.0180 0x1594  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
22:00:32.0183 0x1594  AeLookupSvc - ok
22:00:32.0261 0x1594  [ F582FC7976F1248AC5FBD6875C626B41, E65532B4E9924ECFF892C0A62312CBC070BFF7B1C4737E6CF8C4ED638BCD030F ] AFD             C:\Windows\system32\drivers\afd.sys
22:00:32.0273 0x1594  AFD - ok
22:00:32.0291 0x1594  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
22:00:32.0295 0x1594  agp440 - ok
22:00:32.0316 0x1594  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
22:00:32.0320 0x1594  aic78xx - ok
22:00:32.0371 0x1594  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
22:00:32.0375 0x1594  ALG - ok
22:00:32.0384 0x1594  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
22:00:32.0386 0x1594  aliide - ok
22:00:32.0399 0x1594  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
22:00:32.0403 0x1594  amdagp - ok
22:00:32.0417 0x1594  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
22:00:32.0419 0x1594  amdide - ok
22:00:32.0434 0x1594  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
22:00:32.0437 0x1594  AmdK8 - ok
22:00:32.0453 0x1594  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
22:00:32.0456 0x1594  AmdPPM - ok
22:00:32.0485 0x1594  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
22:00:32.0490 0x1594  amdsata - ok
22:00:32.0518 0x1594  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
22:00:32.0525 0x1594  amdsbs - ok
22:00:32.0535 0x1594  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
22:00:32.0536 0x1594  amdxata - ok
22:00:32.0552 0x1594  [ A029C966211BC86578D6845B07D73CA4, B55C255284E6D6EAD47BD0AA88B0A413A99ED95C8F0098B8CF3131D10E02F870 ] AppID           C:\Windows\system32\drivers\appid.sys
22:00:32.0552 0x1594  AppID - ok
22:00:32.0568 0x1594  [ 063AA16D8349F4F17F92CD71E97DE3F2, 9C1E4046528A2E6CE377A2B76010AA48EE488B4D55E20F99EEA1F7134E08B1A5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
22:00:32.0583 0x1594  AppIDSvc - ok
22:00:32.0614 0x1594  [ 5EDA6BA186D1B05D5EF4E96F81F3F3EF, B815998ED90E4AC8F4394992082E1F05076CA07C868A15E616C291DCAAF8A000 ] Appinfo         C:\Windows\System32\appinfo.dll
22:00:32.0614 0x1594  Appinfo - ok
22:00:32.0677 0x1594  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
22:00:32.0692 0x1594  AppMgmt - ok
22:00:32.0708 0x1594  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
22:00:32.0708 0x1594  arc - ok
22:00:32.0724 0x1594  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
22:00:32.0724 0x1594  arcsas - ok
22:00:32.0895 0x1594  [ 8A4E854AA8D471A17077573D286B1947, 775872A971403B7EC8221249829D1324FC67055750E0778AF97C4BA9595F89B5 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
22:00:32.0973 0x1594  aspnet_state - ok
22:00:33.0301 0x1594  [ 8BF59ABE2F501B706FCFBBF7DEBE8FC3, 72D113A309F422A3F30705C7431516846AA9AE641225AFC2341B266E98BFD398 ] aswbIDSAgent    D:\program files\aswidsagent.exe
22:00:33.0379 0x1594  aswbIDSAgent - ok
22:00:33.0457 0x1594  [ DFD9F85C4274BB10EB4055A06E917FAB, AAF6DBC52517F8AC0941DB951E53C8530CA35DE4099F86A0E83B94514AEAB2F7 ] aswbidsdriver   C:\Windows\system32\drivers\aswbidsdriverx.sys
22:00:33.0472 0x1594  aswbidsdriver - ok
22:00:33.0504 0x1594  [ 68A50B452292FD03BEBBD7304FA15004, F117278E252EDAFB7D7E31FEEDB097C9D73CECEEB5AA49A691404CF88F872E2C ] aswbidsh        C:\Windows\system32\drivers\aswbidshx.sys
22:00:33.0519 0x1594  aswbidsh - ok
22:00:33.0568 0x1594  [ C487EB91DC13D752E74A3659AB2FCDF2, 233D8F2C04E98E86064661AE85B230632DA86D3EE69DB83A8A8C023D11BAAA5A ] aswblog         C:\Windows\system32\drivers\aswblogx.sys
22:00:33.0584 0x1594  aswblog - ok
22:00:33.0615 0x1594  [ CC30E7A1633BE59AF6C70DFA886C2B1D, 061A72E8DCA608D920C17B59199757398A4AD324AC807B504AEB11D3C67F79D6 ] aswbuniv        C:\Windows\system32\drivers\aswbunivx.sys
22:00:33.0615 0x1594  aswbuniv - ok
22:00:33.0668 0x1594  [ 780BDC0C9218578F6F33F23273783C40, 079CE46F730E384DF9843F1095505FF3538D99B36B4A9B4F48CD26D9EF89BA9A ] aswHwid         C:\Windows\system32\drivers\aswHwid.sys
22:00:33.0668 0x1594  aswHwid - ok
22:00:33.0684 0x1594  [ EF63BDA4A30282E0E512F417A8B26788, A17DF75AF805BF4D6B3DCAA0050760E58E98AEF36F453AF3C80C2BBC8A9C8963 ] aswMonFlt       C:\Windows\system32\drivers\aswMonFlt.sys
22:00:33.0684 0x1594  aswMonFlt - ok
22:00:33.0699 0x1594  [ 97218C003A56CF292C65C7DDFCD8166E, 13DD585E7F8A0168DAA8822DB3979A8151F0D392E26D6A98FCEA2505F003A725 ] aswRdr          C:\Windows\system32\drivers\aswRdr2.sys
22:00:33.0699 0x1594  aswRdr - ok
22:00:33.0730 0x1594  [ DC210B171074F4AD3E0180007950F1D7, 6062198572FD6F6F436D94A1A57E379381813177BAC5CE64589B62A677BABBB0 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
22:00:33.0730 0x1594  aswRvrt - ok
22:00:33.0762 0x1594  [ 208EFF8EEE7EC7A188ADBA05297B2A00, 34E0E62B8834425F809F8812584FB1D5FE722031880E04C9CFEF691B90FB3CE8 ] aswSnx          C:\Windows\system32\drivers\aswSnx.sys
22:00:33.0779 0x1594  aswSnx - ok
22:00:33.0795 0x1594  [ FEABE2ECCCE0FD2EB309CB0922E98E14, B18FDE4032F9A3B30708C10FD82890E61F6AED70BBCE2DBD875D14D312A6D94E ] aswSP           C:\Windows\system32\drivers\aswSP.sys
22:00:33.0795 0x1594  aswSP - ok
22:00:33.0826 0x1594  [ 5678B3EE03F672528D883E788134C979, 81B12BECBE43CB8066BCB2BEEEEAF48CCA55D9CFBC7A7C6A5E4F99EDB6C18B21 ] aswStm          C:\Windows\system32\drivers\aswStm.sys
22:00:33.0842 0x1594  aswStm - ok
22:00:33.0857 0x1594  [ ACCB9E2692026E08BC2C54E26761EB4F, C43469737255C49DAA96452827889175C864D410407DEF6A8CDAFA5851A948A5 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
22:00:33.0857 0x1594  aswVmm - ok
22:00:33.0873 0x1594  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
22:00:33.0873 0x1594  AsyncMac - ok
22:00:33.0904 0x1594  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
22:00:33.0904 0x1594  atapi - ok
22:00:33.0935 0x1594  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:00:33.0951 0x1594  AudioEndpointBuilder - ok
22:00:33.0966 0x1594  [ 4F1E405154D2E68E6ACC3FE07DE02E93, 83FAB4E92B87E8C46BF39DD7556D2F7DCE0AD1E4C9C09ED12C428B82FAD03BDE ] Audiosrv        C:\Windows\System32\Audiosrv.dll
22:00:33.0966 0x1594  Audiosrv - ok
22:00:33.0998 0x1594  [ F0F110790B2C0D832B611814C57593C9, 24BA8A0863ADA441B8F0D5D3220A850967A2231EAB0E9A6D9B25ECE42B23CB7B ] avast! Antivirus D:\program files\AvastSvc.exe
22:00:33.0998 0x1594  avast! Antivirus - ok
22:00:34.0060 0x1594  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
22:00:34.0060 0x1594  AxInstSV - ok
22:00:34.0091 0x1594  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
22:00:34.0107 0x1594  b06bdrv - ok
22:00:34.0154 0x1594  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
22:00:34.0169 0x1594  b57nd60x - ok
22:00:34.0216 0x1594  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
22:00:34.0216 0x1594  BDESVC - ok
22:00:34.0232 0x1594  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
22:00:34.0232 0x1594  Beep - ok
22:00:34.0310 0x1594  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
22:00:34.0325 0x1594  BFE - ok
22:00:34.0356 0x1594  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
22:00:34.0372 0x1594  BITS - ok
22:00:34.0388 0x1594  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
22:00:34.0388 0x1594  blbdrive - ok
22:00:34.0403 0x1594  [ 28AF7D4427868B7CE4C00CAB1864C7F6, AAE5303878AF0F7AA18069A8FCD99639EBC34622B456AF86C5E4F27858196E06 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
22:00:34.0403 0x1594  bowser - ok
22:00:34.0419 0x1594  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:00:34.0419 0x1594  BrFiltLo - ok
22:00:34.0434 0x1594  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:00:34.0434 0x1594  BrFiltUp - ok
22:00:34.0481 0x1594  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
22:00:34.0481 0x1594  Browser - ok
22:00:34.0497 0x1594  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
22:00:34.0512 0x1594  Brserid - ok
22:00:34.0559 0x1594  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
22:00:34.0559 0x1594  BrSerWdm - ok
22:00:34.0590 0x1594  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
22:00:34.0590 0x1594  BrUsbMdm - ok
22:00:34.0606 0x1594  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
22:00:34.0606 0x1594  BrUsbSer - ok
22:00:34.0622 0x1594  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
22:00:34.0622 0x1594  BTHMODEM - ok
22:00:34.0639 0x1594  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
22:00:34.0639 0x1594  bthserv - ok
22:00:34.0670 0x1594  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
22:00:34.0670 0x1594  cdfs - ok
22:00:34.0702 0x1594  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
22:00:34.0717 0x1594  cdrom - ok
22:00:34.0748 0x1594  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
22:00:34.0748 0x1594  CertPropSvc - ok
22:00:34.0764 0x1594  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
22:00:34.0780 0x1594  circlass - ok
22:00:34.0811 0x1594  [ 000B58009E5D0962C0A71D6477029A3F, 2696398A42B399AEE9F9F0FB26610BB9F50F9EC784EC80F78FF6DD3D6E892ADA ] CLFS            C:\Windows\system32\CLFS.sys
22:00:34.0811 0x1594  CLFS - ok
22:00:34.0858 0x1594  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:00:34.0858 0x1594  clr_optimization_v2.0.50727_32 - ok
22:00:34.0936 0x1594  [ E92174C5B9610D580C6BAAE75A4DB9C8, 03049649E81BDABBCF1F9A544C064B5ECFF2CB31CD5C8DB41FC598078B906936 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:00:35.0031 0x1594  clr_optimization_v4.0.30319_32 - ok
22:00:35.0047 0x1594  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
22:00:35.0047 0x1594  CmBatt - ok
22:00:35.0062 0x1594  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
22:00:35.0078 0x1594  cmdide - ok
22:00:35.0094 0x1594  [ 7F7D4B16389CEF932950F6B2604D2601, E7C32734DAA75A00866A0F961C945BF7CC7A29D3A9806041D0046BC9FD3ACC5A ] CNG             C:\Windows\system32\Drivers\cng.sys
22:00:35.0109 0x1594  CNG - ok
22:00:35.0140 0x1594  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
22:00:35.0140 0x1594  Compbatt - ok
22:00:35.0156 0x1594  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
22:00:35.0156 0x1594  CompositeBus - ok
22:00:35.0172 0x1594  COMSysApp - ok
22:00:35.0266 0x1594  [ 08E2DD2780735F4AAB22B775880CD8AC, 54710DB7B3D41CB1DF37B4F8AB30965A71D475554845A5D3CFABF1DF14D8486D ] cphs            C:\Windows\system32\IntelCpHeciSvc.exe
22:00:35.0282 0x1594  cphs - ok
22:00:35.0297 0x1594  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
22:00:35.0297 0x1594  crcdisk - ok
22:00:35.0329 0x1594  [ AAE96A2A48C7332310C1C28A1D466761, 7279E23A46353BC3D8A1B949B14F11DA689E73D033CD24C8E82613CCFD76E4EA ] CryptSvc        C:\Windows\system32\cryptsvc.dll
22:00:35.0329 0x1594  CryptSvc - ok
22:00:35.0344 0x1594  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
22:00:35.0360 0x1594  CSC - ok
22:00:35.0407 0x1594  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
22:00:35.0407 0x1594  CscService - ok
22:00:35.0438 0x1594  [ 0395B42B3885269C039C6705D5A49BE3, A87697AFC9D4478DCD0A0053DBE378F3F84961BCF1A911DBB4161EEB350CB064 ] DcomLaunch      C:\Windows\system32\rpcss.dll
22:00:35.0453 0x1594  DcomLaunch - ok
22:00:35.0469 0x1594  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
22:00:35.0469 0x1594  defragsvc - ok
22:00:35.0485 0x1594  [ EA9DBD76CE9254C77BAAB4339DD4C4FB, ECEE6EB8CFE1BD20BC7B6ED29A1624DDC3E22A37A56BA43B9B14E37D4003B72D ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
22:00:35.0485 0x1594  DfsC - ok
22:00:35.0516 0x1594  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
22:00:35.0516 0x1594  Dhcp - ok
22:00:35.0565 0x1594  [ 58F9BFBAE3C25D1A349DF0C6ECE8F9DF, FF1CFC9B323BCE2CFC06F9B2A98A29396832134FD61A570C1971A7240899E526 ] DiagTrack       C:\Windows\system32\diagtrack.dll
22:00:35.0580 0x1594  DiagTrack - ok
22:00:35.0611 0x1594  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
22:00:35.0611 0x1594  discache - ok
22:00:35.0627 0x1594  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
22:00:35.0627 0x1594  Disk - ok
22:00:35.0658 0x1594  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
22:00:35.0658 0x1594  Dnscache - ok
22:00:35.0674 0x1594  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
22:00:35.0674 0x1594  dot3svc - ok
22:00:35.0736 0x1594  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
22:00:35.0752 0x1594  DPS - ok
22:00:35.0767 0x1594  [ A3F684B866A7D89AE396276CE7AFD416, 1E4C034B7B106FA403B13842A199D88A33B492A577B58CDDAE0B4706266B9565 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
22:00:35.0767 0x1594  drmkaud - ok
22:00:35.0799 0x1594  [ 897AE9430D037B056CF76A49CF588542, 02767A3CF7AFF9ECF251808DF2B3B4CABFBDF3EF59E15498B0985298991D8B91 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
22:00:35.0814 0x1594  DXGKrnl - ok
22:00:35.0845 0x1594  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
22:00:35.0845 0x1594  EapHost - ok
22:00:35.0939 0x1594  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
22:00:36.0017 0x1594  ebdrv - ok
22:00:36.0048 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] EFS             C:\Windows\System32\lsass.exe
22:00:36.0048 0x1594  EFS - ok
22:00:36.0095 0x1594  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
22:00:36.0111 0x1594  ehRecvr - ok
22:00:36.0142 0x1594  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
22:00:36.0142 0x1594  ehSched - ok
22:00:36.0174 0x1594  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
22:00:36.0183 0x1594  elxstor - ok
22:00:36.0206 0x1594  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
22:00:36.0209 0x1594  ErrDev - ok
22:00:36.0235 0x1594  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
22:00:36.0242 0x1594  EventSystem - ok
22:00:36.0265 0x1594  ew_hwusbdev - ok
22:00:36.0290 0x1594  [ 53E8732CC70CC0991839DF9FC8996E4A, D14F6CAAF1F71647F12C6BDF1CD3EE7ADFAB0B292760AC197B876F0868853A72 ] exfat           C:\Windows\system32\drivers\exfat.sys
22:00:36.0294 0x1594  exfat - ok
22:00:36.0315 0x1594  [ 24F422E5D7517FEBDA2324116F1A7BE6, 3D54FFB59F7E4F9CC1189D8808B1F17EE7C4A6DE2A13C74CA5B6A47D5E759C53 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
22:00:36.0319 0x1594  fastfat - ok
22:00:36.0349 0x1594  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
22:00:36.0365 0x1594  Fax - ok
22:00:36.0385 0x1594  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
22:00:36.0387 0x1594  fdc - ok
22:00:36.0398 0x1594  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
22:00:36.0401 0x1594  fdPHost - ok
22:00:36.0410 0x1594  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
22:00:36.0410 0x1594  FDResPub - ok
22:00:36.0442 0x1594  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
22:00:36.0442 0x1594  FileInfo - ok
22:00:36.0457 0x1594  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
22:00:36.0457 0x1594  Filetrace - ok
22:00:36.0473 0x1594  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
22:00:36.0473 0x1594  flpydisk - ok
22:00:36.0488 0x1594  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
22:00:36.0519 0x1594  FltMgr - ok
22:00:36.0717 0x1594  [ 425C7B3B3D4DC06FA62283C92C4C1759, 1B37B993D131CAE7AA03C00F102FB1A9A68A27DFABCEBD890F52AE291B080398 ] FontCache       C:\Windows\system32\FntCache.dll
22:00:36.0749 0x1594  FontCache - ok
22:00:36.0860 0x1594  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:00:36.0876 0x1594  FontCache3.0.0.0 - ok
22:00:36.0890 0x1594  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
22:00:36.0893 0x1594  FsDepends - ok
22:00:36.0915 0x1594  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
22:00:36.0917 0x1594  Fs_Rec - ok
22:00:36.0949 0x1594  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
22:00:36.0953 0x1594  fvevol - ok
22:00:36.0980 0x1594  FXDrv32 - ok
22:00:36.0997 0x1594  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
22:00:36.0999 0x1594  gagp30kx - ok
22:00:37.0044 0x1594  [ 8DA745095F6B73BB5B8266BF773DA1FA, 3EA614A9B8D4F61704A8754B014C8F6AC60551435BC4D9F2E761955905DA89F3 ] gpsvc           C:\Windows\System32\gpsvc.dll
22:00:37.0061 0x1594  gpsvc - ok
22:00:37.0133 0x1594  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:00:37.0136 0x1594  gupdate - ok
22:00:37.0183 0x1594  [ 0545A3EB959CFA4790D267BFB8C1ACA4, 69061E33ACB7587D773D05000390F9101F71DFD6EED7973B551594EAF3F04193 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:00:37.0186 0x1594  gupdatem - ok
22:00:37.0202 0x1594  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
22:00:37.0204 0x1594  hcw85cir - ok
22:00:37.0245 0x1594  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:00:37.0253 0x1594  HdAudAddService - ok
22:00:37.0272 0x1594  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
22:00:37.0275 0x1594  HDAudBus - ok
22:00:37.0294 0x1594  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
22:00:37.0296 0x1594  HidBatt - ok
22:00:37.0309 0x1594  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
22:00:37.0312 0x1594  HidBth - ok
22:00:37.0331 0x1594  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
22:00:37.0333 0x1594  HidIr - ok
22:00:37.0355 0x1594  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
22:00:37.0359 0x1594  hidserv - ok
22:00:37.0387 0x1594  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
22:00:37.0388 0x1594  HidUsb - ok
22:00:37.0415 0x1594  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
22:00:37.0422 0x1594  hkmsvc - ok
22:00:37.0451 0x1594  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:00:37.0458 0x1594  HomeGroupListener - ok
22:00:37.0483 0x1594  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:00:37.0489 0x1594  HomeGroupProvider - ok
22:00:37.0511 0x1594  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
22:00:37.0513 0x1594  HpSAMD - ok
22:00:37.0540 0x1594  [ 2F50E2780F16E00369F1311B086C3E42, F3FAE2D965D055810775B7AAE7BF1C4C39961A64E42B345FC604D32F3AC7E7DA ] HTTP            C:\Windows\system32\drivers\HTTP.sys
22:00:37.0552 0x1594  HTTP - ok
22:00:37.0566 0x1594  huawei_enumerator - ok
22:00:37.0571 0x1594  hwdatacard - ok
22:00:37.0617 0x1594  [ 4004657E385E6C714825EB9031ED2062, 6AB3F3AE72B5939E5D551FBBAE1CDDA54CD63631685E311706FD2389B4F2BE56 ] HWiNFO32        C:\Windows\system32\drivers\HWiNFO32.SYS
22:00:37.0618 0x1594  HWiNFO32 - ok
22:00:37.0640 0x1594  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
22:00:37.0641 0x1594  hwpolicy - ok
22:00:37.0653 0x1594  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
22:00:37.0656 0x1594  i8042prt - ok
22:00:37.0675 0x1594  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
22:00:37.0683 0x1594  iaStorV - ok
22:00:37.0749 0x1594  [ 075C68F408D8D810E85122E334E6DBBB, B351BFAB1EEE7CA9813419D69544E0A04EC375D94246832355ACE8314C2F6465 ] IDMWFP          C:\Windows\system32\DRIVERS\idmwfp.sys
22:00:37.0751 0x1594  IDMWFP - ok
22:00:37.0799 0x1594  [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
22:00:37.0817 0x1594  idsvc - ok
22:00:38.0041 0x1594  [ 90CB68516429CFBDD7956C146997AB36, 1133F2197BAAB76B62F932D12C526918E127ABE992BCB1CB0D0AE2F30CFF97EC ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
22:00:38.0098 0x1594  igfx - ok
22:00:38.0127 0x1594  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
22:00:38.0129 0x1594  iirsp - ok
22:00:38.0173 0x1594  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
22:00:38.0188 0x1594  IKEEXT - ok
22:00:38.0323 0x1594  [ 6163A2BDD002147DA9481F09E3EAB445, 4B8D69E631E2C38EB5FD3F39BAE0053883314A3D45022DCE922FEAA16CEB228D ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
22:00:38.0387 0x1594  IntcAzAudAddService - ok
22:00:38.0412 0x1594  [ 5576AD2F0039D2BCCCA3567FC0BF981C, 4C782738B211B236DBDD0066BA0EDBA04E6BC5A97EF3227F2C7DAD7EBABF4C73 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
22:00:38.0418 0x1594  IntcDAud - ok
22:00:38.0430 0x1594  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
22:00:38.0431 0x1594  intelide - ok
22:00:38.0459 0x1594  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
22:00:38.0461 0x1594  intelppm - ok
22:00:38.0480 0x1594  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
22:00:38.0485 0x1594  IPBusEnum - ok
22:00:38.0500 0x1594  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:00:38.0503 0x1594  IpFilterDriver - ok
22:00:38.0537 0x1594  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
22:00:38.0548 0x1594  iphlpsvc - ok
22:00:38.0559 0x1594  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
22:00:38.0562 0x1594  IPMIDRV - ok
22:00:38.0582 0x1594  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
22:00:38.0586 0x1594  IPNAT - ok
22:00:38.0609 0x1594  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
22:00:38.0611 0x1594  IRENUM - ok
22:00:38.0631 0x1594  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
22:00:38.0633 0x1594  isapnp - ok
22:00:38.0646 0x1594  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
22:00:38.0651 0x1594  iScsiPrt - ok
22:00:38.0722 0x1594  IUFileFilter - ok
22:00:38.0729 0x1594  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
22:00:38.0731 0x1594  kbdclass - ok
22:00:38.0752 0x1594  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
22:00:38.0754 0x1594  kbdhid - ok
22:00:38.0766 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] KeyIso          C:\Windows\system32\lsass.exe
22:00:38.0771 0x1594  KeyIso - ok
22:00:38.0787 0x1594  [ 11A229C8E701E5C6F1C580FECAC8CB76, 0893F1E533EB2456067EFE446DA1CC94BD611C2CFD850463D897B82E9BE04711 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
22:00:38.0791 0x1594  KSecDD - ok
22:00:38.0810 0x1594  [ C717F3B5AD3531DE1FF38C3B097D495A, D2C5DA495F030DA000C4D2A923F81FD13CF946EADA26B4121A7B95E5F68263B9 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
22:00:38.0816 0x1594  KSecPkg - ok
22:00:38.0852 0x1594  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
22:00:38.0866 0x1594  KtmRm - ok
22:00:38.0915 0x1594  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
22:00:38.0928 0x1594  LanmanServer - ok
22:00:38.0958 0x1594  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:00:38.0971 0x1594  LanmanWorkstation - ok
22:00:39.0006 0x1594  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
22:00:39.0009 0x1594  lltdio - ok
22:00:39.0026 0x1594  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
22:00:39.0036 0x1594  lltdsvc - ok
22:00:39.0047 0x1594  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
22:00:39.0052 0x1594  lmhosts - ok
22:00:39.0153 0x1594  [ D7E0BED3EA21D7BDDD410ADE51708D90, 417A9A765E50ACCAE030B37F317217C9DB366BB1503A328D064A41ACDD00AFD8 ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
22:00:39.0158 0x1594  LMS - ok
22:00:39.0173 0x1594  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
22:00:39.0176 0x1594  LSI_FC - ok
22:00:39.0199 0x1594  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
22:00:39.0203 0x1594  LSI_SAS - ok
22:00:39.0214 0x1594  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:00:39.0217 0x1594  LSI_SAS2 - ok
22:00:39.0236 0x1594  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:00:39.0239 0x1594  LSI_SCSI - ok
22:00:39.0260 0x1594  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
22:00:39.0263 0x1594  luafv - ok
22:00:39.0285 0x1594  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
22:00:39.0289 0x1594  Mcx2Svc - ok
22:00:39.0353 0x1594  [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM             C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
22:00:39.0361 0x1594  MDM - ok
22:00:39.0382 0x1594  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
22:00:39.0385 0x1594  megasas - ok
22:00:39.0401 0x1594  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
22:00:39.0408 0x1594  MegaSR - ok
22:00:39.0431 0x1594  [ D86AC00883B9C98B570E7643AAF8E554, 4B4BDC01DC20F820A9D1E1B8E875B6445F9B920F0AB1E115ADD9651A368911C4 ] MEI             C:\Windows\system32\DRIVERS\HECI.sys
22:00:39.0433 0x1594  MEI - ok
22:00:39.0515 0x1594  [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe
22:00:39.0520 0x1594  Microsoft Office Groove Audit Service - ok
22:00:39.0532 0x1594  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
22:00:39.0539 0x1594  MMCSS - ok
22:00:39.0557 0x1594  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
22:00:39.0560 0x1594  Modem - ok
22:00:39.0571 0x1594  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
22:00:39.0573 0x1594  monitor - ok
22:00:39.0604 0x1594  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
22:00:39.0606 0x1594  mouclass - ok
22:00:39.0629 0x1594  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
22:00:39.0631 0x1594  mouhid - ok
22:00:39.0653 0x1594  [ 9664F55623B43FD85D5642A202976AEE, 9349DADF639BBF7478EFA2398696FEC416554865AD4DEA91BD9A5E7D9F0C3D49 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
22:00:39.0657 0x1594  mountmgr - ok
22:00:39.0683 0x1594  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
22:00:39.0689 0x1594  mpio - ok
22:00:39.0722 0x1594  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
22:00:39.0725 0x1594  mpsdrv - ok
22:00:39.0767 0x1594  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
22:00:39.0792 0x1594  MpsSvc - ok
22:00:39.0808 0x1594  [ 06AC0310138E4B2C35AF7344D18BC686, FCDB6CC851EC47F92FFF764717A44FF5D5D0E179C215B3C6E77FB9BEA4DE1908 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
22:00:39.0814 0x1594  MRxDAV - ok
22:00:39.0828 0x1594  [ 0D045D242E8E1095EDBF0832F1E2B0F4, EE872B7A032233F8A21EA89E1BDD385E6A18E51685487819CDCD2FBBC93D19CE ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
22:00:39.0833 0x1594  mrxsmb - ok
22:00:39.0852 0x1594  [ 94F798F57538CAE653A6CE7B70D28639, 098C67B6BF7CA7AF4E7F6891D7ED7CC8F7DD397975F36CA5379A69AB37C4AE01 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:00:39.0857 0x1594  mrxsmb10 - ok
22:00:39.0873 0x1594  [ A25E0AE2EFA8CEA826A25C1A8A71ECE5, 51039219CFF7050C074F4328B402FBE5237E0C0D92171B662EF358C363A4CC41 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:00:39.0876 0x1594  mrxsmb20 - ok
22:00:39.0886 0x1594  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
22:00:39.0888 0x1594  msahci - ok
22:00:39.0894 0x1594  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
22:00:39.0897 0x1594  msdsm - ok
22:00:39.0903 0x1594  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
22:00:39.0909 0x1594  MSDTC - ok
22:00:39.0935 0x1594  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
22:00:39.0936 0x1594  Msfs - ok
22:00:39.0953 0x1594  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
22:00:39.0954 0x1594  mshidkmdf - ok
22:00:39.0969 0x1594  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
22:00:39.0971 0x1594  msisadrv - ok
22:00:39.0987 0x1594  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
22:00:40.0001 0x1594  MSiSCSI - ok
22:00:40.0006 0x1594  msiserver - ok
22:00:40.0062 0x1594  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
22:00:40.0064 0x1594  MSKSSRV - ok
22:00:40.0088 0x1594  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
22:00:40.0090 0x1594  MSPCLOCK - ok
22:00:40.0100 0x1594  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
22:00:40.0101 0x1594  MSPQM - ok
22:00:40.0127 0x1594  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
22:00:40.0133 0x1594  MsRPC - ok
22:00:40.0165 0x1594  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
22:00:40.0166 0x1594  mssmbios - ok
22:00:40.0191 0x1594  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
22:00:40.0200 0x1594  MSTEE - ok
22:00:40.0238 0x1594  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
22:00:40.0240 0x1594  MTConfig - ok
22:00:40.0252 0x1594  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
22:00:40.0254 0x1594  Mup - ok
22:00:40.0282 0x1594  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
22:00:40.0292 0x1594  napagent - ok
22:00:40.0320 0x1594  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
22:00:40.0326 0x1594  NativeWifiP - ok
22:00:40.0374 0x1594  [ 9804FB2E46077F2977552347DFCA7E05, A34B703462C6998AB2B3EA6389F4B89616CDC257D44C400C92663E6FB4A8F196 ] NDIS            C:\Windows\system32\drivers\ndis.sys
22:00:40.0388 0x1594  NDIS - ok
22:00:40.0414 0x1594  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
22:00:40.0417 0x1594  NdisCap - ok
22:00:40.0439 0x1594  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
22:00:40.0440 0x1594  NdisTapi - ok
22:00:40.0472 0x1594  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
22:00:40.0475 0x1594  Ndisuio - ok
22:00:40.0496 0x1594  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
22:00:40.0499 0x1594  NdisWan - ok
22:00:40.0525 0x1594  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
22:00:40.0528 0x1594  NDProxy - ok
22:00:40.0545 0x1594  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
22:00:40.0547 0x1594  NetBIOS - ok
22:00:40.0564 0x1594  [ 2E226E666C6E11DC8C850071A90BE2DC, 5BE2ADBBEA0E5C20031FADB85461D6F68788095B6553B4EBC7A031D7EE1995AD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
22:00:40.0569 0x1594  NetBT - ok
22:00:40.0582 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] Netlogon        C:\Windows\system32\lsass.exe
22:00:40.0585 0x1594  Netlogon - ok
22:00:40.0614 0x1594  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
22:00:40.0623 0x1594  Netman - ok
22:00:40.0678 0x1594  [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:00:40.0714 0x1594  NetMsmqActivator - ok
22:00:40.0731 0x1594  [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:00:40.0736 0x1594  NetPipeActivator - ok
22:00:40.0788 0x1594  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
22:00:40.0811 0x1594  netprofm - ok
22:00:40.0901 0x1594  [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:00:40.0907 0x1594  NetTcpActivator - ok
22:00:40.0915 0x1594  [ DE38E1601A85FB72FCE2EFAC49ED3927, C3359D9867481DE42A64B8861921CD2A36925242D7D0B16F61D3F1B6D115E798 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:00:40.0919 0x1594  NetTcpPortSharing - ok
22:00:40.0962 0x1594  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
22:00:40.0964 0x1594  nfrd960 - ok
22:00:40.0977 0x1594  [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc          C:\Windows\System32\nlasvc.dll
22:00:40.0985 0x1594  NlaSvc - ok
22:00:41.0037 0x1594  [ 6623E51595C0076755C29C00846C4EB2, EB661942E3C552DD33B197A9A0BF6AB56CE5CB92BAC183A02B918F0CD3D80F97 ] NPF             C:\Windows\system32\drivers\npf.sys
22:00:41.0040 0x1594  NPF - ok
22:00:41.0058 0x1594  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
22:00:41.0061 0x1594  Npfs - ok
22:00:41.0077 0x1594  [ 6937652377C07F86EF195F1BF5423143, 02F109ABC3543296E70541367A7A6103F38704DAF9A5CDBA2D798EF5592CF663 ] nsi             C:\Windows\system32\nsisvc.dll
22:00:41.0085 0x1594  nsi - ok
22:00:41.0112 0x1594  [ C68AA651F93450ECA51A60D45A8E266C, 0AF79071CE5007F968D4028158200312F0C6B6A2114CF0990A638DBFE897E009 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
22:00:41.0113 0x1594  nsiproxy - ok
22:00:41.0152 0x1594  [ 28B64D3792D4F692E45ECB0C3F98C19B, 5EBB28001E2A9523B8A8846E6E029C8A95A1AF63A4813AAABF39EBD80977E85A ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
22:00:41.0183 0x1594  Ntfs - ok
22:00:41.0205 0x1594  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
22:00:41.0206 0x1594  Null - ok
22:00:41.0225 0x1594  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
22:00:41.0229 0x1594  nvraid - ok
22:00:41.0240 0x1594  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
22:00:41.0244 0x1594  nvstor - ok
22:00:41.0278 0x1594  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
22:00:41.0281 0x1594  nv_agp - ok
22:00:41.0326 0x1594  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
22:00:41.0336 0x1594  odserv - ok
22:00:41.0355 0x1594  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
22:00:41.0358 0x1594  ohci1394 - ok
22:00:41.0425 0x1594  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:00:41.0431 0x1594  ose - ok
22:00:41.0467 0x1594  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
22:00:41.0476 0x1594  p2pimsvc - ok
22:00:41.0496 0x1594  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
22:00:41.0506 0x1594  p2psvc - ok
22:00:41.0528 0x1594  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
22:00:41.0530 0x1594  Parport - ok
22:00:41.0550 0x1594  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
22:00:41.0553 0x1594  partmgr - ok
22:00:41.0571 0x1594  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
22:00:41.0572 0x1594  Parvdm - ok
22:00:41.0591 0x1594  [ 84752B402BF64CCDDF11816FEDF12DB4, 184DDFCEEE8C5B492415270FC640B8D584B3D79E7BADCE4DE7CDD74CC8C60130 ] PcaSvc          C:\Windows\System32\pcasvc.dll
22:00:41.0600 0x1594  PcaSvc - ok
22:00:41.0617 0x1594  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
22:00:41.0621 0x1594  pci - ok
22:00:41.0653 0x1594  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
22:00:41.0655 0x1594  pciide - ok
22:00:41.0676 0x1594  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
22:00:41.0681 0x1594  pcmcia - ok
22:00:41.0697 0x1594  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
22:00:41.0708 0x1594  pcw - ok
22:00:41.0730 0x1594  [ 0C941A3F148B4228867908F98F394461, 6D5F575F2E796C5EA8F9F3F96F9ACD935E274210A105C9365102B448E9AE2031 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
22:00:41.0743 0x1594  PEAUTH - ok
22:00:41.0794 0x1594  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
22:00:41.0820 0x1594  PeerDistSvc - ok
22:00:41.0882 0x1594  [ 09B61B4894B05723BACE59F46EF892D4, 1BEA7E4A38935C2F1DF4AF503704E4B3A19B0E5658D83F5C36013DF0D6F3BC6D ] pla             C:\Windows\system32\pla.dll
22:00:41.0924 0x1594  pla - ok
22:00:42.0109 0x1594  [ 9A2D204C8BFEAF49CD21B7E855834F6F, D0D3CC3D9F1BC83925F184BA8F226E1A4CDE73B2B99518A4A8C42C7D289CED87 ] PlexUpdateService C:\Program Files\Plex\Plex Media Server\Plex Update Service.exe
22:00:42.0141 0x1594  PlexUpdateService - ok
22:00:42.0189 0x1594  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
22:00:42.0199 0x1594  PlugPlay - ok
22:00:42.0212 0x1594  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
22:00:42.0217 0x1594  PNRPAutoReg - ok
22:00:42.0225 0x1594  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
22:00:42.0232 0x1594  PNRPsvc - ok
22:00:42.0277 0x1594  [ A2FEA7E16D8D056D2FF1EE93F9C73FB1, 6BC8C1B37274B50573F3DAC043DBD9B29B93F527290392842CD94910014D0C74 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
22:00:42.0292 0x1594  PolicyAgent - ok
22:00:42.0339 0x1594  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
22:00:42.0350 0x1594  Power - ok
22:00:42.0377 0x1594  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
22:00:42.0379 0x1594  PptpMiniport - ok
22:00:42.0402 0x1594  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
22:00:42.0404 0x1594  Processor - ok
22:00:42.0432 0x1594  [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc         C:\Windows\system32\profsvc.dll
22:00:42.0439 0x1594  ProfSvc - ok
22:00:42.0449 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] ProtectedStorage C:\Windows\system32\lsass.exe
22:00:42.0452 0x1594  ProtectedStorage - ok
22:00:42.0482 0x1594  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
22:00:42.0485 0x1594  Psched - ok
22:00:42.0510 0x1594  [ 153D02480A0A2F45785522E814C634B6, 02B7590F2F4A8FA0B031CDA7A28BD55E7C04A080C1EA810BF3AC3212A62153A6 ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
22:00:42.0512 0x1594  PxHelp20 - ok
22:00:42.0592 0x1594  [ 73FC483624E2C930A8FC8A0EE8B7304A, D56C5A7568FEF79F2ED9AF6005D1639BDABD5BBFBA467E49C817940B27C8585F ] qcusbnet        C:\Windows\system32\DRIVERS\qcusbnet.sys
22:00:42.0601 0x1594  qcusbnet - ok
22:00:42.0655 0x1594  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
22:00:42.0693 0x1594  ql2300 - ok
22:00:42.0706 0x1594  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
22:00:42.0709 0x1594  ql40xx - ok
22:00:42.0732 0x1594  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
22:00:42.0739 0x1594  QWAVE - ok
22:00:42.0752 0x1594  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
22:00:42.0754 0x1594  QWAVEdrv - ok
22:00:42.0770 0x1594  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
22:00:42.0772 0x1594  RasAcd - ok
22:00:42.0793 0x1594  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
22:00:42.0795 0x1594  RasAgileVpn - ok
22:00:42.0818 0x1594  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
22:00:42.0823 0x1594  RasAuto - ok
22:00:42.0850 0x1594  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
22:00:42.0853 0x1594  Rasl2tp - ok
22:00:42.0892 0x1594  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
22:00:42.0908 0x1594  RasMan - ok
22:00:42.0929 0x1594  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
22:00:42.0932 0x1594  RasPppoe - ok
22:00:42.0962 0x1594  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
22:00:42.0965 0x1594  RasSstp - ok
22:00:42.0982 0x1594  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
22:00:42.0988 0x1594  rdbss - ok
22:00:43.0006 0x1594  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
22:00:43.0008 0x1594  rdpbus - ok
22:00:43.0026 0x1594  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
22:00:43.0028 0x1594  RDPCDD - ok
22:00:43.0041 0x1594  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
22:00:43.0044 0x1594  RDPDR - ok
22:00:43.0063 0x1594  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
22:00:43.0065 0x1594  RDPENCDD - ok
22:00:43.0074 0x1594  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
22:00:43.0075 0x1594  RDPREFMP - ok
22:00:43.0107 0x1594  [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
22:00:43.0112 0x1594  RDPWD - ok
22:00:43.0132 0x1594  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
22:00:43.0137 0x1594  rdyboost - ok
22:00:43.0157 0x1594  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
22:00:43.0162 0x1594  RemoteAccess - ok
22:00:43.0179 0x1594  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
22:00:43.0187 0x1594  RemoteRegistry - ok
22:00:43.0205 0x1594  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
22:00:43.0210 0x1594  RpcEptMapper - ok
22:00:43.0221 0x1594  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
22:00:43.0225 0x1594  RpcLocator - ok
22:00:43.0243 0x1594  [ 0395B42B3885269C039C6705D5A49BE3, A87697AFC9D4478DCD0A0053DBE378F3F84961BCF1A911DBB4161EEB350CB064 ] RpcSs           C:\Windows\system32\rpcss.dll
22:00:43.0252 0x1594  RpcSs - ok
22:00:43.0287 0x1594  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
22:00:43.0291 0x1594  rspndr - ok
22:00:43.0346 0x1594  [ AE73880E4D74693C3B90530EA4458410, 3775375F4EA21DCE964B718C3EAE8B0F734581114588CE14766442D81BBCBD46 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
22:00:43.0367 0x1594  RTL8167 - ok
22:00:43.0391 0x1594  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
22:00:43.0393 0x1594  s3cap - ok
22:00:43.0407 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] SamSs           C:\Windows\system32\lsass.exe
22:00:43.0410 0x1594  SamSs - ok
22:00:43.0441 0x1594  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
22:00:43.0444 0x1594  sbp2port - ok
22:00:43.0467 0x1594  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
22:00:43.0473 0x1594  SCardSvr - ok
22:00:43.0488 0x1594  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
22:00:43.0490 0x1594  scfilter - ok
22:00:43.0559 0x1594  [ 9060B8D5BCD5F2B019249F85E3D811F3, 7FB32AB7FE118462988321B9230074DAA960B587417EB463187539C3215445AE ] Schedule        C:\Windows\system32\schedsvc.dll
22:00:43.0584 0x1594  Schedule - ok
22:00:43.0605 0x1594  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
22:00:43.0606 0x1594  SCPolicySvc - ok
22:00:43.0630 0x1594  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
22:00:43.0636 0x1594  SDRSVC - ok
22:00:43.0665 0x1594  [ 38CBFFED5FC39CDFE6B4014401ED2629, 7BA730E2EDB8387190E45DA2F475BFE42AB3B12319DE088BD8E9F59227EDA4DD ] seclogon        C:\Windows\system32\seclogon.dll
22:00:43.0670 0x1594  seclogon - ok
22:00:43.0685 0x1594  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
22:00:43.0690 0x1594  SENS - ok
22:00:43.0714 0x1594  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
22:00:43.0719 0x1594  SensrSvc - ok
22:00:43.0742 0x1594  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
22:00:43.0743 0x1594  Serenum - ok
22:00:43.0768 0x1594  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
22:00:43.0771 0x1594  Serial - ok
22:00:43.0785 0x1594  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
22:00:43.0787 0x1594  sermouse - ok
22:00:43.0816 0x1594  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
22:00:43.0822 0x1594  SessionEnv - ok
22:00:43.0851 0x1594  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
22:00:43.0853 0x1594  sffdisk - ok
22:00:43.0858 0x1594  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
22:00:43.0859 0x1594  sffp_mmc - ok
22:00:43.0871 0x1594  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
22:00:43.0872 0x1594  sffp_sd - ok
22:00:43.0889 0x1594  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
22:00:43.0891 0x1594  sfloppy - ok
22:00:43.0922 0x1594  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
22:00:43.0936 0x1594  SharedAccess - ok
22:00:43.0966 0x1594  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:00:43.0976 0x1594  ShellHWDetection - ok
22:00:43.0987 0x1594  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
22:00:43.0990 0x1594  sisagp - ok
22:00:44.0009 0x1594  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:00:44.0011 0x1594  SiSRaid2 - ok
22:00:44.0022 0x1594  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
22:00:44.0026 0x1594  SiSRaid4 - ok
22:00:44.0045 0x1594  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
22:00:44.0048 0x1594  Smb - ok
22:00:44.0070 0x1594  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
22:00:44.0074 0x1594  SNMPTRAP - ok
22:00:44.0082 0x1594  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
22:00:44.0083 0x1594  spldr - ok
22:00:44.0109 0x1594  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
22:00:44.0117 0x1594  Spooler - ok
22:00:44.0231 0x1594  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
22:00:44.0282 0x1594  sppsvc - ok
22:00:44.0400 0x1594  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
22:00:44.0415 0x1594  sppuinotify - ok
22:00:44.0503 0x1594  [ D15DA1BA189770D93EEA2D7E18F95AF9, 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E ] sptd            C:\Windows\system32\Drivers\sptd.sys
22:00:44.0504 0x1594  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\sptd.sys. md5: D15DA1BA189770D93EEA2D7E18F95AF9, sha256: 9B0BB676CF0CD1AACE915A624F13939CB152F136E13F58E6156984BD92F6BA2E
22:00:44.0518 0x1594  sptd - detected LockedFile.Multi.Generic ( 1 )
22:00:44.0936 0x1594  Detect skipped due to KSN trusted
22:00:44.0936 0x1594  sptd - ok
22:00:44.0961 0x1594  [ 7621B3601A2869DFB136F1CC4E0B03DB, E58DE5C59DDABBBE8A32DD951C5606E69FE8D676F6D0F07374164E9B769FB369 ] srv             C:\Windows\system32\DRIVERS\srv.sys
22:00:44.0973 0x1594  srv - ok
22:00:44.0999 0x1594  [ 7E62B0B91BE74F5A7A93BC2C07769AFB, F4649B8BF053C687ECE95C46034BB53D7B183DB1C39D17BBD146DE5F040F0932 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
22:00:45.0006 0x1594  srv2 - ok
22:00:45.0021 0x1594  [ C0CD2A68ADB4811802A2D19803E5540F, 9851221D301DC9C200E0AA12A054C04ADA45AB0D21CD2A204B8580B2CFEB04A5 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
22:00:45.0025 0x1594  srvnet - ok
22:00:45.0047 0x1594  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
22:00:45.0053 0x1594  SSDPSRV - ok
22:00:45.0082 0x1594  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
22:00:45.0087 0x1594  SstpSvc - ok
22:00:45.0115 0x1594  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
22:00:45.0117 0x1594  stexstor - ok
22:00:45.0138 0x1594  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
22:00:45.0152 0x1594  StiSvc - ok
22:00:45.0162 0x1594  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
22:00:45.0165 0x1594  storflt - ok
22:00:45.0185 0x1594  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
22:00:45.0191 0x1594  StorSvc - ok
22:00:45.0211 0x1594  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
22:00:45.0213 0x1594  storvsc - ok
22:00:45.0224 0x1594  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
22:00:45.0225 0x1594  swenum - ok
22:00:45.0256 0x1594  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
22:00:45.0266 0x1594  swprv - ok
22:00:45.0316 0x1594  [ 4EE25AC85AFC3FD67D9F57ECDF566FF2, F1BFF1FB655F31B97FA9C6A49D433EFD33D8A35F6B28B4D83E45C27A05A86228 ] SysMain         C:\Windows\system32\sysmain.dll
22:00:45.0350 0x1594  SysMain - ok
22:00:45.0368 0x1594  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
22:00:45.0374 0x1594  TabletInputService - ok
22:00:45.0385 0x1594  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
22:00:45.0393 0x1594  TapiSrv - ok
22:00:45.0415 0x1594  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
22:00:45.0419 0x1594  TBS - ok
22:00:45.0475 0x1594  [ C25848DB4A86839A7EDD1077F62AD980, C0C6AADA83BD21DF1243B2BEBA83AC295F49B5C02B2639EF473BBDD3A31AF4C5 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
22:00:45.0502 0x1594  Tcpip - ok
22:00:45.0548 0x1594  [ C25848DB4A86839A7EDD1077F62AD980, C0C6AADA83BD21DF1243B2BEBA83AC295F49B5C02B2639EF473BBDD3A31AF4C5 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
22:00:45.0568 0x1594  TCPIP6 - ok
22:00:45.0592 0x1594  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
22:00:45.0597 0x1594  tcpipreg - ok
22:00:45.0625 0x1594  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
22:00:45.0627 0x1594  TDPIPE - ok
22:00:45.0638 0x1594  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
22:00:45.0639 0x1594  TDTCP - ok
22:00:45.0654 0x1594  [ 8F143F86FDD8CF4F7BD25973C5983F9D, D3ECB70C5ACAFB6C07CB2104FBEA3FA965299F1BE84D33334DB0FAAA88F738A5 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
22:00:45.0657 0x1594  tdx - ok
22:00:45.0667 0x1594  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
22:00:45.0669 0x1594  TermDD - ok
22:00:45.0702 0x1594  [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService     C:\Windows\System32\termsrv.dll
22:00:45.0716 0x1594  TermService - ok
22:00:45.0741 0x1594  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
22:00:45.0746 0x1594  Themes - ok
22:00:45.0751 0x1594  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
22:00:45.0754 0x1594  THREADORDER - ok
22:00:45.0824 0x1594  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
22:00:45.0831 0x1594  TrkWks - ok
22:00:45.0876 0x1594  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:00:45.0881 0x1594  TrustedInstaller - ok
22:00:45.0901 0x1594  [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
22:00:45.0903 0x1594  tssecsrv - ok
22:00:45.0940 0x1594  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
22:00:45.0943 0x1594  TsUsbFlt - ok
22:00:45.0963 0x1594  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
22:00:45.0966 0x1594  tunnel - ok
22:00:45.0976 0x1594  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
22:00:45.0979 0x1594  uagp35 - ok
22:00:45.0996 0x1594  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
22:00:46.0001 0x1594  udfs - ok
22:00:46.0054 0x1594  [ 23E4A8D27011356894F49B357D161EF0, C8DECFA6EB5CD3AB044D3A103071D9A27960596E6AD5343BC8D622FDDE811F85 ] UefGdstor       C:\Windows\system32\drivers\UefGdstor.sys
22:00:46.0061 0x1594  UefGdstor - ok
22:00:46.0087 0x1594  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
22:00:46.0093 0x1594  UI0Detect - ok
22:00:46.0115 0x1594  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
22:00:46.0118 0x1594  uliagpkx - ok
22:00:46.0137 0x1594  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
22:00:46.0140 0x1594  umbus - ok
22:00:46.0153 0x1594  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
22:00:46.0155 0x1594  UmPass - ok
22:00:46.0171 0x1594  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
22:00:46.0179 0x1594  UmRdpService - ok
22:00:46.0296 0x1594  [ A678E5DDD974903DD71F503BDCACA218, E8ECF79B78CF777066FF31847959A70773665ED2DAAF942B8A1C54BA56F330BA ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
22:00:46.0336 0x1594  UNS - ok
22:00:46.0364 0x1594  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
22:00:46.0373 0x1594  upnphost - ok
22:00:46.0398 0x1594  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
22:00:46.0401 0x1594  usbccgp - ok
22:00:46.0422 0x1594  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
22:00:46.0425 0x1594  usbcir - ok
22:00:46.0460 0x1594  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
22:00:46.0461 0x1594  usbehci - ok
22:00:46.0521 0x1594  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
22:00:46.0531 0x1594  usbhub - ok
22:00:46.0544 0x1594  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
22:00:46.0548 0x1594  usbohci - ok
22:00:46.0564 0x1594  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
22:00:46.0571 0x1594  usbprint - ok
22:00:46.0587 0x1594  [ 144DA53294922A84FFAA3D90B1453745, A8DC6B534E4526E2226CF6C9D53A4B6B251D2F23728E41737063D24024C5266F ] USBSTOR         C:\Windows\system32\drivers\USBSTOR.SYS
22:00:46.0594 0x1594  USBSTOR - ok
22:00:46.0611 0x1594  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
22:00:46.0613 0x1594  usbuhci - ok
22:00:46.0629 0x1594  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
22:00:46.0634 0x1594  UxSms - ok
22:00:46.0650 0x1594  [ E437A8690D4866F3420A2E640A0763CE, 6BD015CC4CAFE4D43D86C6AE989524180AB4FFA9002E2206BAE931DDE73DB2BB ] VaultSvc        C:\Windows\system32\lsass.exe
22:00:46.0653 0x1594  VaultSvc - ok
22:00:46.0671 0x1594  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
22:00:46.0673 0x1594  vdrvroot - ok
22:00:46.0703 0x1594  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
22:00:46.0715 0x1594  vds - ok
22:00:46.0726 0x1594  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
22:00:46.0727 0x1594  vga - ok
22:00:46.0738 0x1594  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
22:00:46.0739 0x1594  VgaSave - ok
22:00:46.0757 0x1594  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
22:00:46.0761 0x1594  vhdmp - ok
22:00:46.0776 0x1594  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
22:00:46.0779 0x1594  viaagp - ok
22:00:46.0790 0x1594  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
22:00:46.0793 0x1594  ViaC7 - ok
22:00:46.0803 0x1594  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
22:00:46.0805 0x1594  viaide - ok
22:00:46.0836 0x1594  [ AD2752856EC51F2AEE9798CBCD729FB3, 587EE0B295CE1E86B8682929011CBBBAA342A72FE6F400535674F00AB3FF4D1E ] via_cdc_acm     C:\Windows\system32\DRIVERS\MBlaze_USB_SER.sys
22:00:46.0838 0x1594  via_cdc_acm - ok
22:00:46.0874 0x1594  [ 9C8E42B168BE96A6C0DEA64229C627AD, 893F92FD7538C05511E4C0B144D31741B639616387978806FA85D382C8EA8EDC ] VIA_USB_BusEnum C:\Windows\system32\DRIVERS\MBlaze_USB_BusEnum.sys
22:00:46.0877 0x1594  VIA_USB_BusEnum - ok
22:00:46.0904 0x1594  [ BAAD74630EE5915B93802F0AE8316471, 51B95BDF933681BBF99D3853B258208715F6F1CC90915812F89DB2E524148672 ] VIA_USB_ETS     C:\Windows\system32\DRIVERS\MBlaze_USB_ETS.sys
22:00:46.0906 0x1594  VIA_USB_ETS - ok
22:00:46.0929 0x1594  [ A8F470BC48305EFEB23D8FC72F773EA6, 4A5CD9DEEDC9D3B882425606E66FC40E0729DD282D5E81865B5509B8880BFAE9 ] VIA_USB_WinMux  C:\Windows\system32\DRIVERS\MBlaze_USB_WinMux.sys
22:00:46.0931 0x1594  VIA_USB_WinMux - ok
22:00:46.0948 0x1594  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
22:00:46.0953 0x1594  vmbus - ok
22:00:46.0961 0x1594  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
22:00:46.0963 0x1594  VMBusHID - ok
22:00:46.0979 0x1594  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
22:00:47.0020 0x1594  volmgr - ok
22:00:47.0066 0x1594  [ 21D83DD717E8D681364A5E44A5459717, 2D938D07132A2D37FB164CA322A93951729D6AF65BA8BAF8493D02B203F13243 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
22:00:47.0076 0x1594  volmgrx - ok
22:00:47.0098 0x1594  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
22:00:47.0104 0x1594  volsnap - ok
22:00:47.0115 0x1594  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
22:00:47.0119 0x1594  vsmraid - ok
22:00:47.0160 0x1594  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
22:00:47.0184 0x1594  VSS - ok
22:00:47.0197 0x1594  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
22:00:47.0203 0x1594  vwifibus - ok
22:00:47.0235 0x1594  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
22:00:47.0244 0x1594  W32Time - ok
22:00:47.0258 0x1594  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
22:00:47.0260 0x1594  WacomPen - ok
22:00:47.0292 0x1594  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
22:00:47.0294 0x1594  WANARP - ok
22:00:47.0299 0x1594  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
22:00:47.0301 0x1594  Wanarpv6 - ok
22:00:47.0370 0x1594  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
22:00:47.0404 0x1594  WatAdminSvc - ok
22:00:47.0446 0x1594  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
22:00:47.0480 0x1594  wbengine - ok
22:00:47.0500 0x1594  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
22:00:47.0507 0x1594  WbioSrvc - ok
22:00:47.0526 0x1594  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
22:00:47.0536 0x1594  wcncsvc - ok
22:00:47.0550 0x1594  [ D9DF5C53DFE502D88A726DD6EFB3CCC3, 2804FA28CEF1A15C1E1BAAB440F7546A497C3B894313521750380F789678BC0C ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:00:47.0556 0x1594  WcsPlugInService - ok
22:00:47.0574 0x1594  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
22:00:47.0582 0x1594  Wd - ok
22:00:47.0630 0x1594  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
22:00:47.0641 0x1594  Wdf01000 - ok
22:00:47.0657 0x1594  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
22:00:47.0663 0x1594  WdiServiceHost - ok
22:00:47.0668 0x1594  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
22:00:47.0673 0x1594  WdiSystemHost - ok
22:00:47.0741 0x1594  [ DC54D7A40B6E18E5C7F592F836D163FF, 436AF3B94EAE6CBD2516A63235AE1D6EC4F1FCAA0F974A9672BB5AB2A846BB2C ] WebClient       C:\Windows\System32\webclnt.dll
22:00:47.0757 0x1594  WebClient - ok
22:00:47.0780 0x1594  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
22:00:47.0796 0x1594  Wecsvc - ok
22:00:47.0821 0x1594  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
22:00:47.0829 0x1594  wercplsupport - ok
22:00:47.0848 0x1594  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
22:00:47.0855 0x1594  WerSvc - ok
22:00:47.0876 0x1594  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
22:00:47.0878 0x1594  WfpLwf - ok
22:00:47.0887 0x1594  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
22:00:47.0889 0x1594  WIMMount - ok
22:00:47.0936 0x1594  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
22:00:47.0950 0x1594  WinDefend - ok
22:00:48.0006 0x1594  [ CE291805CB4CD561A5A569DF4E28E41F, 68DF0124255F1F94E820099E15D10FA39DDCF6CD8BFA70F5D86C49DF136325DF ] windrvNT        C:\Windows\system32\windrvNT.sys
22:00:48.0010 0x1594  windrvNT - ok
22:00:48.0012 0x1594  WinHttpAutoProxySvc - ok
22:00:48.0048 0x1594  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
22:00:48.0053 0x1594  Winmgmt - ok
22:00:48.0090 0x1594  [ 8949A93520F7008C3B7AD320A0EEA267, F77C6BF73B300347FEB3D02C7A1F98807546D95E10E499D385B7F00D1366CC59 ] WinRM           C:\Windows\system32\WsmSvc.dll
22:00:48.0123 0x1594  WinRM - ok
22:00:48.0199 0x1594  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
22:00:48.0203 0x1594  WinUsb - ok
22:00:48.0252 0x1594  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
22:00:48.0275 0x1594  Wlansvc - ok
22:00:48.0292 0x1594  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
22:00:48.0294 0x1594  WmiAcpi - ok
22:00:48.0317 0x1594  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
22:00:48.0321 0x1594  wmiApSrv - ok
22:00:48.0376 0x1594  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:00:48.0393 0x1594  WMPNetworkSvc - ok
22:00:48.0411 0x1594  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
22:00:48.0416 0x1594  WPCSvc - ok
22:00:48.0445 0x1594  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
22:00:48.0451 0x1594  WPDBusEnum - ok
22:00:48.0463 0x1594  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
22:00:48.0465 0x1594  ws2ifsl - ok
22:00:48.0489 0x1594  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
22:00:48.0495 0x1594  wscsvc - ok
22:00:48.0498 0x1594  WSearch - ok
22:00:48.0577 0x1594  [ 8E6E93DFE1C8C1732E4B2C843CE4ABA5, 354C2BC424D92AE09EADBCAD92299C392C57AFB543EAC1B0F7675A907E9BCEE5 ] wuauserv        C:\Windows\system32\wuaueng.dll
22:00:48.0629 0x1594  wuauserv - ok
22:00:48.0647 0x1594  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
22:00:48.0649 0x1594  WudfPf - ok
22:00:48.0684 0x1594  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
22:00:48.0692 0x1594  WUDFRd - ok
22:00:48.0709 0x1594  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
22:00:48.0717 0x1594  wudfsvc - ok
22:00:48.0739 0x1594  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
22:00:48.0747 0x1594  WwanSvc - ok
22:00:48.0757 0x1594  ztemtusbser - ok
22:00:48.0776 0x1594  ================ Scan global ===============================
22:00:48.0803 0x1594  [ 5E7C5DE85AF978495C3A9A0B720B9811, 142CDEBED78E3BAEE8D2DBF6A97CE26313932024010548EC2E570CAE480AF7C3 ] C:\Windows\system32\basesrv.dll
22:00:48.0824 0x1594  [ 00B034B1F3A4201F01079E8645FD9A84, 1923F55D09052D1A5D4CD56E11E768EF78F951F669B7F93EFB648E14346F5387 ] C:\Windows\system32\winsrv.dll
22:00:48.0837 0x1594  [ 00B034B1F3A4201F01079E8645FD9A84, 1923F55D09052D1A5D4CD56E11E768EF78F951F669B7F93EFB648E14346F5387 ] C:\Windows\system32\winsrv.dll
22:00:48.0858 0x1594  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
22:00:48.0884 0x1594  [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
22:00:48.0892 0x1594  [ Global ] - ok
22:00:48.0893 0x1594  ================ Scan MBR ==================================
22:00:48.0907 0x1594  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:00:49.0202 0x1594  \Device\Harddisk0\DR0 - ok
22:00:49.0204 0x1594  ================ Scan VBR ==================================
22:00:49.0223 0x1594  [ 78A7BA58B91D9DB6C356A6DF9B07780F ] \Device\Harddisk0\DR0\Partition1
22:00:49.0225 0x1594  \Device\Harddisk0\DR0\Partition1 - ok
22:00:49.0227 0x1594  [ 09418CFF20D97AC5C9B27B1998C4A774 ] \Device\Harddisk0\DR0\Partition2
22:00:49.0228 0x1594  \Device\Harddisk0\DR0\Partition2 - ok
22:00:49.0230 0x1594  [ 7413EA6838F242589EAD814BD060D365 ] \Device\Harddisk0\DR0\Partition3
22:00:49.0232 0x1594  \Device\Harddisk0\DR0\Partition3 - ok
22:00:49.0251 0x1594  [ 242D0CBD7C23331EC0D26DBEF26262F1 ] \Device\Harddisk0\DR0\Partition4
22:00:49.0271 0x1594  \Device\Harddisk0\DR0\Partition4 - ok
22:00:49.0290 0x1594  [ 43FFD863C38968E007D4459AF3BD59ED ] \Device\Harddisk0\DR0\Partition5
22:00:49.0314 0x1594  \Device\Harddisk0\DR0\Partition5 - ok
22:00:49.0315 0x1594  ================ Scan generic autorun ======================
22:00:49.0972 0x1594  [ B49DCEEAFE6279105A03A0E35B4320FD, 29CED4FDD4B8B30B37BAC558DB707378C94711CF7251CC3FCC5F3FA1BF12A91F ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
22:00:50.0192 0x1594  RtHDVCpl - ok
22:00:50.0269 0x1594  [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
22:00:50.0271 0x1594  GrooveMonitor - ok
22:00:50.0502 0x1594  [ F2FF574F6F2211D9AAAE5E82A3AD553F, 392CDC901BE6CC617E9F5C720EB0C3244F3082D63AC6CAE8BEDB029BC7069D69 ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
22:00:50.0519 0x1594  Adobe ARM - ok
22:00:50.0555 0x1594  [ 4E380BDA62A242D81D641B2926585723, 25EDC78A8B9C50BEA5A9790B408C6FC8569DEADA91C78B38C201EC7C531AD301 ] D:\program files\AvLaunch.exe
22:00:50.0559 0x1594  AvastUI.exe - ok
22:00:50.0579 0x1594  [ 5ABD4A5397091DD4B85D80B2FC8AB759, C9A4E795C0214BB17C18B34C9323EE7D237BD759ABAFEE8792DACAC9BDC33675 ] C:\Windows\system32\igfxtray.exe
22:00:50.0583 0x1594  IgfxTray - ok
22:00:50.0595 0x1594  [ 5FA22B1D96C24A90CB8A912F1B7E728E, D4905450164F6BA2E67A08562DECFD03D56E3C7F56A9D33D0C1DF087342D2395 ] C:\Windows\system32\hkcmd.exe
22:00:50.0600 0x1594  HotKeysCmds - ok
22:00:50.0612 0x1594  [ 453345E0B1BECA4230799CC553B43DFD, 972BF1AD8F17A1A2DFAF73767A468B955B0399CAA574537174BC5B28A9C7EC3F ] C:\Windows\system32\igfxpers.exe
22:00:50.0617 0x1594  Persistence - ok
22:00:50.0672 0x1594  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:00:50.0697 0x1594  Sidebar - ok
22:00:50.0715 0x1594  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:00:50.0720 0x1594  mctadmin - ok
22:00:50.0797 0x1594  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files\Windows Sidebar\Sidebar.exe
22:00:50.0820 0x1594  Sidebar - ok
22:00:50.0825 0x1594  [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
22:00:50.0829 0x1594  mctadmin - ok
22:00:51.0229 0x1594  [ 191D22BE7CC10968518B267CDE070469, 45F90E174F2A2B6D5C1C930213D75A06F01E6A0D5B1AA770FCF2563311B13852 ] C:\Program Files\Plex\Plex Media Server\Plex Media Server.exe
22:00:51.0460 0x1594  Plex Media Server - ok
22:00:51.0630 0x1594  [ 6D1B005154E535C634D0963DF996C2A5, A0D799820D21C56E380622B214D1165008179692AE0FE8BE29AC9080A4AD23BB ] C:\Program Files\Internet Download Manager\IDMan.exe
22:00:51.0686 0x1594  IDMan - ok
22:00:51.0689 0x1594  Software Informer - ok
22:00:51.0770 0x1594  Guardius - ok
22:00:51.0931 0x1594  [ 6D1B005154E535C634D0963DF996C2A5, A0D799820D21C56E380622B214D1165008179692AE0FE8BE29AC9080A4AD23BB ] C:\Program Files\Internet Download Manager\IDMan.exe
22:00:51.0986 0x1594  IDMan - ok
22:00:51.0989 0x1594  FTDownloader - ok
22:00:52.0081 0x1594  [ 1542D48BEF0C07513453CDEF1577BB79, 17E1FD9A66EE3A8A5B8EDC9C4CAD58EBE6CB548A6221D2838A6980A2853F13C2 ] C:\Program Files\DAEMON Tools Lite\daemon.exe
22:00:52.0106 0x1594  DAEMON Tools Lite - ok
22:00:52.0107 0x1594  Messenger (Yahoo!) - ok
22:00:52.0108 0x1594  Waiting for KSN requests completion. In queue: 101
22:00:53.0130 0x1594  AV detected via SS2: Avast Antivirus, D:\program files\wsc_proxy.exe ( 17.6.3625.0 ), 0x41000 ( enabled : updated )
22:00:53.0136 0x1594  Win FW state via NFP2: enabled ( trusted )
22:00:53.0654 0x1594  ============================================================
22:00:53.0654 0x1594  Scan finished
22:00:53.0654 0x1594  ============================================================
22:00:53.0662 0x1540  Detected object count: 0
22:00:53.0662 0x1540  Actual detected object count: 0
 
ADW clwaner report :
 
# AdwCleaner 7.0.2.1 - Logfile created on Mon Sep 25 16:26:39 2017
# Updated on 2017/29/08 by Malwarebytes 
# Running on Windows 7 Professional (X86)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
No malicious folders deleted.
 
***** [ Files ] *****
 
Deleted: C:\Windows\System32\drivers\UefGdstor.sys
 
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{0C95ABFE-4FB6-49DB-B22F-0E1F5FC4BEEC}
Deleted: [Key] - HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEEFACB3-729F-4484-B66D-E7A7917BBFC1}
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[C0].txt - [15820 B] - [2017/9/4 4:51:47]
C:/AdwCleaner/AdwCleaner[C1].txt - [1955 B] - [2017/9/21 14:41:11]
C:/AdwCleaner/AdwCleaner[C2].txt - [1663 B] - [2017/9/24 2:18:19]
C:/AdwCleaner/AdwCleaner[S0].txt - [18340 B] - [2017/9/4 4:49:32]
C:/AdwCleaner/AdwCleaner[S1].txt - [1921 B] - [2017/9/21 14:30:16]
C:/AdwCleaner/AdwCleaner[S2].txt - [1550 B] - [2017/9/24 2:16:55]
C:/AdwCleaner/AdwCleaner[S3].txt - [1586 B] - [2017/9/25 16:25:14]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C3].txt ##########
 
ESET scan Report : 
 
C:\AdwCleaner\Quarantine\5u9t3tgj2t\Sputnik\ptls\mailruhomesearch.exe a variant of Win32/MailRu.D potentially unwanted application
C:\FRST\Quarantine\C\Users\naresh\AppData\Local\Temp\ho5BJ2wMAiyT.exe.xBAD a variant of Win32/MailRu.D potentially unwanted application
C:\FRST\Quarantine\C\Users\naresh\AppData\Local\Temp\uM2nizFdPzzv.exe.xBAD a variant of Win32/TrojanDownloader.Agent.DPN trojan
C:\Users\naresh\Downloads\Programs\RecoverKeysDemo.exe a variant of Win32/RecoverKeys.A potentially unsafe application
C:\Windows\Installer\MSI5A83.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSI60A1.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\Installer\MSIC535.tmp a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application
C:\Windows\System32\drivers\UefGdstor.sys a variant of Win32/Winsecsrv.C trojan
 


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:43 AM

Posted 25 September 2017 - 01:44 PM

Ok reboot and see if it is better..

Did you run Junkware?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#5 monkeyjoker

monkeyjoker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 25 September 2017 - 10:08 PM

I restarted it.
I am not able to understand after ESET scanning you said ''push do not clean''. But what is the point of scanning if I do not click '' clean all ''. It showed exact trojan malware.
 
Here it is JRT report:
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Professional x64 
Ran by naresh (Administrator) on 26-Sep-17 at  8:33:01.40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
File System: 17 
 
Successfully deleted: C:\Windows\wininit.ini (File) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2E7MX2C1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QWVUODH (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ZU69BQL (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92YN3ET1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC5TQQM9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMH7KQ7A (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYG249RO (Temporary Internet Files Folder) 
Successfully deleted: C:\Users\naresh\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U34X1CUZ (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2E7MX2C1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8QWVUODH (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ZU69BQL (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\92YN3ET1 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\AC5TQQM9 (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NMH7KQ7A (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PYG249RO (Temporary Internet Files Folder) 
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U34X1CUZ (Temporary Internet Files Folder) 
 
 
 
Registry: 0 
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 26-Sep-17 at  8:34:33.56
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Edited by monkeyjoker, 26 September 2017 - 08:23 AM.


#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:43 AM

Posted 26 September 2017 - 12:28 PM

Ok, many times files are found that we do not want to remove, so we view log first.. Yours can be cleaned so run ESET with the Clean option.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#7 monkeyjoker

monkeyjoker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 26 September 2017 - 09:43 PM

I ran ESET scan and cleaned those files. And I restarted it. But nothing is changed for god sake. who built these malware. I don't know, Is there something else in this world that can remove this malware. Please, help me to remove this..


Edited by monkeyjoker, 27 September 2017 - 10:23 AM.


#8 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:43 AM

Posted 27 September 2017 - 10:47 AM

We need a deeper look.. Do steps 6 and 7, include this link to back here.

https://www.bleepingcomputer.com/forums/t/658368/infection-of-trojan-system-not-working-well/#ipboard_body


Please follow this Preparation Guide and post in a new topic.
Let me know if all went well..
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#9 monkeyjoker

monkeyjoker
  • Topic Starter

  • Members
  • 51 posts
  • OFFLINE
  •  
  • Local time:08:13 PM

Posted 27 September 2017 - 10:49 PM

Ok, I did it  steps 6, 7.



#10 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,530 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:09:43 AM

Posted 28 September 2017 - 09:01 AM

Now that your log is properly posted, you should NOT make further changes to your computer (install/uninstall programs, use special fix tools, delete files, edit the registry, etc) unless advised by a Malware Removal Team member, nor should you continue to ask for help elsewhere. Doing so can result in system changes which may not show it the log you already posted. Further, any modifications you make on your own may cause confusion for the helper assisting you and could complicate the malware removal process which would extend the time it takes to clean your computer.
From this point on the Malware Removal Team should be the only members that you take advice from, until they have verified your log as clean.
Please be patient. It may take a while to get a response because the Malware Removal Team members are very busy working logs posted before yours. They are volunteers who will help you out as soon as possible. Once you have made your post and are waiting, please DO NOT make another reply until it has been responded to by a member of the Malware Removal Team. Generally the staff checks the forum for postings that have 0 replies as this makes it easier for them to identify those who have not been helped. If you post another response there will be 1 reply. A team member, looking for a new log to work may assume another MRL Team member is already assisting you and not open the thread to respond.
The current wait time is 1 - 3 days and ALL logs are answered.
If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.
To avoid confusion, I am closing this topic.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users