Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Suspicious UAC prompt


  • Please log in to reply
10 replies to this topic

#1 Njals

Njals

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 17 January 2018 - 05:24 PM

Went to install qbittorrent and got prompted with this odd looking UAC, not sure if I picked something up along the way or if everything is ok.  

 

Edit for Additional information:  Apparently when my child got out of school early today, they tried to download and install a game, (Planescape Torment), install did nothing. So my dear one uploaded the game file to virustotal for a scan after the fact and got 15 hits, attempted to clean with malwarebytes and avast.  At this point I would like to ensure that everything is properly removed.

 

8OUxxWN.jpg


Edited by Njals, 17 January 2018 - 09:10 PM.


BC AdBot (Login to Remove)

 


#2 Njals

Njals
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 20 January 2018 - 03:22 PM

Additionally, Administrator is not the User Name for the account associated with UAC prompts rather it is the standard Admin.  Trying to launch any program with admin privileges through "Run As Administrator" option fails to bring up the UAC propmpt.     



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 PM

Posted 21 January 2018 - 04:07 PM

Hello, please also do these.

MiniToolBox
  • Please download MiniToolBox, save it to your desktop and run it.
  • Checkmark the following checkboxes:
    • Flush DNS
    • Report IE Proxy Settings
    • Reset IE Proxy Settings
    • Report FF Proxy Settings
    • Reset FF Proxy Settings
    • List content of Hosts
    • List IP conf[iguration
    • List Winsock Entries
    • List last 10 Event Viewer log
    • List Installed Programs
    • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run. Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
SXvL3ZF.pngTDSSKiller
  • Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is required, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
zcMPezJ.pngAdwCleaner
  • Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool. Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
And finally I'd like us to scan your machine with ESET OnlineScan:
  • It is recommended to turn off your antivirus program. Click on the E5rfZI9.png button to see which antivirus is currently enabled:
c4VVzVO.png
  • Turn off your antivirus program. See here how to do this.
  • Check the option beside: Enable detection of potentially unwanted applications.
  • Now click on Advanced Settings and make sure that the option Clean threats automatically is NOT checked, and select the following:
Enable detection of potentially unsafe applications
Enable detection of suspicious applications
Scan archives
Enable Anti-Stealth Technology
  • Click on the Change button and select only Operating memory, Autostart locations and drive C:\ to be scanned.
yKulboi.jpg
  • Push the dtoGjAL.png button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
8L8IBHJ.png
  • When the scan completes a list of found threats will open automatically (if any malicious files are found).
imxEgHt.png
  • Push thecRhRYZ8.png button and save the file to your desktop using a unique name, such as ESETScan.txt. Include the contents of this report in your next reply.
  • Push the 9IjfdXq.png button.
  • Check the box beside RHzfZB1.png to uninstall the application when closed.
  • Push Vc3btaC.png and the close the application clicking the X in upper right corner.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Njals

Njals
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 21 January 2018 - 08:30 PM

MiniToolBox:

 

MiniToolBox by Farbar  Version: 17-06-2016
Ran by FAMILY-TV (ATTENTION: The logged in user is not administrator) on 21-01-2018 at 18:13:15
Running from "D:\Users\FAMILY-TV\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Model: System Product Name Manufacturer: System manufacturer
Boot Mode: Normal
***************************************************************************
 
========================= Flush DNS: ===================================
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========================= IE Proxy Settings: ============================== 
 
Proxy is not enabled.
No Proxy Server is set.
 
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= Hosts content: =================================
10.0.0.2 dc01.dhnc.ca
10.0.0.3 nas.dhnc.ca
10.0.0.3 plex.dhnc.ca
========================= IP Configuration: ================================
 
Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
TAP-Windows Adapter V9 = Local Area Connection 2 (Media disconnected)
 
 
# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4
 
reset
set global icmpredirects=enabled
 
 
popd
# End of IPv4 configuration
 
 
 
Windows IP Configuration
 
   Host Name . . . . . . . . . . . . : TV-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : entropy
 
Ethernet adapter Local Area Connection 2:
 
   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : TAP-Windows Adapter V9
   Physical Address. . . . . . . . . : 00-FF-8E-94-0D-A0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
 
Ethernet adapter Local Area Connection:
 
   Connection-specific DNS Suffix  . : entropy
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 10-BF-48-BA-ED-BC
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::1445:d6bf:31cb:b73b%11(Preferred) 
   IPv4 Address. . . . . . . . . . . : 10.10.10.100(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : January-21-18 7:35:41 AM
   Lease Expires . . . . . . . . . . : January-21-18 7:39:56 PM
   Default Gateway . . . . . . . . . : 10.10.10.1
   DHCP Server . . . . . . . . . . . : 10.10.10.1
   DHCPv6 IAID . . . . . . . . . . . : 235978568
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-7E-AB-71-10-BF-48-BA-ED-BC
   DNS Servers . . . . . . . . . . . : 10.10.10.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
Server:  pfSense.entropy
Address:  10.10.10.1
 
Name:    google.com
Addresses:  2607:f8b0:400b:80f::200e
  172.217.1.14
 
 
Pinging google.com [172.217.1.14] with 32 bytes of data:
Reply from 172.217.1.14: bytes=32 time=18ms TTL=56
Reply from 172.217.1.14: bytes=32 time=12ms TTL=56
 
Ping statistics for 172.217.1.14:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 12ms, Maximum = 18ms, Average = 15ms
Server:  pfSense.entropy
Address:  10.10.10.1
 
Name:    yahoo.com
Addresses:  2001:4998:c:e33::53
  2001:4998:44:204::100d
  2001:4998:58:2201::73
  206.190.39.42
  98.138.252.38
  98.139.180.180
 
 
Pinging yahoo.com [206.190.39.42] with 32 bytes of data:
Reply from 206.190.39.42: bytes=32 time=76ms TTL=53
Reply from 206.190.39.42: bytes=32 time=79ms TTL=53
 
Ping statistics for 206.190.39.42:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 76ms, Maximum = 79ms, Average = 77ms
 
Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
 
Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 13...00 ff 8e 94 0d a0 ......TAP-Windows Adapter V9
 11...10 bf 48 ba ed bc ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
===========================================================================
 
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0       10.10.10.1     10.10.10.100     10
       10.10.10.0    255.255.255.0         On-link      10.10.10.100    266
     10.10.10.100  255.255.255.255         On-link      10.10.10.100    266
     10.10.10.255  255.255.255.255         On-link      10.10.10.100    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      10.10.10.100    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      10.10.10.100    266
===========================================================================
Persistent Routes:
  None
 
IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
  1    306 ::1/128                  On-link
 11    266 fe80::/64                On-link
 11    266 fe80::1445:d6bf:31cb:b73b/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    266 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================
 
Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
 
========================= Event log errors: ===============================
 
Application errors:
==================
Error: (01/21/2018 07:37:19 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/20/2018 04:17:45 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Exception code: 0xc0000005
Fault offset: 0x0007e383
Faulting process id: 0xd54
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/20/2018 04:00:54 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Exception code: 0xc0000005
Fault offset: 0x002aafac
Faulting process id: 0x14a8
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/20/2018 07:45:27 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/19/2018 07:24:46 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a16
Exception code: 0xc0000005
Fault offset: 0x00056332
Faulting process id: 0x18dc
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/19/2018 07:24:31 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a16
Exception code: 0xc0000005
Fault offset: 0x00056332
Faulting process id: 0x18dc
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/19/2018 06:50:48 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Exception code: 0xc0000005
Fault offset: 0x002aaf90
Faulting process id: 0x61c
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/19/2018 06:28:50 PM) (Source: Application Error) (User: )
Description: Faulting application name: Morrowind.exe, version: 1.6.0.1820, time stamp: 0x72456542
Faulting module name: ntdll.dll, version: 6.1.7601.23915, time stamp: 0x59b94a16
Exception code: 0xc0000005
Fault offset: 0x000636d6
Faulting process id: 0x41c
Faulting application start time: 0xMorrowind.exe0
Faulting application path: Morrowind.exe1
Faulting module path: Morrowind.exe2
Report Id: Morrowind.exe3
 
Error: (01/19/2018 06:20:27 PM) (Source: Application Error) (User: )
Description: Faulting application name: Explorer.EXE, version: 6.1.7601.23537, time stamp: 0x57c44efe
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x0000000009eb0fd8
Faulting process id: 0xe38
Faulting application start time: 0xExplorer.EXE0
Faulting application path: Explorer.EXE1
Faulting module path: Explorer.EXE2
Report Id: Explorer.EXE3
 
Error: (01/19/2018 02:56:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (01/21/2018 07:36:41 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/20/2018 03:11:42 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (01/20/2018 07:44:49 AM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/19/2018 06:29:47 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (01/19/2018 02:55:52 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/18/2018 09:10:14 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/18/2018 09:01:45 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (01/18/2018 02:59:59 PM) (Source: DCOM) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (01/17/2018 08:38:32 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
Error: (01/17/2018 08:38:32 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.
 
 
Microsoft Office Sessions:
=========================
Error: (01/21/2018 07:37:19 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/20/2018 04:17:45 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542Morrowind.exe1.6.0.182072456542c00000050007e383d5401d392324bd7eb2cD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exe5b0ec49e-fe27-11e7-936a-10bf48baedbc
 
Error: (01/20/2018 04:00:54 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542Morrowind.exe1.6.0.182072456542c0000005002aafac14a801d392314fc7ba56D:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exe0075c952-fe25-11e7-936a-10bf48baedbc
 
Error: (01/20/2018 07:45:27 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/19/2018 07:24:46 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542ntdll.dll6.1.7601.2391559b94a16c00000050005633218dc01d39180a86d8f9fD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeC:\Windows\SysWOW64\ntdll.dll510f4d15-fd78-11e7-babb-10bf48baedbc
 
Error: (01/19/2018 07:24:31 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542ntdll.dll6.1.7601.2391559b94a16c00000050005633218dc01d39180a86d8f9fD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeC:\Windows\SysWOW64\ntdll.dll47e017a8-fd78-11e7-babb-10bf48baedbc
 
Error: (01/19/2018 06:50:48 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542Morrowind.exe1.6.0.182072456542c0000005002aaf9061c01d3917fb2b17dd1D:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exe92128a81-fd73-11e7-babb-10bf48baedbc
 
Error: (01/19/2018 06:28:50 PM) (Source: Application Error)(User: )
Description: Morrowind.exe1.6.0.182072456542ntdll.dll6.1.7601.2391559b94a16c0000005000636d641c01d3917cf3863d9cD:\Games\Steam\steamapps\common\Morrowind\Morrowind.exeC:\Windows\SysWOW64\ntdll.dll807d8d3e-fd70-11e7-babb-10bf48baedbc
 
Error: (01/19/2018 06:20:27 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.2353757c44efeunknown0.0.0.000000000c00000050000000009eb0fd8e3801d3915f642ba38aC:\Windows\Explorer.EXEunknown54ade0bb-fd6f-11e7-babb-10bf48baedbc
 
Error: (01/19/2018 02:56:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2016-08-17 16:28:35.445
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-17 16:28:27.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-17 16:27:42.044
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-17 16:27:42.013
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-12 14:54:22.598
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-12 14:54:22.242
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-12 14:53:36.950
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswKbd.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-12 14:53:36.935
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\aswSnx.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-11 15:23:08.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2016-08-11 03:19:59.105
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
 
=========================== Installed Programs ============================
 
µTorrent (HKCU\...\uTorrent) (Version: 3.5.1.44332 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1604-000001000000}) (Version: 16.04.00.0 - Igor Pavlov)
AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe Flash Player 28 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 28.0.0.137 - Adobe Systems Incorporated)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.137 - Adobe Systems Incorporated)
ArcSoft TotalMedia Theatre 5 (HKLM-x32\...\{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.3.1.172 - ArcSoft) Hidden
ArcSoft TotalMedia Theatre 5 (HKLM-x32\...\InstallShield_{9A2CE5D4-0A1E-42EB-9CE0-ABD5DD79E94E}) (Version: 5.3.1.172 - ArcSoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.3.0 - Asmedia Technology)
ASUS Product Register Program (HKLM-x32\...\{49BE9B8A-E858-4533-A74A-64306C13DB59}) (Version: 1.0.014 - ASUS)
Canon Utilities Digital Photo Professional 4 (HKLM-x32\...\Digital Photo Professional 4 (x64)) (Version: 4.5.10.1 - Canon Inc.)
Canon Utilities EOS Lens Registration Tool (HKLM-x32\...\EOS Lens Registration Tool) (Version: 1.5.10.0 - Canon Inc.)
DVDFab Passkey 8.0.9.0 (06/02/2013) (HKLM-x32\...\DVDFab Passkey 8_is1) (Version:  - Fengtao Software Inc.)
Fractured Space (HKLM-x32\...\Steam App 310380) (Version:  - Edge Case Games Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 63.0.3239.132 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Photosmart D110 All-In-One Driver 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HPDiagnosticAlert (HKLM-x32\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Java 7 Update 76 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217076FF}) (Version: 7.0.760 - Oracle)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Kodi (HKCU\...\Kodi) (Version:  - XBMC-Foundation)
LAV Filters 0.62.0 (HKLM-x32\...\lavfilters_is1) (Version: 0.62.0 - Hendrik Leppkes)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1014 - Marvell)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (HKLM\...\{6BFAB6C1-6D46-46DB-A538-A269907C9F2F}) (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Network64 (HKLM\...\{CE47BA54-78AC-409F-9151-BDF5BE15A804}) (Version: 140.0.212.000 - Hewlett-Packard) Hidden
NextPVR (HKLM-x32\...\NextPVR) (Version:  - )
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
notepad3k (HKCU\...\notepad3k) (Version: 1.42 - SilverNight Corp)
NVIDIA 3D Vision Controller Driver 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.71 - NVIDIA Corporation)
NVIDIA GeForce Experience 3.12.0.84 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.12.0.84 - NVIDIA Corporation)
NVIDIA Graphics Driver 388.71 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.71 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Pillars of Eternity (HKLM-x32\...\Steam App 291650) (Version:  - Obsidian Entertainment)
Planescape Torment Enhanced Edition (HKLM-x32\...\Planescape Torment Enhanced Edition_is1) (Version:  - )
Private Internet Access Support Files (HKLM-x32\...\{7D72DAFF-DCB2-437B-BC22-4B2ABF21462B}) (Version: 1.0.0.0 - Private Internet Access)
PS_AIO_07_D110_SW_Min (HKLM-x32\...\{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}) (Version: 140.0.142.000 - Hewlett-Packard) Hidden
qBittorrent 4.0.3 (HKLM-x32\...\qBittorrent) (Version: 4.0.3 - The qBittorrent project)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.52.203.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6602 - Realtek Semiconductor Corp.)
Scan (HKLM-x32\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
Small World 2 (HKLM-x32\...\Steam App 235620) (Version:  - Days of Wonder)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Tag&Rename 3.8.6 (HKLM-x32\...\Tag&Rename_is1) (Version: 3.8.6 - Softpointer Inc)
The Elder Scrolls III: Morrowind (HKLM\...\Steam App 22320) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim Special Edition (HKLM\...\Steam App 489830) (Version:  - Bethesda Game Studios)
Toolbox (HKLM-x32\...\{BBFB2E59-B0DB-42C8-8F4D-CF4E85471667}) (Version: 140.0.424.000 - Hewlett-Packard) Hidden
USB_Burning_Tool (HKLM-x32\...\{0F91E44C-2FAD-4298-8051-40E52C7E1341}_is1) (Version: 1.0.94 - Amlogic, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.8 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Windows Driver Package - Cambridge Silicon Radio Ltd. (CSRBC) USB  (02/03/2011 2.4.0.0) (HKLM\...\88C277C6E63CBDAF35A096E80A5B97A29A619D3A) (Version: 02/03/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - Cambridge Silicon Radio Ltd. (USBSPI) USB  (01/21/2011 2.4.0.0) (HKLM\...\516F2BEA6007D982DCE90BA1592C17F0FFD75DBA) (Version: 01/21/2011 2.4.0.0 - Cambridge Silicon Radio Ltd.)
Windows Driver Package - libusb-win32 WorldCup Device (02/23/2013 1.2.6.0) (HKLM\...\607E81836F3E58EDC7289F7B7047149AE2C7F301) (Version: 02/23/2013 1.2.6.0 - libusb-win32)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
 
========================= Memory info: ===================================
 
Percentage of memory in use: 13%
Total physical RAM: 16325.47 MB
Available physical RAM: 14163.25 MB
Total Virtual: 32649.13 MB
Available Virtual: 29778.69 MB
 
========================= Partitions: =====================================
 
1 Drive c: () (Fixed) (Total:223.47 GB) (Free:116.82 GB) NTFS
2 Drive d: (New Volume) (Fixed) (Total:931.51 GB) (Free:499.38 GB) NTFS
 
========================= Users: ========================================
 
User accounts for \\TV-PC
 
Admin                    Administrator            FAMILY-TV                
Guest                    
 
 
**** End of log ****
 
TDSSKiller
 
18:18:39.0327 0x0f04  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
18:18:42.0089 0x0f04  ============================================================
18:18:42.0099 0x0f04  Current date / time: 2018/01/21 18:18:42.0089
18:18:42.0099 0x0f04  SystemInfo:
18:18:42.0099 0x0f04  
18:18:42.0099 0x0f04  OS Version: 6.1.7601 ServicePack: 1.0
18:18:42.0099 0x0f04  Product type: Workstation
18:18:42.0099 0x0f04  ComputerName: TV-PC
18:18:42.0099 0x0f04  UserName: Admin
18:18:42.0099 0x0f04  Windows directory: C:\Windows
18:18:42.0099 0x0f04  System windows directory: C:\Windows
18:18:42.0099 0x0f04  Running under WOW64
18:18:42.0099 0x0f04  Processor architecture: Intel x64
18:18:42.0099 0x0f04  Number of processors: 8
18:18:42.0099 0x0f04  Page size: 0x1000
18:18:42.0099 0x0f04  Boot type: Normal boot
18:18:42.0099 0x0f04  CodeIntegrityOptions = 0x00000001
18:18:42.0099 0x0f04  ============================================================
18:18:42.0139 0x0f04  KLMD registered as C:\Windows\system32\drivers\19033554.sys
18:18:42.0139 0x0f04  KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 7601.23915, osProperties = 0x1
18:18:42.0169 0x0f04  System UUID: {C91810BA-788F-D46D-3D5D-8AE903C937BF}
18:18:42.0329 0x0f04  Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:18:42.0349 0x0f04  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:18:42.0349 0x0f04  ============================================================
18:18:42.0349 0x0f04  \Device\Harddisk0\DR0:
18:18:42.0349 0x0f04  MBR partitions:
18:18:42.0349 0x0f04  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:18:42.0349 0x0f04  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x1BEF1000
18:18:42.0349 0x0f04  \Device\Harddisk1\DR1:
18:18:42.0349 0x0f04  MBR partitions:
18:18:42.0349 0x0f04  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
18:18:42.0349 0x0f04  ============================================================
18:18:42.0349 0x0f04  C: <-> \Device\Harddisk0\DR0\Partition2
18:18:42.0369 0x0f04  D: <-> \Device\Harddisk1\DR1\Partition1
18:18:42.0369 0x0f04  ============================================================
18:18:42.0369 0x0f04  Initialize success
18:18:42.0369 0x0f04  ============================================================
18:19:09.0739 0x1a18  ============================================================
18:19:09.0739 0x1a18  Scan started
18:19:09.0739 0x1a18  Mode: Manual; 
18:19:09.0739 0x1a18  ============================================================
18:19:09.0739 0x1a18  KSN ping started
18:19:10.0439 0x1a18  KSN ping finished: true
18:19:10.0571 0x1a18  ================ Scan system memory ========================
18:19:10.0571 0x1a18  System memory - ok
18:19:10.0572 0x1a18  ================ Scan services =============================
18:19:10.0597 0x1a18  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
18:19:10.0600 0x1a18  1394ohci - ok
18:19:10.0609 0x1a18  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
18:19:10.0614 0x1a18  ACPI - ok
18:19:10.0616 0x1a18  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
18:19:10.0616 0x1a18  AcpiPmi - ok
18:19:10.0620 0x1a18  [ C330710CF95587DCB7806BB6A22CF044, 794331F5FCB29C1BF952DED36ED9245F89FCE52926FFC89299B2AEC6E17FFBE9 ] ADExchange      C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
18:19:10.0620 0x1a18  ADExchange - ok
18:19:10.0624 0x1a18  [ 38622FFE9369D3EC01C0097235BD9279, 021BC514F61B3874892809981572AF9A29DE7445E56CF8BC09EBC7C6C68E5AB2 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:19:10.0625 0x1a18  AdobeARMservice - ok
18:19:10.0649 0x1a18  [ 036908ABB922605F247FF93FB1854EF2, 16C36DE7C48FC362F5F9DE05B288A1058C6823EAC1E9DD616556E3AD883728B8 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:19:10.0653 0x1a18  AdobeFlashPlayerUpdateSvc - ok
18:19:10.0662 0x1a18  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
18:19:10.0668 0x1a18  adp94xx - ok
18:19:10.0674 0x1a18  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
18:19:10.0678 0x1a18  adpahci - ok
18:19:10.0682 0x1a18  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
18:19:10.0685 0x1a18  adpu320 - ok
18:19:10.0688 0x1a18  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
18:19:10.0689 0x1a18  AeLookupSvc - ok
18:19:10.0697 0x1a18  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
18:19:10.0703 0x1a18  AFD - ok
18:19:10.0706 0x1a18  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
18:19:10.0707 0x1a18  agp440 - ok
18:19:10.0709 0x1a18  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
18:19:10.0711 0x1a18  ALG - ok
18:19:10.0712 0x1a18  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
18:19:10.0713 0x1a18  aliide - ok
18:19:10.0715 0x1a18  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
18:19:10.0715 0x1a18  amdide - ok
18:19:10.0717 0x1a18  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
18:19:10.0719 0x1a18  AmdK8 - ok
18:19:10.0721 0x1a18  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
18:19:10.0722 0x1a18  AmdPPM - ok
18:19:10.0725 0x1a18  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
18:19:10.0727 0x1a18  amdsata - ok
18:19:10.0731 0x1a18  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
18:19:10.0734 0x1a18  amdsbs - ok
18:19:10.0736 0x1a18  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
18:19:10.0736 0x1a18  amdxata - ok
18:19:10.0739 0x1a18  [ C16B5B379A2A79702CC5FF923EAAE3FD, FD6A1E3C46282CF77AFA9FB4B4ACE2DB6295DFB0C69EA07BE7160538041CDB2F ] AppID           C:\Windows\system32\drivers\appid.sys
18:19:10.0741 0x1a18  AppID - ok
18:19:10.0743 0x1a18  [ 5152D6B29C61EF59537DBDA92BFE2978, 6D426A0FEE016A8899ADE864DD84BE019C5B5DB7E1DB295ED720239877FCB3EF ] AppIDSvc        C:\Windows\System32\appidsvc.dll
18:19:10.0744 0x1a18  AppIDSvc - ok
18:19:10.0747 0x1a18  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
18:19:10.0748 0x1a18  Appinfo - ok
18:19:10.0750 0x1a18  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
18:19:10.0752 0x1a18  arc - ok
18:19:10.0764 0x1a18  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
18:19:10.0766 0x1a18  arcsas - ok
18:19:10.0771 0x1a18  [ 36661A0497D8ED2D07B82524DF932EA3, 30AFD5845372F852ECEED491723A81504A76A5C0E8A63C992A7E5817297273EB ] ArcSec          C:\Windows\system32\drivers\ArcSec.sys
18:19:10.0775 0x1a18  ArcSec - ok
18:19:10.0777 0x1a18  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
18:19:10.0777 0x1a18  asmthub3 - ok
18:19:10.0777 0x1a18  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
18:19:10.0787 0x1a18  asmtxhci - ok
18:19:10.0797 0x1a18  [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:19:10.0797 0x1a18  aspnet_state - ok
18:19:10.0797 0x1a18  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
18:19:10.0797 0x1a18  AsyncMac - ok
18:19:10.0797 0x1a18  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
18:19:10.0797 0x1a18  atapi - ok
18:19:10.0807 0x1a18  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:19:10.0817 0x1a18  AudioEndpointBuilder - ok
18:19:10.0827 0x1a18  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
18:19:10.0837 0x1a18  AudioSrv - ok
18:19:10.0837 0x1a18  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
18:19:10.0837 0x1a18  AxInstSV - ok
18:19:10.0847 0x1a18  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
18:19:10.0857 0x1a18  b06bdrv - ok
18:19:10.0857 0x1a18  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
18:19:10.0867 0x1a18  b57nd60a - ok
18:19:10.0867 0x1a18  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
18:19:10.0867 0x1a18  BDESVC - ok
18:19:10.0867 0x1a18  bdfree - ok
18:19:10.0877 0x1a18  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
18:19:10.0877 0x1a18  Beep - ok
18:19:10.0887 0x1a18  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
18:19:10.0897 0x1a18  BFE - ok
18:19:10.0908 0x1a18  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
18:19:10.0918 0x1a18  BITS - ok
18:19:10.0918 0x1a18  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
18:19:10.0928 0x1a18  blbdrive - ok
18:19:10.0928 0x1a18  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
18:19:10.0928 0x1a18  bowser - ok
18:19:10.0928 0x1a18  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
18:19:10.0928 0x1a18  BrFiltLo - ok
18:19:10.0928 0x1a18  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
18:19:10.0928 0x1a18  BrFiltUp - ok
18:19:10.0938 0x1a18  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
18:19:10.0938 0x1a18  Browser - ok
18:19:10.0948 0x1a18  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
18:19:10.0948 0x1a18  Brserid - ok
18:19:10.0948 0x1a18  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
18:19:10.0948 0x1a18  BrSerWdm - ok
18:19:10.0948 0x1a18  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
18:19:10.0958 0x1a18  BrUsbMdm - ok
18:19:10.0958 0x1a18  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
18:19:10.0958 0x1a18  BrUsbSer - ok
18:19:10.0958 0x1a18  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
18:19:10.0958 0x1a18  BTHMODEM - ok
18:19:10.0958 0x1a18  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
18:19:10.0968 0x1a18  bthserv - ok
18:19:10.0968 0x1a18  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
18:19:10.0968 0x1a18  cdfs - ok
18:19:10.0968 0x1a18  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
18:19:10.0968 0x1a18  cdrom - ok
18:19:10.0978 0x1a18  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
18:19:10.0978 0x1a18  CertPropSvc - ok
18:19:10.0978 0x1a18  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
18:19:10.0978 0x1a18  circlass - ok
18:19:10.0988 0x1a18  [ 3963FEC1892368DD500E6ED1F5C286CE, A04689CB07AF1C1B4B1032B0ACAD88DA3EB03D89A575C59FE602A65E8C246138 ] CLFS            C:\Windows\system32\CLFS.sys
18:19:10.0988 0x1a18  CLFS - ok
18:19:10.0998 0x1a18  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:19:10.0998 0x1a18  clr_optimization_v2.0.50727_32 - ok
18:19:10.0998 0x1a18  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:19:10.0998 0x1a18  clr_optimization_v2.0.50727_64 - ok
18:19:11.0018 0x1a18  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:19:11.0018 0x1a18  clr_optimization_v4.0.30319_32 - ok
18:19:11.0018 0x1a18  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:19:11.0018 0x1a18  clr_optimization_v4.0.30319_64 - ok
18:19:11.0018 0x1a18  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
18:19:11.0028 0x1a18  CmBatt - ok
18:19:11.0028 0x1a18  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
18:19:11.0028 0x1a18  cmdide - ok
18:19:11.0038 0x1a18  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
18:19:11.0038 0x1a18  CNG - ok
18:19:11.0038 0x1a18  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
18:19:11.0038 0x1a18  Compbatt - ok
18:19:11.0048 0x1a18  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
18:19:11.0048 0x1a18  CompositeBus - ok
18:19:11.0048 0x1a18  COMSysApp - ok
18:19:11.0048 0x1a18  CorsairSSDToolBox - ok
18:19:11.0048 0x1a18  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
18:19:11.0048 0x1a18  crcdisk - ok
18:19:11.0058 0x1a18  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
18:19:11.0058 0x1a18  CryptSvc - ok
18:19:11.0068 0x1a18  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] DcomLaunch      C:\Windows\system32\rpcss.dll
18:19:11.0078 0x1a18  DcomLaunch - ok
18:19:11.0078 0x1a18  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
18:19:11.0088 0x1a18  defragsvc - ok
18:19:11.0088 0x1a18  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
18:19:11.0088 0x1a18  DfsC - ok
18:19:11.0098 0x1a18  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
18:19:11.0098 0x1a18  Dhcp - ok
18:19:11.0118 0x1a18  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
18:19:11.0138 0x1a18  DiagTrack - ok
18:19:11.0138 0x1a18  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
18:19:11.0138 0x1a18  discache - ok
18:19:11.0148 0x1a18  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
18:19:11.0148 0x1a18  Disk - ok
18:19:11.0148 0x1a18  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
18:19:11.0158 0x1a18  Dnscache - ok
18:19:11.0158 0x1a18  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
18:19:11.0158 0x1a18  dot3svc - ok
18:19:11.0168 0x1a18  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
18:19:11.0168 0x1a18  DPS - ok
18:19:11.0168 0x1a18  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
18:19:11.0168 0x1a18  drmkaud - ok
18:19:11.0168 0x1a18  [ EEE504899A0CC781F09CF003CA897771, 90D9500489FD12E3E6299B5BFC9A7E14E7D2A4744EC1A1158E8236D204F0DC27 ] dvdfab          C:\Windows\system32\drivers\dvdfab.sys
18:19:11.0178 0x1a18  dvdfab - ok
18:19:11.0188 0x1a18  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
18:19:11.0198 0x1a18  DXGKrnl - ok
18:19:11.0198 0x1a18  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
18:19:11.0208 0x1a18  EapHost - ok
18:19:11.0248 0x1a18  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
18:19:11.0290 0x1a18  ebdrv - ok
18:19:11.0294 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] EFS             C:\Windows\System32\lsass.exe
18:19:11.0295 0x1a18  EFS - ok
18:19:11.0306 0x1a18  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
18:19:11.0314 0x1a18  ehRecvr - ok
18:19:11.0318 0x1a18  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
18:19:11.0320 0x1a18  ehSched - ok
18:19:11.0328 0x1a18  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
18:19:11.0334 0x1a18  elxstor - ok
18:19:11.0336 0x1a18  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
18:19:11.0337 0x1a18  ErrDev - ok
18:19:11.0338 0x1a18  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
18:19:11.0348 0x1a18  EventSystem - ok
18:19:11.0348 0x1a18  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
18:19:11.0348 0x1a18  exfat - ok
18:19:11.0358 0x1a18  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
18:19:11.0358 0x1a18  fastfat - ok
18:19:11.0368 0x1a18  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
18:19:11.0378 0x1a18  Fax - ok
18:19:11.0378 0x1a18  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
18:19:11.0378 0x1a18  fdc - ok
18:19:11.0388 0x1a18  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
18:19:11.0388 0x1a18  fdPHost - ok
18:19:11.0388 0x1a18  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
18:19:11.0388 0x1a18  FDResPub - ok
18:19:11.0388 0x1a18  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
18:19:11.0388 0x1a18  FileInfo - ok
18:19:11.0398 0x1a18  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
18:19:11.0398 0x1a18  Filetrace - ok
18:19:11.0398 0x1a18  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
18:19:11.0398 0x1a18  flpydisk - ok
18:19:11.0398 0x1a18  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
18:19:11.0408 0x1a18  FltMgr - ok
18:19:11.0418 0x1a18  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
18:19:11.0438 0x1a18  FontCache - ok
18:19:11.0438 0x1a18  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:19:11.0438 0x1a18  FontCache3.0.0.0 - ok
18:19:11.0438 0x1a18  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
18:19:11.0448 0x1a18  FsDepends - ok
18:19:11.0448 0x1a18  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
18:19:11.0448 0x1a18  Fs_Rec - ok
18:19:11.0448 0x1a18  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
18:19:11.0448 0x1a18  fvevol - ok
18:19:11.0458 0x1a18  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
18:19:11.0458 0x1a18  gagp30kx - ok
18:19:11.0468 0x1a18  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
18:19:11.0478 0x1a18  gpsvc - ok
18:19:11.0478 0x1a18  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:19:11.0488 0x1a18  gupdate - ok
18:19:11.0488 0x1a18  [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:19:11.0488 0x1a18  gupdatem - ok
18:19:11.0488 0x1a18  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
18:19:11.0488 0x1a18  hcw85cir - ok
18:19:11.0518 0x1a18  [ 6DDC39D56A2BA72C0227711419E8D10B, 715356995380E18BEE16202FB4FD0D402D73ECBCD8EF92184C483942DF305404 ] hcw89           C:\Windows\system32\DRIVERS\hcw89.sys
18:19:11.0538 0x1a18  hcw89 - ok
18:19:11.0538 0x1a18  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:19:11.0548 0x1a18  HdAudAddService - ok
18:19:11.0548 0x1a18  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
18:19:11.0548 0x1a18  HDAudBus - ok
18:19:11.0558 0x1a18  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
18:19:11.0558 0x1a18  HidBatt - ok
18:19:11.0558 0x1a18  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
18:19:11.0558 0x1a18  HidBth - ok
18:19:11.0558 0x1a18  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
18:19:11.0558 0x1a18  HidIr - ok
18:19:11.0568 0x1a18  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
18:19:11.0568 0x1a18  hidserv - ok
18:19:11.0568 0x1a18  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
18:19:11.0568 0x1a18  HidUsb - ok
18:19:11.0568 0x1a18  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
18:19:11.0568 0x1a18  hkmsvc - ok
18:19:11.0578 0x1a18  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:19:11.0578 0x1a18  HomeGroupListener - ok
18:19:11.0588 0x1a18  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:19:11.0588 0x1a18  HomeGroupProvider - ok
18:19:11.0588 0x1a18  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
18:19:11.0598 0x1a18  HpSAMD - ok
18:19:11.0608 0x1a18  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
18:19:11.0628 0x1a18  HPSLPSVC - ok
18:19:11.0638 0x1a18  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
18:19:11.0648 0x1a18  HTTP - ok
18:19:11.0648 0x1a18  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
18:19:11.0648 0x1a18  hwpolicy - ok
18:19:11.0648 0x1a18  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
18:19:11.0648 0x1a18  i8042prt - ok
18:19:11.0658 0x1a18  [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
18:19:11.0668 0x1a18  iaStor - ok
18:19:11.0668 0x1a18  [ 545462D0DBE24AF379BA869B7C185CCD, 056F9D0D5FD4FEF37665A35A4029722FF60D02A69854E952DC361CC0E5CD26F9 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
18:19:11.0668 0x1a18  IAStorDataMgrSvc - ok
18:19:11.0678 0x1a18  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
18:19:11.0688 0x1a18  iaStorV - ok
18:19:11.0698 0x1a18  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:19:11.0711 0x1a18  idsvc - ok
18:19:11.0714 0x1a18  IEEtwCollectorService - ok
18:19:11.0716 0x1a18  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
18:19:11.0717 0x1a18  iirsp - ok
18:19:11.0729 0x1a18  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
18:19:11.0737 0x1a18  IKEEXT - ok
18:19:11.0787 0x1a18  [ 5F6A3EA5BD7CA861863A3A06CECC115C, 312B27BB6664A2DFF3B48CF9DA04511AAB281A2521A6140C7DB1613DC6562D59 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:19:11.0827 0x1a18  IntcAzAudAddService - ok
18:19:11.0837 0x1a18  [ 832CE330DD987227B7DEA8C03F22AEFA, 3DE64D9519D9D865D4C1AA7483D846F0154392B6685BDC451DEC7DA5EA0E2B2E ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:19:11.0847 0x1a18  Intel® Capability Licensing Service Interface - ok
18:19:11.0847 0x1a18  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
18:19:11.0857 0x1a18  intelide - ok
18:19:11.0857 0x1a18  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
18:19:11.0857 0x1a18  intelppm - ok
18:19:11.0857 0x1a18  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
18:19:11.0857 0x1a18  IPBusEnum - ok
18:19:11.0867 0x1a18  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:19:11.0869 0x1a18  IpFilterDriver - ok
18:19:11.0879 0x1a18  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
18:19:11.0886 0x1a18  iphlpsvc - ok
18:19:11.0889 0x1a18  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
18:19:11.0890 0x1a18  IPMIDRV - ok
18:19:11.0893 0x1a18  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
18:19:11.0895 0x1a18  IPNAT - ok
18:19:11.0896 0x1a18  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
18:19:11.0897 0x1a18  IRENUM - ok
18:19:11.0899 0x1a18  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
18:19:11.0899 0x1a18  isapnp - ok
18:19:11.0904 0x1a18  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
18:19:11.0908 0x1a18  iScsiPrt - ok
18:19:11.0910 0x1a18  [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
18:19:11.0910 0x1a18  iusb3hcs - ok
18:19:11.0917 0x1a18  [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
18:19:11.0921 0x1a18  iusb3hub - ok
18:19:11.0934 0x1a18  [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
18:19:11.0941 0x1a18  iusb3xhc - ok
18:19:11.0946 0x1a18  [ 16FB3C63287DC1E0061101012844F26F, D469275B6843E09B889912F8CBA41DE7C2F72001C888A990850B592B535E34F1 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
18:19:11.0948 0x1a18  jhi_service - ok
18:19:11.0950 0x1a18  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
18:19:11.0951 0x1a18  kbdclass - ok
18:19:11.0953 0x1a18  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
18:19:11.0954 0x1a18  kbdhid - ok
18:19:11.0956 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] KeyIso          C:\Windows\system32\lsass.exe
18:19:11.0956 0x1a18  KeyIso - ok
18:19:11.0959 0x1a18  [ DFE85B031220F8E0271716BBB3C4C8FF, 531AB0851AE2F2B25D751605529C483B4734E5D26F94F56DEC0191730DD6A9A4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
18:19:11.0960 0x1a18  KSecDD - ok
18:19:11.0964 0x1a18  [ 70D7302DD70B979637179BFD8295C924, 7A3498C8A90AC5D7A070E9BCAF1BC0D16F478A7160A9333C58247034C5B3B59F ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
18:19:11.0966 0x1a18  KSecPkg - ok
18:19:11.0968 0x1a18  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
18:19:11.0968 0x1a18  ksthunk - ok
18:19:11.0975 0x1a18  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
18:19:11.0980 0x1a18  KtmRm - ok
18:19:11.0985 0x1a18  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
18:19:11.0989 0x1a18  LanmanServer - ok
18:19:11.0992 0x1a18  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:19:11.0994 0x1a18  LanmanWorkstation - ok
18:19:11.0997 0x1a18  [ 16E18CED459B1824234890386EE66CD5, 8058F2AFE6EF96A7D2DED432997FD8655970C9EA75A938EE4557D6A2CB4CC989 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
18:19:11.0998 0x1a18  libusb0 - ok
18:19:12.0001 0x1a18  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
18:19:12.0002 0x1a18  lltdio - ok
18:19:12.0007 0x1a18  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
18:19:12.0011 0x1a18  lltdsvc - ok
18:19:12.0013 0x1a18  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
18:19:12.0014 0x1a18  lmhosts - ok
18:19:12.0019 0x1a18  [ 8D7E37CDE7393D59C46A3A61D30C6228, 328E374075B73560E9F45B07A3331BC2E032C33309011DC47B0959B8B8D0E937 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
18:19:12.0023 0x1a18  LMS - ok
18:19:12.0027 0x1a18  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
18:19:12.0028 0x1a18  LSI_FC - ok
18:19:12.0031 0x1a18  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
18:19:12.0033 0x1a18  LSI_SAS - ok
18:19:12.0035 0x1a18  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
18:19:12.0036 0x1a18  LSI_SAS2 - ok
18:19:12.0039 0x1a18  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
18:19:12.0041 0x1a18  LSI_SCSI - ok
18:19:12.0044 0x1a18  [ 5416CEB2916BBE635288C4D1075B045E, BEFF99052206C0D774CFFF14AC3305C397726B289B17666C2AD2706C261F2FF0 ] luafv           C:\Windows\system32\drivers\luafv.sys
18:19:12.0046 0x1a18  luafv - ok
18:19:12.0048 0x1a18  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
18:19:12.0050 0x1a18  Mcx2Svc - ok
18:19:12.0052 0x1a18  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
18:19:12.0053 0x1a18  megasas - ok
18:19:12.0058 0x1a18  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
18:19:12.0062 0x1a18  MegaSR - ok
18:19:12.0065 0x1a18  [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
18:19:12.0065 0x1a18  MEIx64 - ok
18:19:12.0068 0x1a18  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
18:19:12.0069 0x1a18  MMCSS - ok
18:19:12.0071 0x1a18  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
18:19:12.0072 0x1a18  Modem - ok
18:19:12.0074 0x1a18  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
18:19:12.0075 0x1a18  monitor - ok
18:19:12.0077 0x1a18  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
18:19:12.0077 0x1a18  mouclass - ok
18:19:12.0079 0x1a18  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
18:19:12.0080 0x1a18  mouhid - ok
18:19:12.0083 0x1a18  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
18:19:12.0084 0x1a18  mountmgr - ok
18:19:12.0087 0x1a18  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
18:19:12.0090 0x1a18  mpio - ok
18:19:12.0092 0x1a18  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
18:19:12.0093 0x1a18  mpsdrv - ok
18:19:12.0107 0x1a18  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
18:19:12.0119 0x1a18  MpsSvc - ok
18:19:12.0123 0x1a18  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
18:19:12.0125 0x1a18  MRxDAV - ok
18:19:12.0128 0x1a18  [ 767C6DF04C5758B9F0790D400541B44F, BFC38D7BCF19F7246BCAD3E04273A403F6B973432EE0EF6E25B16BA3826A21B7 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
18:19:12.0131 0x1a18  mrxsmb - ok
18:19:12.0136 0x1a18  [ BD55F604FFABC911F8E5500186AE70E5, 3719EDB070E6FFE9781337A05CA0309C3CD5CD38A292DF091E05C9BA3D5A479F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:19:12.0140 0x1a18  mrxsmb10 - ok
18:19:12.0143 0x1a18  [ 92EECFB046D4706A4B8D699A4069B6EC, 3B3E232DABA913A500CE55AD8600D8DD8F28E32B0276B9B6C8FD6239688833A4 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:19:12.0145 0x1a18  mrxsmb20 - ok
18:19:12.0147 0x1a18  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
18:19:12.0148 0x1a18  msahci - ok
18:19:12.0151 0x1a18  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
18:19:12.0153 0x1a18  msdsm - ok
18:19:12.0156 0x1a18  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
18:19:12.0159 0x1a18  MSDTC - ok
18:19:12.0162 0x1a18  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
18:19:12.0162 0x1a18  Msfs - ok
18:19:12.0164 0x1a18  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
18:19:12.0164 0x1a18  mshidkmdf - ok
18:19:12.0166 0x1a18  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
18:19:12.0166 0x1a18  msisadrv - ok
18:19:12.0170 0x1a18  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
18:19:12.0172 0x1a18  MSiSCSI - ok
18:19:12.0174 0x1a18  msiserver - ok
18:19:12.0176 0x1a18  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
18:19:12.0176 0x1a18  MSKSSRV - ok
18:19:12.0178 0x1a18  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
18:19:12.0178 0x1a18  MSPCLOCK - ok
18:19:12.0180 0x1a18  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
18:19:12.0180 0x1a18  MSPQM - ok
18:19:12.0187 0x1a18  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
18:19:12.0192 0x1a18  MsRPC - ok
18:19:12.0195 0x1a18  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
18:19:12.0195 0x1a18  mssmbios - ok
18:19:12.0197 0x1a18  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
18:19:12.0197 0x1a18  MSTEE - ok
18:19:12.0199 0x1a18  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
18:19:12.0200 0x1a18  MTConfig - ok
18:19:12.0202 0x1a18  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
18:19:12.0203 0x1a18  Mup - ok
18:19:12.0208 0x1a18  [ 232DE45537AE5652C64F0B8669081D02, 5382E94E1A61C78D36C77B4ABEA62F345C715FC60D8F3D35F29363BAB1DE10CC ] mvs91xx         C:\Windows\system32\DRIVERS\mvs91xx.sys
18:19:12.0212 0x1a18  mvs91xx - ok
18:19:12.0220 0x1a18  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
18:19:12.0227 0x1a18  napagent - ok
18:19:12.0233 0x1a18  [ 9FB2A095B1166CB3C9A06651863B3452, 808105C59C2D28C390FDE0CA48690A5CD052DE3D7F7327864EB45F80187D5BE9 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
18:19:12.0237 0x1a18  NativeWifiP - ok
18:19:12.0251 0x1a18  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
18:19:12.0262 0x1a18  NDIS - ok
18:19:12.0266 0x1a18  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
18:19:12.0266 0x1a18  NdisCap - ok
18:19:12.0268 0x1a18  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
18:19:12.0269 0x1a18  NdisTapi - ok
18:19:12.0271 0x1a18  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
18:19:12.0272 0x1a18  Ndisuio - ok
18:19:12.0276 0x1a18  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
18:19:12.0278 0x1a18  NdisWan - ok
18:19:12.0280 0x1a18  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
18:19:12.0281 0x1a18  NDProxy - ok
18:19:12.0285 0x1a18  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
18:19:12.0287 0x1a18  Net Driver HPZ12 - ok
18:19:12.0289 0x1a18  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
18:19:12.0290 0x1a18  NetBIOS - ok
18:19:12.0295 0x1a18  [ 734837208CAFD6E0959A7A0333C95C9D, 0B7CD6E3CE43ABE021DBE6516492E326265EC0273F2F4297187CE70602CB8CE1 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
18:19:12.0298 0x1a18  NetBT - ok
18:19:12.0300 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] Netlogon        C:\Windows\system32\lsass.exe
18:19:12.0301 0x1a18  Netlogon - ok
18:19:12.0309 0x1a18  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
18:19:12.0315 0x1a18  Netman - ok
18:19:12.0318 0x1a18  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:19:12.0320 0x1a18  NetMsmqActivator - ok
18:19:12.0323 0x1a18  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:19:12.0325 0x1a18  NetPipeActivator - ok
18:19:12.0333 0x1a18  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
18:19:12.0339 0x1a18  netprofm - ok
18:19:12.0343 0x1a18  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:19:12.0345 0x1a18  NetTcpActivator - ok
18:19:12.0347 0x1a18  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:19:12.0349 0x1a18  NetTcpPortSharing - ok
18:19:12.0351 0x1a18  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
18:19:12.0352 0x1a18  nfrd960 - ok
18:19:12.0358 0x1a18  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
18:19:12.0362 0x1a18  NlaSvc - ok
18:19:12.0365 0x1a18  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
18:19:12.0365 0x1a18  Npfs - ok
18:19:12.0370 0x1a18  [ 32E5012DECBBB556D98E4A019570A11B, AC8320143B8B5266349892CA203D2DD8AEE752BDAC9D657AE1685C2124E2B258 ] NPVR Recording Service C:\Program Files (x86)\NPVR\NRecord.exe
18:19:12.0370 0x1a18  NPVR Recording Service - ok
18:19:12.0373 0x1a18  [ 668B9EFF5CCA4542F435D2CD9CE3C778, 7409EF35D1DC0DE2BAB752694981FFA1F1855C7F11310366B80BD1EC3513262E ] nsi             C:\Windows\system32\nsisvc.dll
18:19:12.0374 0x1a18  nsi - ok
18:19:12.0376 0x1a18  [ BE313E566EEA2A4B7F9AAC9782A567D4, 377C624737B1A4FBC1DFF988F029B8ED9A368827C33A4FEEBA1B7937A87C2B47 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
18:19:12.0376 0x1a18  nsiproxy - ok
18:19:12.0400 0x1a18  [ 1065D9AFE491706EB00AD3CBB76C9E54, 7014029663FC61932EACC07682A66EE5483F11968EF58DE9766A9D77238C6812 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
18:19:12.0420 0x1a18  Ntfs - ok
18:19:12.0423 0x1a18  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
18:19:12.0423 0x1a18  Null - ok
18:19:12.0430 0x1a18  [ 6DD0B2337F74336EB1F83C3866538F9B, 9C05C63FCD8380F9F93140FB331C531D6F6DC6BAA9BF6FD918B984032A1531AA ] NVHDA           C:\Windows\system32\drivers\nvhda64v.sys
18:19:12.0433 0x1a18  NVHDA - ok
18:19:12.0649 0x1a18  [ 81AAC25D5AF2948D54EC05FDF782510E, FFCA587EC4E0CD481DDE3467E626551B40160BDF6D0DE925B5B7E8FEDE2D1674 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
18:19:12.0811 0x1a18  nvlddmkm - ok
18:19:12.0827 0x1a18  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
18:19:12.0829 0x1a18  nvraid - ok
18:19:12.0832 0x1a18  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
18:19:12.0835 0x1a18  nvstor - ok
18:19:12.0838 0x1a18  [ 33486D139DB345A3D3245C4B57FDADC7, B1DFB0210F264572B641D25D9A8C3E558ADBFA097713DCCCD8F8C328B6687EAA ] NvStreamKms     C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
18:19:12.0839 0x1a18  NvStreamKms - ok
18:19:12.0840 0x1a18  NvStreamNetworkSvc - ok
18:19:12.0841 0x1a18  NvStreamSvc - ok
18:19:12.0850 0x1a18  [ 64473C7916BAF33FE73F1A44C559E672, 033F37F4B91ACAB7569F5CBA5542D3CC063C030C751209CE7C468052476A9BF8 ] NvTelemetryContainer C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
18:19:12.0855 0x1a18  NvTelemetryContainer - ok
18:19:12.0858 0x1a18  [ 036A8C30C662397A2D882D9AFF99089F, C7AC0E6F7E3275890E36CA052C9DFF1D6D16D9F6102856D51AF088641C7B5709 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
18:19:12.0859 0x1a18  nvvad_WaveExtensible - ok
18:19:12.0862 0x1a18  [ F01458BBA7DF69FB543EE40B50F586CD, B5338B92B4ACE66951D73834EC3BC47F78267D2245958D7642A9B0A37F32A6E3 ] nvvhci          C:\Windows\system32\DRIVERS\nvvhci.sys
18:19:12.0863 0x1a18  nvvhci - ok
18:19:12.0866 0x1a18  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
18:19:12.0868 0x1a18  nv_agp - ok
18:19:12.0870 0x1a18  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
18:19:12.0871 0x1a18  ohci1394 - ok
18:19:12.0878 0x1a18  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
18:19:12.0882 0x1a18  p2pimsvc - ok
18:19:12.0890 0x1a18  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
18:19:12.0895 0x1a18  p2psvc - ok
18:19:12.0899 0x1a18  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
18:19:12.0900 0x1a18  Parport - ok
18:19:12.0903 0x1a18  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
18:19:12.0904 0x1a18  partmgr - ok
18:19:12.0908 0x1a18  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
18:19:12.0911 0x1a18  PcaSvc - ok
18:19:12.0915 0x1a18  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
18:19:12.0918 0x1a18  pci - ok
18:19:12.0920 0x1a18  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
18:19:12.0920 0x1a18  pciide - ok
18:19:12.0925 0x1a18  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
18:19:12.0928 0x1a18  pcmcia - ok
18:19:12.0931 0x1a18  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
18:19:12.0931 0x1a18  pcw - ok
18:19:12.0941 0x1a18  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
18:19:12.0949 0x1a18  PEAUTH - ok
18:19:12.0971 0x1a18  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
18:19:12.0972 0x1a18  PerfHost - ok
18:19:12.0994 0x1a18  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
18:19:13.0011 0x1a18  pla - ok
18:19:13.0020 0x1a18  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
18:19:13.0025 0x1a18  PlugPlay - ok
18:19:13.0028 0x1a18  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
18:19:13.0029 0x1a18  Pml Driver HPZ12 - ok
18:19:13.0032 0x1a18  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
18:19:13.0033 0x1a18  PNRPAutoReg - ok
18:19:13.0039 0x1a18  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
18:19:13.0042 0x1a18  PNRPsvc - ok
18:19:13.0051 0x1a18  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
18:19:13.0057 0x1a18  PolicyAgent - ok
18:19:13.0062 0x1a18  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
18:19:13.0065 0x1a18  Power - ok
18:19:13.0068 0x1a18  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
18:19:13.0070 0x1a18  PptpMiniport - ok
18:19:13.0072 0x1a18  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
18:19:13.0073 0x1a18  Processor - ok
18:19:13.0078 0x1a18  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
18:19:13.0081 0x1a18  ProfSvc - ok
18:19:13.0083 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:19:13.0083 0x1a18  ProtectedStorage - ok
18:19:13.0087 0x1a18  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
18:19:13.0088 0x1a18  Psched - ok
18:19:13.0109 0x1a18  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
18:19:13.0127 0x1a18  ql2300 - ok
18:19:13.0132 0x1a18  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
18:19:13.0134 0x1a18  ql40xx - ok
18:19:13.0138 0x1a18  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
18:19:13.0142 0x1a18  QWAVE - ok
18:19:13.0144 0x1a18  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
18:19:13.0145 0x1a18  QWAVEdrv - ok
18:19:13.0147 0x1a18  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
18:19:13.0148 0x1a18  RasAcd - ok
18:19:13.0150 0x1a18  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
18:19:13.0151 0x1a18  RasAgileVpn - ok
18:19:13.0154 0x1a18  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
18:19:13.0156 0x1a18  RasAuto - ok
18:19:13.0159 0x1a18  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
18:19:13.0161 0x1a18  Rasl2tp - ok
18:19:13.0167 0x1a18  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
18:19:13.0172 0x1a18  RasMan - ok
18:19:13.0175 0x1a18  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
18:19:13.0176 0x1a18  RasPppoe - ok
18:19:13.0179 0x1a18  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
18:19:13.0180 0x1a18  RasSstp - ok
18:19:13.0186 0x1a18  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
18:19:13.0191 0x1a18  rdbss - ok
18:19:13.0193 0x1a18  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
18:19:13.0194 0x1a18  rdpbus - ok
18:19:13.0196 0x1a18  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
18:19:13.0196 0x1a18  RDPCDD - ok
18:19:13.0199 0x1a18  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
18:19:13.0199 0x1a18  RDPENCDD - ok
18:19:13.0201 0x1a18  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
18:19:13.0201 0x1a18  RDPREFMP - ok
18:19:13.0205 0x1a18  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
18:19:13.0206 0x1a18  RdpVideoMiniport - ok
18:19:13.0210 0x1a18  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
18:19:13.0213 0x1a18  RDPWD - ok
18:19:13.0217 0x1a18  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
18:19:13.0220 0x1a18  rdyboost - ok
18:19:13.0223 0x1a18  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
18:19:13.0225 0x1a18  RemoteAccess - ok
18:19:13.0228 0x1a18  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
18:19:13.0231 0x1a18  RemoteRegistry - ok
18:19:13.0233 0x1a18  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
18:19:13.0235 0x1a18  RpcEptMapper - ok
18:19:13.0237 0x1a18  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
18:19:13.0237 0x1a18  RpcLocator - ok
18:19:13.0238 0x1a18  [ 3F1A199859B4F3F8357B2A0AF5666A54, B0ACE9384088B7D0E54CF82BF48D4FEAA518BDEF98A294BA8F5A37DFF0E45328 ] RpcSs           C:\Windows\system32\rpcss.dll
18:19:13.0248 0x1a18  RpcSs - ok
18:19:13.0248 0x1a18  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
18:19:13.0248 0x1a18  rspndr - ok
18:19:13.0258 0x1a18  [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
18:19:13.0268 0x1a18  RTL8167 - ok
18:19:13.0268 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] SamSs           C:\Windows\system32\lsass.exe
18:19:13.0268 0x1a18  SamSs - ok
18:19:13.0268 0x1a18  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
18:19:13.0278 0x1a18  sbp2port - ok
18:19:13.0278 0x1a18  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
18:19:13.0278 0x1a18  SCardSvr - ok
18:19:13.0278 0x1a18  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
18:19:13.0278 0x1a18  scfilter - ok
18:19:13.0299 0x1a18  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
18:19:13.0309 0x1a18  Schedule - ok
18:19:13.0319 0x1a18  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
18:19:13.0319 0x1a18  SCPolicySvc - ok
18:19:13.0319 0x1a18  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
18:19:13.0319 0x1a18  SDRSVC - ok
18:19:13.0329 0x1a18  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
18:19:13.0329 0x1a18  secdrv - ok
18:19:13.0329 0x1a18  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
18:19:13.0329 0x1a18  seclogon - ok
18:19:13.0329 0x1a18  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
18:19:13.0329 0x1a18  SENS - ok
18:19:13.0329 0x1a18  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
18:19:13.0339 0x1a18  SensrSvc - ok
18:19:13.0339 0x1a18  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
18:19:13.0339 0x1a18  Serenum - ok
18:19:13.0339 0x1a18  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
18:19:13.0339 0x1a18  Serial - ok
18:19:13.0339 0x1a18  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
18:19:13.0339 0x1a18  sermouse - ok
18:19:13.0349 0x1a18  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
18:19:13.0349 0x1a18  SessionEnv - ok
18:19:13.0349 0x1a18  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
18:19:13.0349 0x1a18  sffdisk - ok
18:19:13.0349 0x1a18  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
18:19:13.0359 0x1a18  sffp_mmc - ok
18:19:13.0359 0x1a18  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
18:19:13.0359 0x1a18  sffp_sd - ok
18:19:13.0359 0x1a18  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
18:19:13.0359 0x1a18  sfloppy - ok
18:19:13.0369 0x1a18  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
18:19:13.0369 0x1a18  SharedAccess - ok
18:19:13.0379 0x1a18  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:19:13.0379 0x1a18  ShellHWDetection - ok
18:19:13.0389 0x1a18  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
18:19:13.0389 0x1a18  SiSRaid2 - ok
18:19:13.0389 0x1a18  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
18:19:13.0389 0x1a18  SiSRaid4 - ok
18:19:13.0389 0x1a18  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
18:19:13.0389 0x1a18  Smb - ok
18:19:13.0399 0x1a18  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
18:19:13.0399 0x1a18  SNMPTRAP - ok
18:19:13.0399 0x1a18  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
18:19:13.0399 0x1a18  spldr - ok
18:19:13.0409 0x1a18  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
18:19:13.0419 0x1a18  Spooler - ok
18:19:13.0469 0x1a18  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
18:19:13.0509 0x1a18  sppsvc - ok
18:19:13.0519 0x1a18  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
18:19:13.0519 0x1a18  sppuinotify - ok
18:19:13.0529 0x1a18  [ 72E6A150A8C8530B201832D1C801CDE6, EFBDD5D1FB924979E63D829A6970CB5552A746BEBB7C4D41066684CA16A374E0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
18:19:13.0529 0x1a18  srv - ok
18:19:13.0539 0x1a18  [ C4F67ABCC5033D334613F28F9E782809, A19E32E2EF790E88E7013C298AF0A34A9957A7CE55DF19FBD7BDF688D3767BA5 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
18:19:13.0549 0x1a18  srv2 - ok
18:19:13.0549 0x1a18  [ C53CB62B0E57488AAE41FDA0FF8A0AB9, 93614C72C578E348B66690585F8AC2B53C0C19D2C96AAD3E776D3389CA5E43B6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
18:19:13.0549 0x1a18  srvnet - ok
18:19:13.0559 0x1a18  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
18:19:13.0559 0x1a18  SSDPSRV - ok
18:19:13.0559 0x1a18  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
18:19:13.0559 0x1a18  SstpSvc - ok
18:19:13.0589 0x1a18  [ F71CA689063E1A15A44268A6B42E3164, FF3B38035A3F3E547CA6B88AEB790DCAFFFBF93A6DB8AEA9B9DC17E77642B165 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
18:19:13.0599 0x1a18  Steam Client Service - ok
18:19:13.0609 0x1a18  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
18:19:13.0609 0x1a18  stexstor - ok
18:19:13.0609 0x1a18  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
18:19:13.0609 0x1a18  StillCam - ok
18:19:13.0619 0x1a18  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
18:19:13.0629 0x1a18  stisvc - ok
18:19:13.0629 0x1a18  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
18:19:13.0629 0x1a18  swenum - ok
18:19:13.0639 0x1a18  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
18:19:13.0649 0x1a18  swprv - ok
18:19:13.0669 0x1a18  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
18:19:13.0689 0x1a18  SysMain - ok
18:19:13.0699 0x1a18  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:19:13.0699 0x1a18  TabletInputService - ok
18:19:13.0699 0x1a18  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
18:19:13.0699 0x1a18  tap0901 - ok
18:19:13.0709 0x1a18  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
18:19:13.0709 0x1a18  TapiSrv - ok
18:19:13.0739 0x1a18  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
18:19:13.0759 0x1a18  Tcpip - ok
18:19:13.0779 0x1a18  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
18:19:13.0799 0x1a18  TCPIP6 - ok
18:19:13.0809 0x1a18  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
18:19:13.0809 0x1a18  tcpipreg - ok
18:19:13.0809 0x1a18  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
18:19:13.0809 0x1a18  TDPIPE - ok
18:19:13.0809 0x1a18  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
18:19:13.0809 0x1a18  TDTCP - ok
18:19:13.0819 0x1a18  [ 4DD986720F7CB7A8A5D1226793097B9A, 9020375B45E9C966BF44CF425C127D7E0EC82EB99C7047F225C25402FF97743D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
18:19:13.0819 0x1a18  tdx - ok
18:19:13.0819 0x1a18  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
18:19:13.0819 0x1a18  TermDD - ok
18:19:13.0829 0x1a18  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
18:19:13.0839 0x1a18  TermService - ok
18:19:13.0839 0x1a18  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
18:19:13.0839 0x1a18  Themes - ok
18:19:13.0849 0x1a18  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
18:19:13.0849 0x1a18  THREADORDER - ok
18:19:13.0849 0x1a18  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
18:19:13.0849 0x1a18  TrkWks - ok
18:19:13.0859 0x1a18  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:19:13.0859 0x1a18  TrustedInstaller - ok
18:19:13.0859 0x1a18  [ 2CF58216424757ED29605B4F18EC443C, 9D523FC075F7F41A17F60617670A976A8F2F2943444515DC3834720BDC37DFA0 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
18:19:13.0859 0x1a18  tssecsrv - ok
18:19:13.0869 0x1a18  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
18:19:13.0869 0x1a18  TsUsbFlt - ok
18:19:13.0869 0x1a18  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
18:19:13.0869 0x1a18  TsUsbGD - ok
18:19:13.0869 0x1a18  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
18:19:13.0879 0x1a18  tunnel - ok
18:19:13.0879 0x1a18  TVService - ok
18:19:13.0879 0x1a18  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
18:19:13.0879 0x1a18  uagp35 - ok
18:19:13.0889 0x1a18  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
18:19:13.0889 0x1a18  udfs - ok
18:19:13.0899 0x1a18  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
18:19:13.0899 0x1a18  UI0Detect - ok
18:19:13.0899 0x1a18  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
18:19:13.0899 0x1a18  uliagpkx - ok
18:19:13.0899 0x1a18  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
18:19:13.0899 0x1a18  umbus - ok
18:19:13.0899 0x1a18  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
18:19:13.0909 0x1a18  UmPass - ok
18:19:13.0909 0x1a18  [ F8626F1D56FA417C3B4AB6114D8471D5, C8AC74A6B0395A2C317F4600630B47D433CF483F7E516EF7356084DA1E8C3275 ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
18:19:13.0919 0x1a18  UNS - ok
18:19:13.0919 0x1a18  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
18:19:13.0929 0x1a18  upnphost - ok
18:19:13.0929 0x1a18  [ 9E68E917FB4B5C983438969643F53BEF, 7148BF1E7AFAFA025A51AA9A26B90ED85328B41C7F7791CB3460D9CF53245985 ] usbccgp         C:\Windows\system32\drivers\usbccgp.sys
18:19:13.0929 0x1a18  usbccgp - ok
18:19:13.0939 0x1a18  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
18:19:13.0939 0x1a18  usbcir - ok
18:19:13.0939 0x1a18  [ 3F9D3902CE931E2A28DD8452AE915B67, C8BF042DD84FB2E3AE7FCDBA65923611FCBDAFD6410E42A5E58F8995D99AE16C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
18:19:13.0939 0x1a18  usbehci - ok
18:19:13.0949 0x1a18  [ 86B65EEBC03B936DE8B26E5A18D98FA2, 2981CF5A0FB6B6FE0A38363EA4804DB743C45E3E6E72DC3A2260F583377717C8 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
18:19:13.0959 0x1a18  usbhub - ok
18:19:13.0959 0x1a18  [ 099C2931C6F73EB1B9E13C560F61B50D, 83B64A52173243526E380C8FA0D913C7B07C2AF1806ECC4EC0D0B5523A7CBFAA ] usbohci         C:\Windows\system32\drivers\usbohci.sys
18:19:13.0959 0x1a18  usbohci - ok
18:19:13.0959 0x1a18  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
18:19:13.0959 0x1a18  usbprint - ok
18:19:13.0969 0x1a18  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:19:13.0969 0x1a18  USBSTOR - ok
18:19:13.0969 0x1a18  [ 5D7651347C7D702F4A5DE53603DC024F, F55532D13AB2FF6D4B6058113AF2710AC5C87059C9000942CF517198BABCD6F5 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
18:19:13.0969 0x1a18  usbuhci - ok
18:19:13.0969 0x1a18  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
18:19:13.0969 0x1a18  UxSms - ok
18:19:13.0979 0x1a18  [ 62056ADD38513A86C4866E912371B56B, 9465E65EB4303BF87483B9621D402E848A50E6D22B05846A621A2761B9516A57 ] VaultSvc        C:\Windows\system32\lsass.exe
18:19:13.0979 0x1a18  VaultSvc - ok
18:19:13.0979 0x1a18  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
18:19:13.0979 0x1a18  vdrvroot - ok
18:19:13.0989 0x1a18  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
18:19:13.0989 0x1a18  vds - ok
18:19:13.0999 0x1a18  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
18:19:13.0999 0x1a18  vga - ok
18:19:13.0999 0x1a18  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
18:19:13.0999 0x1a18  VgaSave - ok
18:19:13.0999 0x1a18  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
18:19:14.0009 0x1a18  vhdmp - ok
18:19:14.0009 0x1a18  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
18:19:14.0009 0x1a18  viaide - ok
18:19:14.0009 0x1a18  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
18:19:14.0009 0x1a18  volmgr - ok
18:19:14.0019 0x1a18  [ 85C5468BC395819AE2A0C747334BA14C, 75EB4751F90F3347229442A5622539383CE0B1834EE7B995260D0D433BA2E25F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
18:19:14.0019 0x1a18  volmgrx - ok
18:19:14.0029 0x1a18  [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap         C:\Windows\system32\drivers\volsnap.sys
18:19:14.0029 0x1a18  volsnap - ok
18:19:14.0039 0x1a18  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
18:19:14.0039 0x1a18  vsmraid - ok
18:19:14.0059 0x1a18  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
18:19:14.0079 0x1a18  VSS - ok
18:19:14.0079 0x1a18  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
18:19:14.0089 0x1a18  vwifibus - ok
18:19:14.0089 0x1a18  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
18:19:14.0099 0x1a18  W32Time - ok
18:19:14.0099 0x1a18  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
18:19:14.0099 0x1a18  WacomPen - ok
18:19:14.0099 0x1a18  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
18:19:14.0099 0x1a18  WANARP - ok
18:19:14.0109 0x1a18  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
18:19:14.0109 0x1a18  Wanarpv6 - ok
18:19:14.0119 0x1a18  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
18:19:14.0139 0x1a18  WatAdminSvc - ok
18:19:14.0159 0x1a18  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
18:19:14.0179 0x1a18  wbengine - ok
18:19:14.0189 0x1a18  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
18:19:14.0189 0x1a18  WbioSrvc - ok
18:19:14.0189 0x1a18  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
18:19:14.0199 0x1a18  wcncsvc - ok
18:19:14.0199 0x1a18  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:19:14.0199 0x1a18  WcsPlugInService - ok
18:19:14.0199 0x1a18  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
18:19:14.0209 0x1a18  Wd - ok
18:19:14.0209 0x1a18  [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM         C:\Windows\system32\DRIVERS\wdcsam64.sys
18:19:14.0209 0x1a18  WDC_SAM - ok
18:19:14.0219 0x1a18  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
18:19:14.0229 0x1a18  Wdf01000 - ok
18:19:14.0229 0x1a18  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
18:19:14.0229 0x1a18  WdiServiceHost - ok
18:19:14.0239 0x1a18  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
18:19:14.0239 0x1a18  WdiSystemHost - ok
18:19:14.0239 0x1a18  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
18:19:14.0249 0x1a18  WebClient - ok
18:19:14.0249 0x1a18  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
18:19:14.0249 0x1a18  Wecsvc - ok
18:19:14.0259 0x1a18  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
18:19:14.0259 0x1a18  wercplsupport - ok
18:19:14.0259 0x1a18  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
18:19:14.0259 0x1a18  WerSvc - ok
18:19:14.0259 0x1a18  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
18:19:14.0259 0x1a18  WfpLwf - ok
18:19:14.0269 0x1a18  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
18:19:14.0269 0x1a18  WIMMount - ok
18:19:14.0269 0x1a18  WinDefend - ok
18:19:14.0269 0x1a18  WinHttpAutoProxySvc - ok
18:19:14.0279 0x1a18  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
18:19:14.0279 0x1a18  Winmgmt - ok
18:19:14.0309 0x1a18  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
18:19:14.0329 0x1a18  WinRM - ok
18:19:14.0339 0x1a18  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
18:19:14.0339 0x1a18  WinUsb - ok
18:19:14.0349 0x1a18  [ 4B7912EB80820EAC543EE54806EFCAF0, 4D9186F9FE80F03C85C4DC73342EE5870DF1021BD29974BE33557CEA0D524667 ] Wlansvc         C:\Windows\System32\wlansvc.dll
18:19:14.0359 0x1a18  Wlansvc - ok
18:19:14.0389 0x1a18  [ 98F138897EF4246381D197CB81846D62, A9FA88475AFBB8883297708608EC7C1AC29F229C3299A84D557172604813A18C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:19:14.0419 0x1a18  wlidsvc - ok
18:19:14.0419 0x1a18  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
18:19:14.0419 0x1a18  WmiAcpi - ok
18:19:14.0429 0x1a18  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
18:19:14.0429 0x1a18  wmiApSrv - ok
18:19:14.0429 0x1a18  WMPNetworkSvc - ok
18:19:14.0439 0x1a18  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
18:19:14.0439 0x1a18  WPCSvc - ok
18:19:14.0439 0x1a18  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
18:19:14.0439 0x1a18  WPDBusEnum - ok
18:19:14.0439 0x1a18  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
18:19:14.0439 0x1a18  ws2ifsl - ok
18:19:14.0449 0x1a18  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
18:19:14.0449 0x1a18  wscsvc - ok
18:19:14.0449 0x1a18  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
18:19:14.0449 0x1a18  WSDPrintDevice - ok
18:19:14.0449 0x1a18  WSearch - ok
18:19:14.0489 0x1a18  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv        C:\Windows\system32\wuaueng.dll
18:19:14.0519 0x1a18  wuauserv - ok
18:19:14.0519 0x1a18  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
18:19:14.0519 0x1a18  WudfPf - ok
18:19:14.0529 0x1a18  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
18:19:14.0529 0x1a18  WUDFRd - ok
18:19:14.0529 0x1a18  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
18:19:14.0539 0x1a18  wudfsvc - ok
18:19:14.0539 0x1a18  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
18:19:14.0539 0x1a18  WwanSvc - ok
18:19:14.0549 0x1a18  ================ Scan global ===============================
18:19:14.0549 0x1a18  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
18:19:14.0549 0x1a18  [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll
18:19:14.0559 0x1a18  [ 66A8A9412337B08E1735204B8ADEE58C, 766429FBB014A9CA6AEFD39579C3F33625335A3DFD88AB324E4534978695B887 ] C:\Windows\system32\winsrv.dll
18:19:14.0559 0x1a18  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:19:14.0569 0x1a18  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
18:19:14.0569 0x1a18  [ Global ] - ok
18:19:14.0569 0x1a18  ================ Scan MBR ==================================
18:19:14.0569 0x1a18  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:19:14.0629 0x1a18  \Device\Harddisk0\DR0 - ok
18:19:14.0669 0x1a18  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
18:19:14.0679 0x1a18  \Device\Harddisk1\DR1 - ok
18:19:14.0679 0x1a18  ================ Scan VBR ==================================
18:19:14.0679 0x1a18  [ 12E86A02D9300F95DC07B3FCB85CF688 ] \Device\Harddisk0\DR0\Partition1
18:19:14.0679 0x1a18  \Device\Harddisk0\DR0\Partition1 - ok
18:19:14.0679 0x1a18  [ 6767B439328169E1BD686C8849E04588 ] \Device\Harddisk0\DR0\Partition2
18:19:14.0689 0x1a18  \Device\Harddisk0\DR0\Partition2 - ok
18:19:14.0689 0x1a18  [ 6F147AF4F87319B95AB5F84FE25A8CAF ] \Device\Harddisk1\DR1\Partition1
18:19:14.0689 0x1a18  \Device\Harddisk1\DR1\Partition1 - ok
18:19:14.0689 0x1a18  ================ Scan generic autorun ======================
18:19:14.0769 0x1a18  [ C3803F8E0FC107EFC1F9DE4FB7B7D797, 2D78DE29F4791FCF9A5B358F8266A0E64338B84B95E695EAF1CE958676EEEEB6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
18:19:14.0839 0x1a18  RTHDVCPL - ok
18:19:14.0899 0x1a18  WindowsLogonMgr - ok
18:19:14.0909 0x1a18  [ 5514B64F7F2D25E09E2FDAF5D62B688C, 43263715ADC49250762A01E41DB2832C6A8B63CE4F66CDD8FC0B51DCA031DF27 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe
18:19:14.0910 0x1a18  IAStorIcon - ok
18:19:14.0911 0x1a18  [ 4D1DA8CE5E364D22B4FF00F163194514, 165DE474309206A0F51266F19EDB4AF3D7BAD19FDA61B636AEE7A04278DBBC2C ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
18:19:14.0911 0x1a18  USB3MON - ok
18:19:14.0921 0x1a18  [ F8B91C91225E5CAA2B2F0370201021C0, 5EF4546D723EFAA97921CFF273FECD78AF9B7740359A5F80375A4272C3D2E7C5 ] C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe
18:19:14.0921 0x1a18  Microsoft Default Manager - ok
18:19:14.0931 0x1a18  [ AC581685C4CC890B42E9E9700014543D, 642DEB7AF6576D07C8D8019135338E4B45B2B17329BF376C4605E912F0CBD034 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:19:14.0941 0x1a18  SunJavaUpdateSched - ok
18:19:14.0961 0x1a18  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:14.0971 0x1a18  Sidebar - ok
18:19:14.0991 0x1a18  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:14.0991 0x1a18  mctadmin - ok
18:19:15.0011 0x1a18  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:19:15.0021 0x1a18  Sidebar - ok
18:19:15.0021 0x1a18  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:19:15.0021 0x1a18  mctadmin - ok
18:19:15.0041 0x1a18  [ 31D7429BDAA54C12A75536DC0D99064A, 67EFA4C63E394E7B3DFC412610A5201351C96EFA0AA3CFD3FC8D8DC149753511 ] C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe
18:19:15.0061 0x1a18  DVDFab Passkey - ok
18:19:15.0071 0x1a18  [ 31D7429BDAA54C12A75536DC0D99064A, 67EFA4C63E394E7B3DFC412610A5201351C96EFA0AA3CFD3FC8D8DC149753511 ] C:\Program Files (x86)\DVDFab Passkey\DVDFabPasskey.exe
18:19:15.0091 0x1a18  DVDFab Passkey - ok
18:19:15.0091 0x1a18  Waiting for KSN requests completion. In queue: 81
18:19:16.0105 0x1a18  Win FW state via NFP2: disabled ( trusted )
18:19:16.0710 0x1a18  ============================================================
18:19:16.0710 0x1a18  Scan finished
18:19:16.0710 0x1a18  ============================================================
18:19:16.0714 0x07b0  Detected object count: 0
18:19:16.0714 0x07b0  Actual detected object count: 0
 
AdwCleaner
 
# AdwCleaner 7.0.7.0 - Logfile created on Sun Jan 21 23:22:09 2018
# Updated on 2018/18/01 by Malwarebytes 
# Database: 01-16-2018.1
# Running on Windows 7 Home Premium (X64)
# Mode: scan
 
***** [ Services ] *****
 
No malicious services found.
 
***** [ Folders ] *****
 
PUP.Optional.Spigot.Generic, C:\Program Files (x86)\Coupons
Adware.Yelloader, C:\Users\FAMILY-TV\AppData\Roaming\notepad3k
Adware.Yelloader, C:\Users\FAMILY-TV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\notepad3k
 
 
***** [ Files ] *****
 
No malicious files found.
 
***** [ DLL ] *****
 
No malicious DLLs found.
 
***** [ WMI ] *****
 
No malicious WMI found.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts found.
 
***** [ Tasks ] *****
 
No malicious tasks found.
 
***** [ Registry ] *****
 
PUP.Optional.Legacy, [Key] - HKU\S-1-5-21-1609475732-2535970459-3001715950-1000\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKCU\Software\APN PIP
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\PIP
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{A07E5BFF-B16C-4ABA-A30F-514213A945E6}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{D879A501-50A7-BEFC-A4C5-32DC6E0CB208}
PUP.Optional.BrowseFox.A, [Key] - HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries.
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1534 B] - [2018/1/18 1:38:32]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt ##########
 
ESET OnlineScan:
 
C:\Program Files (x86)\uTorrent\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application
C:\Users\Admin\Downloads\passkey-for-dvd-8102_crack\setup.exe a variant of Win32/OutBrowse.AJ potentially unwanted application
C:\Users\FAMILY-TV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4PBLTUYY\cpSetup[1].exe a variant of Win32/Kryptik.FZVG trojan
C:\Users\FAMILY-TV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4PBLTUYY\index[3].htm JS/Exploit.Agent.NLF trojan
C:\Users\FAMILY-TV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GB2MUG89\5a5fa92907abf_ua[1].exe Win32/Downloader.Agent.BH potentially unwanted application
C:\Users\FAMILY-TV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J0VY2F2M\setup6-142[1].exe a variant of MSIL/Yelloader.H potentially unwanted application
C:\Users\FAMILY-TV\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WA11EVEC\index[9].htm JS/Exploit.Agent.NLG trojan
C:\Users\FAMILY-TV\AppData\Local\Temp\screen.exe a variant of Win32/TrojanDropper.Autoit.OD trojan
C:\Users\FAMILY-TV\AppData\Local\Temp\1D7AD5FC-7CCF-447E-969C-D6EDB2C87185\ScreenTouchSetup.exe a variant of Win32/TrojanDropper.Autoit.OD trojan
C:\Users\FAMILY-TV\AppData\Local\Temp\57BC3CC7-F28D-4847-A66D-03205436310C\yt-convE.exe a variant of Generik.KYUZSLL trojan
C:\Windows\sysde32.exe NSIS/TrojanDownloader.Agent.NWV trojan
D:\$RECYCLE.BIN\S-1-5-21-1609475732-2535970459-3001715950-1001\$R6E4HGK\Planescape_ Torment - Enhanced Edition (PC).exe NSIS/TrojanDownloader.Adload.R trojan
D:\FAMily PC D drive\Downloads\SetupImgBurn_2.5.6.0.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application,Win32/Bundled.Toolbar.Ask potentially unsafe application
D:\FAMily PC D drive\Downloads\Drivers & Firmware\PS_AIO_07_D110_USW_Full_Win_enu_140_126.exe a variant of Win32/Adware.Coupons.AA application
D:\FAMily PC D drive\Registrations\hwmonitor_1.19-setup.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
D:\FAMily PC D drive\Torrents Downloads\IsoBuster Pro 3.1 Build 3.1.0.1 Final Incl Serials - PNS\isobuster_all_lang.exe a variant of Win32/Toolbar.Conduit.AU potentially unwanted application,a variant of Win32/SmartFileAdvisor.A potentially unwanted application
D:\Programs\cpu-z_1.60-setup-en.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
D:\Programs\hwmonitor_1.19-setup.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application,a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
D:\Torrent downloads\DVDFab Passkey v8.0.9.9 Incl Patch - [MUMBAI]\Patch\Patch-BBB v.0.8 Final.exe a variant of MSIL/Packed.FishNet.A suspicious application
D:\Users\Family-TV\Desktop\suspct file\Planescape_ Torment - Enhanced Edition (PC)\Planescape_ Torment - Enhanced Edition (PC).exe NSIS/TrojanDownloader.Adload.R trojan
Autostart locations a variant of Win32/Bunndle potentially unsafe application
 


#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 PM

Posted 22 January 2018 - 09:54 AM

You were pretty infected


Rerun ADWcleaer and remove what it found. Restart system an see how it is.

Please download AdwCleaner by Xplode and save to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8/10 users right-click and select Run As Administrator
  • The tool will start to update the database if one is required.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Logfile button.
  • A window will open which lists the logs of your scans.
  • Click on the Scan tab.
  • Double-click the most recent scan which will be at the top of the list....the log will appear.
  • Review the results...see note below
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[CX].txt) will open automatically (where the largest value of X represents the most recent report).
  • To open a Cleaning log, launch AdwCleaner, click on the Logfile button, click on the Cleaning tab and double-click the log at the top of the list.
  • Copy and paste the contents of AdwCleaner[CX].txt in your next reply.
  • A copy of all logfiles are saved to C:\AdwCleaner.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name or entry that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on and uncheck any items you want to keep.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 Njals

Njals
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 22 January 2018 - 02:59 PM

# AdwCleaner 7.0.7.0 - Logfile created on Mon Jan 22 19:56:15 2018
# Updated on 2018/18/01 by Malwarebytes 
# Running on Unknown (X64)
# Mode: clean
 
***** [ Services ] *****
 
No malicious services deleted.
 
***** [ Folders ] *****
 
Deleted: C:\Program Files (x86)\Coupons
Deleted: C:\Users\FAMILY-TV\AppData\Roaming\notepad3k
Deleted: C:\Users\FAMILY-TV\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\notepad3k
 
 
***** [ Files ] *****
 
No malicious files deleted.
 
***** [ DLL ] *****
 
No malicious DLLs cleaned.
 
***** [ WMI ] *****
 
No malicious WMI cleaned.
 
***** [ Shortcuts ] *****
 
No malicious shortcuts cleaned.
 
***** [ Tasks ] *****
 
No malicious tasks deleted.
 
***** [ Registry ] *****
 
Deleted: [Key] - HKCU\Software\Optimizer Pro
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Deleted: [Key] - HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Deleted: [Key] - HKCU\Software\notepad3k
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\notepad3k
 
 
***** [ Firefox (and derivatives) ] *****
 
No malicious Firefox entries deleted.
 
***** [ Chromium (and derivatives) ] *****
 
No malicious Chromium entries deleted.
 
*************************
 
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
 
 
 
*************************
 
C:/AdwCleaner/AdwCleaner[S0].txt - [1534 B] - [2018/1/18 1:38:32]
C:/AdwCleaner/AdwCleaner[S1].txt - [1677 B] - [2018/1/21 23:22:9]
C:/AdwCleaner/AdwCleaner[S2].txt - [1744 B] - [2018/1/22 1:31:17]
C:/AdwCleaner/AdwCleaner[S3].txt - [1735 B] - [2018/1/22 19:52:2]
 
 
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########


#7 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 PM

Posted 22 January 2018 - 04:07 PM

Restart ? How is it?
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#8 Njals

Njals
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 22 January 2018 - 05:59 PM

Appears to running much smoother, especially through the restart cycle.  



#9 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 PM

Posted 23 January 2018 - 09:03 AM

Glad to hear it!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#10 Njals

Njals
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:03:42 PM

Posted 23 January 2018 - 03:31 PM

Thank you for your time and help, can I make a donation for your efforts?



#11 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:42 PM

Posted 23 January 2018 - 04:57 PM

Thank you .. may I suggest this person as they got hammered by those hurricanes.
https://www.bleepingcomputer.com/forums/u/220281/gringo-pr/
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users