Help Needed

Peekabooboo · Mar 17, 2015

Tech Support Guy System Info Utility version 1.0.0.2
OS Version: Microsoft Windows 8.1, 64 bit
Processor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz, Intel64 Family 6 Model 60 Stepping 3
Processor Count: 8
RAM: 8073 Mb
Graphics Card: Intel(R) HD Graphics 4600, 1024 Mb
Hard Drives: C: Total - 708223 MB, Free - 544844 MB;
Motherboard: Alienware, 068R5X
Antivirus: Webroot SecureAnywhere, Updated and Enabled

I had to reinstall windows (couldn't do security updates. lots of crashes and malware discovered as tip of iceberg) but this ******* came back. In the end it seemed to be in Explorer.exe, Nvidia, and alienware mouse drivers and Onedrive. Roguekiller always finds stuff, as did does Adware Removal etc.

I'll include some logs from the standard tools, Farbar etc.

Thanks. I'm at the end of my rope having had to go through all those damn windows updates etc.

Peekabooboo · Mar 20, 2015

Bump. Thanks.

dbreeze · Mar 23, 2015

Hi peekabooboo,

Welcome to Tech Support Guy. My name is dbreeze and I'll be helping you with this problem. Before I get into the removal of malware / correction of your problem, I need you to be aware of the following:

Please read all of my response through at least once before attempting to follow the procedures described.I would recommend printing them out, if you can, as you can check off each step as you complete it. Also, as some of the cleaning may be done in Safe Mode and there will be no internet connection then, you will find that having the steps printed for reference speeds the cleaning process along. If there's anything you don't understand or isn't totally clear to you, please come back to me for clarification before you start those steps.
All of the assistants and staff at Tech Support Guy are here on a volunteer basis; please respect our time given to the cause of helping others.If you are going to be away for more than 4 days, please let me know here. (I will do the same for you.) We do realize that 'life happens' and situations arise unexpectedly; we just ask that you keep us up to date.
Malware removal is a complex, multiple step process; please stay with me on this thread (don't start another thread) until I declare that your logs are clean and you are good to go. The absence of apparent issues does not mean your system is clean; I will tell you when everything looks good for you to go and help you remove the tools we have used.
If any of the security programs on your system should give any warnings about the software tools I ask you to download and use, please do not be alarmed.All of the tools I will have you use are safe to use (as instructed) and malware free.
While we strive to disrupt your system as little as possible, things happen.If you can, it would be best to back up your personal files now (if you do not already have a backup). You can store these on a CD/DVD, USB drive or stick, anywhere but on your same system. This will save you from possible anguish later if something unforeseen happens.
Please do not run any other tools or scanners than what I ask you to.Some of the openly available software made for malware removal can make changes to your system that interfere with the cleaning of the malware, or even destroy your system. I will use only what the situation calls for and direct you in the proper use of that software.
Please do not attach any log files to your replies unless I specifically ask you.Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.

- Save ALL Tools to your Desktop-

All the tools that I will have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.

Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.

Google Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.

Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.

Mozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser.

Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.

Internet Explorer - Click the Tools menu in the upper right-corner of the browser.

Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.

Let's get started....

Download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Check the boxes beside Verify Driver Digital Signature and Detect TDLFS file system, then click OK.
Click the Start Scan button.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results and offer three (3) options.
Ensure Cure is selected, then click Continue => Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Peekabooboo · Mar 23, 2015

Thanks. No threats detected.

08:54:43.0715 0x137c TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
08:54:43.0715 0x137c UEFI system
08:54:47.0590 0x137c ============================================================
08:54:47.0590 0x137c Current date / time: 2015/03/23 08:54:47.0590
08:54:47.0590 0x137c SystemInfo:
08:54:47.0590 0x137c
08:54:47.0590 0x137c OS Version: 6.3.9600 ServicePack: 0.0
08:54:47.0590 0x137c Product type: Workstation
08:54:47.0590 0x137c ComputerName: MICHAELDORKEN
08:54:47.0590 0x137c UserName: Michael
08:54:47.0590 0x137c Windows directory: C:\WINDOWS
08:54:47.0590 0x137c System windows directory: C:\WINDOWS
08:54:47.0590 0x137c Running under WOW64
08:54:47.0590 0x137c Processor architecture: Intel x64
08:54:47.0590 0x137c Number of processors: 8
08:54:47.0590 0x137c Page size: 0x1000
08:54:47.0590 0x137c Boot type: Normal boot
08:54:47.0590 0x137c ============================================================
08:54:48.0403 0x137c KLMD registered as C:\WINDOWS\system32\drivers\62472149.sys
08:54:48.0934 0x137c System UUID: {04729597-75F1-56EA-3C4E-37F481CD3CA7}
08:54:49.0590 0x137c Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:54:49.0606 0x137c ============================================================
08:54:49.0606 0x137c \Device\Harddisk0\DR0:
08:54:49.0606 0x137c GPT partitions:
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {A0A1BC6B-BECD-40B2-A8DA-9A79941BA7EB}, Name: , StartLBA 0x22, BlocksNum 0x81FDE
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A7AEA444-A8E3-4F91-BB77-B79EAE23292C}, Name: Microsoft reserved partition, StartLBA 0x82000, BlocksNum 0x40000
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9A0EECED-6DD2-4823-9161-F86EA90D5825}, Name: , StartLBA 0xC2000, BlocksNum 0x56740000
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {1113CA67-2649-4CAF-B575-8BF25F64B47F}, Name: , StartLBA 0x56802000, BlocksNum 0xE1800
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A3AC0714-EB2A-4C6E-ADD6-92245C277AB8}, Name: Microsoft recovery partition, StartLBA 0x568E3800, BlocksNum 0xAA1000
08:54:49.0606 0x137c \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {B9F0F8EB-E2B5-49F7-BC86-4D37C85079F6}, Name: Microsoft recovery partition, StartLBA 0x57384800, BlocksNum 0x1C16F0
08:54:49.0606 0x137c MBR partitions:
08:54:49.0606 0x137c ============================================================
08:54:49.0653 0x137c C: <-> \Device\Harddisk0\DR0\Partition3
08:54:49.0653 0x137c ============================================================
08:54:49.0653 0x137c Initialize success
08:54:49.0653 0x137c ============================================================
08:54:58.0297 0x0f50 ============================================================
08:54:58.0297 0x0f50 Scan started
08:54:58.0297 0x0f50 Mode: Manual; SigCheck; TDLFS;
08:54:58.0297 0x0f50 ============================================================
08:54:58.0297 0x0f50 KSN ping started
08:55:00.0791 0x0f50 KSN ping finished: true
08:55:08.0321 0x0f50 ================ Scan system memory ========================
08:55:08.0321 0x0f50 System memory - ok
08:55:08.0321 0x0f50 ================ Scan services =============================
08:55:08.0789 0x0f50 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
08:55:09.0008 0x0f50 1394ohci - ok
08:55:09.0227 0x0f50 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
08:55:09.0305 0x0f50 3ware - ok
08:55:09.0367 0x0f50 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
08:55:09.0399 0x0f50 ACPI - ok
08:55:09.0477 0x0f50 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
08:55:09.0508 0x0f50 acpiex - ok
08:55:09.0524 0x0f50 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
08:55:09.0555 0x0f50 acpipagr - ok
08:55:09.0571 0x0f50 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
08:55:09.0758 0x0f50 AcpiPmi - ok
08:55:09.0789 0x0f50 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
08:55:09.0805 0x0f50 acpitime - ok
08:55:09.0883 0x0f50 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
08:55:09.0899 0x0f50 ADP80XX - ok
08:55:10.0008 0x0f50 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
08:55:10.0227 0x0f50 AeLookupSvc - ok
08:55:10.0321 0x0f50 [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
08:55:10.0336 0x0f50 AERTFilters - ok
08:55:10.0367 0x0f50 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys
08:55:10.0539 0x0f50 AFD - ok
08:55:10.0571 0x0f50 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
08:55:10.0571 0x0f50 agp440 - ok
08:55:10.0602 0x0f50 [ F0CB6DB513CAC393D04A0FCE0A59E1BF, E6EE159D0E6B1F666946B1FE421874044E89BB2EB60A521BAA111A1229FA7B2D ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
08:55:10.0664 0x0f50 ahcache - ok
08:55:10.0711 0x0f50 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\WINDOWS\System32\alg.exe
08:55:10.0805 0x0f50 ALG - ok
08:55:10.0852 0x0f50 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
08:55:10.0914 0x0f50 AmdK8 - ok
08:55:10.0946 0x0f50 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
08:55:10.0977 0x0f50 AmdPPM - ok
08:55:11.0008 0x0f50 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
08:55:11.0024 0x0f50 amdsata - ok
08:55:11.0086 0x0f50 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
08:55:11.0117 0x0f50 amdsbs - ok
08:55:11.0133 0x0f50 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
08:55:11.0149 0x0f50 amdxata - ok
08:55:11.0305 0x0f50 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\WINDOWS\system32\drivers\appid.sys
08:55:11.0416 0x0f50 AppID - ok
08:55:11.0479 0x0f50 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
08:55:11.0525 0x0f50 AppIDSvc - ok
08:55:11.0557 0x0f50 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\WINDOWS\System32\appinfo.dll
08:55:11.0619 0x0f50 Appinfo - ok
08:55:11.0697 0x0f50 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
08:55:11.0822 0x0f50 AppReadiness - ok
08:55:11.0979 0x0f50 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
08:55:12.0088 0x0f50 AppXSvc - ok
08:55:12.0119 0x0f50 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
08:55:12.0182 0x0f50 arcsas - ok
08:55:12.0182 0x0f50 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
08:55:12.0197 0x0f50 atapi - ok
08:55:12.0244 0x0f50 [ 8779FDAE68BC948B0FE152E758CC8DA7, 13070C2073F8E7546B48AE9CF54067B9BB75DFCD98F2987B90FFAD20D40D54CF ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
08:55:12.0369 0x0f50 AudioEndpointBuilder - ok
08:55:12.0463 0x0f50 [ 61EA45A645854FE81D8A924E2D93DFFE, 34F79532297F609CA93C380B68BB8B7B0F027F9C8F4FB8E02A9A43EA3D155F1B ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
08:55:12.0525 0x0f50 Audiosrv - ok
08:55:12.0572 0x0f50 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
08:55:12.0635 0x0f50 AxInstSV - ok
08:55:12.0650 0x0f50 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys
08:55:12.0666 0x0f50 b06bdrv - ok
08:55:12.0713 0x0f50 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
08:55:12.0744 0x0f50 BasicDisplay - ok
08:55:12.0760 0x0f50 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
08:55:12.0791 0x0f50 BasicRender - ok
08:55:12.0838 0x0f50 [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums C:\WINDOWS\system32\drivers\bcbtums.sys
08:55:12.0900 0x0f50 bcbtums - ok
08:55:13.0603 0x0f50 [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
08:55:13.0760 0x0f50 BCM43XX - ok
08:55:13.0916 0x0f50 [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport C:\WINDOWS\system32\BtwRSupportService.exe
08:55:13.0963 0x0f50 BcmBtRSupport - ok
08:55:14.0041 0x0f50 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
08:55:14.0057 0x0f50 bcmfn2 - ok
08:55:14.0197 0x0f50 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\WINDOWS\System32\bdesvc.dll
08:55:14.0354 0x0f50 BDESVC - ok
08:55:14.0400 0x0f50 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys
08:55:14.0729 0x0f50 Beep - ok
08:55:15.0041 0x0f50 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\WINDOWS\System32\bfe.dll
08:55:15.0291 0x0f50 BFE - ok
08:55:15.0369 0x0f50 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\WINDOWS\System32\qmgr.dll
08:55:15.0463 0x0f50 BITS - ok
08:55:15.0510 0x0f50 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
08:55:15.0572 0x0f50 bowser - ok
08:55:15.0619 0x0f50 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
08:55:15.0760 0x0f50 BrokerInfrastructure - ok
08:55:15.0791 0x0f50 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\WINDOWS\System32\browser.dll
08:55:15.0854 0x0f50 Browser - ok
08:55:15.0932 0x0f50 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
08:55:16.0197 0x0f50 BthAvrcpTg - ok
08:55:16.0260 0x0f50 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys
08:55:16.0457 0x0f50 BthEnum - ok
08:55:16.0488 0x0f50 [ 67343511D80BF3D6D9EEDB5BA8D0B06B, 28436B2E62762686C4FF4FA3F9E7ABB56DA9D6884B6C924ACC544161400593DD ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
08:55:16.0644 0x0f50 BthHFEnum - ok
08:55:16.0675 0x0f50 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
08:55:16.0722 0x0f50 bthhfhid - ok
08:55:16.0785 0x0f50 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll
08:55:16.0832 0x0f50 BthHFSrv - ok
08:55:16.0847 0x0f50 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
08:55:16.0910 0x0f50 BthLEEnum - ok
08:55:16.0925 0x0f50 [ EF4B9E7C9AD88C00C18A12B0D22D1894, 672537E75201E690D86CD65252B8AEF887C76EBD37AB0C419462D69164B350CC ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
08:55:17.0082 0x0f50 BTHMODEM - ok
08:55:17.0113 0x0f50 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\WINDOWS\system32\DRIVERS\bthpan.sys
08:55:17.0160 0x0f50 BthPan - ok
08:55:17.0207 0x0f50 [ C37F4930795B771400C63C3C87E7A6C2, 0D0F54184B2DAA45F646E4F69B85C4411E8DFA88EB4763BB0F386055A420F217 ] BTHPORT C:\WINDOWS\System32\Drivers\BTHport.sys
08:55:17.0253 0x0f50 BTHPORT - ok
08:55:17.0269 0x0f50 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\WINDOWS\system32\bthserv.dll
08:55:17.0410 0x0f50 bthserv - ok
08:55:17.0441 0x0f50 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\WINDOWS\System32\Drivers\BTHUSB.sys
08:55:17.0472 0x0f50 BTHUSB - ok
08:55:17.0566 0x0f50 [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl C:\WINDOWS\system32\DRIVERS\btwampfl.sys
08:55:17.0597 0x0f50 btwampfl - ok
08:55:17.0660 0x0f50 [ 1DB17CBEF587A795E54CF1FAF80A3ED7, D2A392D0CBBB0A9288B8F646D254D6A24969E5F4EE2D35CF0A1D594C88674D51 ] btwaudio C:\WINDOWS\system32\drivers\btwaudio.sys
08:55:17.0675 0x0f50 btwaudio - ok
08:55:17.0753 0x0f50 [ 35BAD5FEE5FD66205521B8A83A60B5AF, 8AD1846B15958E1A671ABE4D7536E6D9E265C83406E0BB544F8CF392876FC81F ] btwavdt C:\WINDOWS\System32\drivers\btwavdt.sys
08:55:17.0769 0x0f50 btwavdt - ok
08:55:17.0878 0x0f50 [ CB89636BD7BDBFB1C5BA18D4CB14D069, 5FB2D9FE2982D0D8D0579FF6BDAB760CACB53204F0AC280321360FB35181B0E4 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
08:55:17.0910 0x0f50 btwdins - ok
08:55:18.0003 0x0f50 [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
08:55:18.0019 0x0f50 btwl2cap - ok
08:55:18.0066 0x0f50 [ 1D1591BB5356D4160C15F754886EEE98, 1DEF03F2B716026166047D83150C285561E159A26B15A38161368074A178E4ED ] btwpanfl C:\WINDOWS\system32\drivers\btwpanfl.sys
08:55:18.0082 0x0f50 btwpanfl - ok
08:55:18.0113 0x0f50 [ 8B48C53FA923297E1AE282552403C112, 72A23C3F5F7EBC60936567914D30E9C3262F8C77C4C7758453AF188C085B6574 ] btwrchid C:\WINDOWS\System32\drivers\btwrchid.sys
08:55:18.0113 0x0f50 btwrchid - ok
08:55:18.0144 0x0f50 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
08:55:18.0285 0x0f50 cdfs - ok
08:55:18.0300 0x0f50 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
08:55:18.0316 0x0f50 cdrom - ok
08:55:18.0363 0x0f50 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
08:55:18.0550 0x0f50 CertPropSvc - ok
08:55:18.0597 0x0f50 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
08:55:18.0644 0x0f50 circlass - ok
08:55:18.0675 0x0f50 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
08:55:18.0691 0x0f50 CLFS - ok
08:55:18.0988 0x0f50 [ 880A6DAC6E03871B37A782155D189A53, 93659BB67236F5EBC317FD73879EB79EFB195728A2C0BC997881D3622C6CF981 ] ClickToRunSvc C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
08:55:19.0035 0x0f50 ClickToRunSvc - ok
08:55:19.0050 0x0f50 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
08:55:19.0097 0x0f50 CmBatt - ok
08:55:19.0160 0x0f50 [ 3930E508DDA46C1FF68FD963F350AA0A, BF63F9C7AB30E2A8199D65EDD6DCBB797C93A4A0B972373643FBE1C38BCFA697 ] CNG C:\WINDOWS\system32\Drivers\cng.sys
08:55:19.0175 0x0f50 CNG - ok
08:55:19.0191 0x0f50 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
08:55:19.0222 0x0f50 CompositeBus - ok
08:55:19.0222 0x0f50 COMSysApp - ok
08:55:19.0222 0x0f50 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys
08:55:19.0316 0x0f50 condrv - ok
08:55:19.0738 0x0f50 [ 1154D3FBD01C35A2F9A2073BCB366452, 02F8CBDD8E2F321711528CFFC46E9F0B60CC779C34164E387E2E53DEB518B674 ] cphs C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
08:55:19.0769 0x0f50 cphs - ok
08:55:19.0847 0x0f50 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
08:55:19.0925 0x0f50 CryptSvc - ok
08:55:20.0019 0x0f50 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\WINDOWS\system32\drivers\dam.sys
08:55:20.0035 0x0f50 dam - ok
08:55:20.0191 0x0f50 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
08:55:20.0347 0x0f50 DcomLaunch - ok
08:55:20.0660 0x0f50 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\WINDOWS\System32\defragsvc.dll
08:55:20.0894 0x0f50 defragsvc - ok
08:55:21.0019 0x0f50 [ DC253191A553DACA7684CFB5B03A4268, 2D651A059F1334671E875EB4FC642383DCC00710809255DA29F96C41EC2C8205 ] DellRbtn C:\WINDOWS\System32\drivers\DellRbtn.sys
08:55:21.0254 0x0f50 DellRbtn - ok
08:55:21.0363 0x0f50 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
08:55:21.0410 0x0f50 DeviceAssociationService - ok
08:55:21.0425 0x0f50 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
08:55:21.0566 0x0f50 DeviceInstall - ok
08:55:21.0597 0x0f50 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
08:55:21.0629 0x0f50 Dfsc - ok
08:55:21.0660 0x0f50 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
08:55:21.0754 0x0f50 Dhcp - ok
08:55:21.0800 0x0f50 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys
08:55:21.0832 0x0f50 disk - ok
08:55:21.0863 0x0f50 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
08:55:22.0004 0x0f50 dmvsc - ok
08:55:22.0050 0x0f50 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
08:55:22.0128 0x0f50 Dnscache - ok
08:55:22.0222 0x0f50 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
08:55:22.0379 0x0f50 dot3svc - ok
08:55:22.0425 0x0f50 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\WINDOWS\system32\dps.dll
08:55:22.0472 0x0f50 DPS - ok
08:55:22.0488 0x0f50 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
08:55:22.0503 0x0f50 drmkaud - ok
08:55:22.0535 0x0f50 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
08:55:22.0566 0x0f50 DsmSvc - ok
08:55:22.0785 0x0f50 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
08:55:22.0816 0x0f50 DXGKrnl - ok
08:55:22.0925 0x0f50 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\WINDOWS\System32\eapsvc.dll
08:55:23.0050 0x0f50 Eaphost - ok
08:55:23.0441 0x0f50 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys
08:55:23.0519 0x0f50 ebdrv - ok
08:55:23.0550 0x0f50 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\WINDOWS\System32\lsass.exe
08:55:23.0582 0x0f50 EFS - ok
08:55:23.0597 0x0f50 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
08:55:23.0613 0x0f50 EhStorClass - ok
08:55:23.0644 0x0f50 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
08:55:23.0660 0x0f50 EhStorTcgDrv - ok
08:55:23.0675 0x0f50 [ 391FA1C8854E9539E0180D889020D2DA, 394DAA9AD1C73D317C06882E1C4ECA2FD4E8110999F64D161E271FA91187AC99 ] EMSC C:\WINDOWS\system32\drivers\EMSC.SYS
08:55:23.0675 0x0f50 EMSC - ok
08:55:23.0707 0x0f50 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
08:55:23.0738 0x0f50 ErrDev - ok
08:55:23.0894 0x0f50 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\WINDOWS\system32\es.dll
08:55:24.0035 0x0f50 EventSystem - ok
08:55:24.0066 0x0f50 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
08:55:24.0222 0x0f50 exfat - ok
08:55:24.0285 0x0f50 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
08:55:24.0300 0x0f50 fastfat - ok
08:55:24.0394 0x0f50 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\WINDOWS\system32\fxssvc.exe
08:55:24.0629 0x0f50 Fax - ok
08:55:24.0675 0x0f50 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
08:55:24.0707 0x0f50 fdc - ok
08:55:24.0754 0x0f50 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\WINDOWS\system32\fdPHost.dll
08:55:24.0785 0x0f50 fdPHost - ok
08:55:24.0800 0x0f50 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
08:55:24.0832 0x0f50 FDResPub - ok
08:55:24.0832 0x0f50 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
08:55:24.0879 0x0f50 fhsvc - ok
08:55:24.0894 0x0f50 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
08:55:24.0894 0x0f50 FileInfo - ok
08:55:24.0910 0x0f50 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
08:55:24.0925 0x0f50 Filetrace - ok
08:55:24.0957 0x0f50 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
08:55:24.0972 0x0f50 flpydisk - ok
08:55:24.0988 0x0f50 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
08:55:25.0004 0x0f50 FltMgr - ok
08:55:25.0144 0x0f50 [ 7269C9013FCFA3C6E70F03E2630DBFC3, AAB282B4444CC17D197974D05063C7C97E5202E604681DD2DC3BCF0AE77D6057 ] FontCache C:\WINDOWS\system32\FntCache.dll
08:55:25.0238 0x0f50 FontCache - ok
08:55:25.0425 0x0f50 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
08:55:25.0441 0x0f50 FontCache3.0.0.0 - ok
08:55:25.0457 0x0f50 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
08:55:25.0472 0x0f50 FsDepends - ok
08:55:25.0519 0x0f50 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
08:55:25.0519 0x0f50 Fs_Rec - ok
08:55:25.0535 0x0f50 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
08:55:25.0566 0x0f50 fvevol - ok
08:55:25.0582 0x0f50 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
08:55:25.0597 0x0f50 FxPPM - ok
08:55:25.0613 0x0f50 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
08:55:25.0629 0x0f50 gagp30kx - ok
08:55:25.0660 0x0f50 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
08:55:25.0660 0x0f50 gencounter - ok
08:55:25.0722 0x0f50 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
08:55:25.0738 0x0f50 GPIOClx0101 - ok
08:55:25.0957 0x0f50 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
08:55:26.0019 0x0f50 gpsvc - ok
08:55:26.0129 0x0f50 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:26.0144 0x0f50 gupdate - ok
08:55:26.0160 0x0f50 [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
08:55:26.0160 0x0f50 gupdatem - ok
08:55:26.0175 0x0f50 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
08:55:26.0269 0x0f50 HDAudBus - ok
08:55:26.0332 0x0f50 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
08:55:26.0550 0x0f50 HidBatt - ok
08:55:26.0613 0x0f50 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
08:55:26.0738 0x0f50 HidBth - ok
08:55:26.0754 0x0f50 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
08:55:26.0785 0x0f50 hidi2c - ok
08:55:26.0832 0x0f50 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
08:55:26.0847 0x0f50 HidIr - ok
08:55:26.0879 0x0f50 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\WINDOWS\system32\hidserv.dll
08:55:27.0050 0x0f50 hidserv - ok
08:55:27.0050 0x0f50 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
08:55:27.0129 0x0f50 HidUsb - ok
08:55:27.0285 0x0f50 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
08:55:27.0754 0x0f50 hkmsvc - ok
08:55:28.0097 0x0f50 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
08:55:28.0191 0x0f50 HomeGroupListener - ok
08:55:28.0238 0x0f50 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
08:55:28.0254 0x0f50 HomeGroupProvider - ok
08:55:28.0285 0x0f50 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
08:55:28.0300 0x0f50 HpSAMD - ok
08:55:28.0441 0x0f50 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
08:55:28.0457 0x0f50 HTTP - ok
08:55:28.0472 0x0f50 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
08:55:28.0488 0x0f50 hwpolicy - ok
08:55:28.0504 0x0f50 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
08:55:28.0550 0x0f50 hyperkbd - ok
08:55:28.0566 0x0f50 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
08:55:28.0629 0x0f50 HyperVideo - ok
08:55:28.0660 0x0f50 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
08:55:28.0769 0x0f50 i8042prt - ok
08:55:28.0785 0x0f50 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
08:55:28.0800 0x0f50 iaLPSSi_GPIO - ok
08:55:28.0800 0x0f50 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
08:55:28.0816 0x0f50 iaLPSSi_I2C - ok
08:55:28.0879 0x0f50 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys
08:55:28.0910 0x0f50 iaStorA - ok
08:55:28.0988 0x0f50 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
08:55:29.0004 0x0f50 iaStorAV - ok
08:55:29.0191 0x0f50 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
08:55:29.0207 0x0f50 IAStorDataMgrSvc - ok
08:55:29.0254 0x0f50 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
08:55:29.0269 0x0f50 iaStorV - ok
08:55:29.0269 0x0f50 IEEtwCollectorService - ok
08:55:29.0972 0x0f50 [ 09F8023A17EE9EB0897A1B195428192B, 2DF018A24766E32E16F4B4FA9DA3D095BA42702B6869D4D1624A5EBF83805AF2 ] igfx C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
08:55:30.0050 0x0f50 igfx - ok
08:55:30.0129 0x0f50 [ F64E1962751A6DAA3FBB6210D6751E22, 972046FB7F0B443F9251F2F5B4AF0F8BAC2046B3EA295428BC888AAA568EC737 ] igfxCUIService1.0.0.0 C:\WINDOWS\system32\igfxCUIService.exe
08:55:30.0129 0x0f50 igfxCUIService1.0.0.0 - ok
08:55:30.0332 0x0f50 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
08:55:30.0410 0x0f50 IKEEXT - ok
08:55:30.0457 0x0f50 [ CF25067821BB89E87021E9493C178863, 1AA25378EFD977BC6CD9405A395FA2962770385FAB5A9A55FC95B5F6DFD8D1AE ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
08:55:30.0457 0x0f50 intaud_WaveExtensible - ok
08:55:30.0785 0x0f50 [ 0141272C088995D9EFCCB6A7A7CC64B6, 2F2EF677331457EE54E314E5D820D41C9FE4D4316D79086D666AADB2ABC943E7 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
08:55:30.0832 0x0f50 IntcAzAudAddService - ok
08:55:30.0894 0x0f50 [ 0E0B99617ED3FDB6C5F0E2D62709B5DF, A656CA3A60E62BE16A015150B23136CE150F9876B4035E9E8D8E73D1707B37A4 ] IntcDAud C:\WINDOWS\system32\DRIVERS\IntcDAud.sys
08:55:30.0925 0x0f50 IntcDAud - ok
08:55:31.0050 0x0f50 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
08:55:31.0129 0x0f50 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
08:55:33.0613 0x0f50 Detect skipped due to KSN trusted
08:55:33.0613 0x0f50 Intel(R) Capability Licensing Service Interface - ok
08:55:33.0707 0x0f50 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
08:55:33.0738 0x0f50 Intel(R) Capability Licensing Service TCP IP Interface - ok
08:55:33.0769 0x0f50 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys
08:55:33.0800 0x0f50 intelide - ok
08:55:33.0832 0x0f50 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
08:55:33.0847 0x0f50 intelpep - ok
08:55:33.0863 0x0f50 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
08:55:33.0879 0x0f50 intelppm - ok
08:55:33.0972 0x0f50 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
08:55:34.0191 0x0f50 IpFilterDriver - ok
08:55:34.0316 0x0f50 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
08:55:34.0347 0x0f50 iphlpsvc - ok
08:55:34.0379 0x0f50 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
08:55:34.0551 0x0f50 IPMIDRV - ok
08:55:34.0582 0x0f50 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
08:55:34.0676 0x0f50 IPNAT - ok
08:55:34.0691 0x0f50 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
08:55:34.0722 0x0f50 IRENUM - ok
08:55:34.0754 0x0f50 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
08:55:34.0769 0x0f50 isapnp - ok
08:55:34.0801 0x0f50 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
08:55:34.0832 0x0f50 iScsiPrt - ok
08:55:34.0879 0x0f50 [ 2DB1E2AE4A0DE62026296F0A6C29F3F5, A5A3D4D5BF9FF1DB5AC3BE15699B52707C8EB71EFA8FA82E7AE7A0C52C224380 ] iwdbus C:\WINDOWS\System32\drivers\iwdbus.sys
08:55:34.0894 0x0f50 iwdbus - ok
08:55:35.0035 0x0f50 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
08:55:35.0051 0x0f50 jhi_service - ok
08:55:35.0097 0x0f50 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
08:55:35.0097 0x0f50 kbdclass - ok
08:55:35.0129 0x0f50 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
08:55:35.0160 0x0f50 kbdhid - ok
08:55:35.0176 0x0f50 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
08:55:35.0301 0x0f50 kdnic - ok
08:55:35.0363 0x0f50 [ 9169C8B55EA5060CAA6668780D2C9DE7, B72CBC1FF3E8765DEEEE7FF7EFDC043E634DD76E2FFF7FF5379EEAEF2DE81E88 ] Ke2200 C:\WINDOWS\system32\DRIVERS\e22w8x64.sys
08:55:35.0394 0x0f50 Ke2200 - ok
08:55:35.0410 0x0f50 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\WINDOWS\system32\lsass.exe
08:55:35.0426 0x0f50 KeyIso - ok
08:55:35.0441 0x0f50 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
08:55:35.0457 0x0f50 KSecDD - ok
08:55:35.0535 0x0f50 [ 15C8C65CEA018C02EA0F648448C491C5, DF909704D22D891BE439B2E3D8386EA659444F91DC92AABFF9766446AEE5EBC0 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
08:55:35.0582 0x0f50 KSecPkg - ok
08:55:35.0582 0x0f50 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys
08:55:35.0613 0x0f50 ksthunk - ok
08:55:35.0676 0x0f50 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
08:55:35.0707 0x0f50 KtmRm - ok
08:55:35.0754 0x0f50 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
08:55:35.0785 0x0f50 LanmanServer - ok
08:55:35.0863 0x0f50 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
08:55:35.0910 0x0f50 LanmanWorkstation - ok
08:55:35.0972 0x0f50 [ 2B7479EB47731A8ACBA28AF4C4BDA32D, 67AEB98E7B41337FEFD92CC81BFAD25FBB679998B318C110A4873B1AD8927A97 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
08:55:36.0066 0x0f50 lfsvc - ok
08:55:36.0113 0x0f50 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
08:55:36.0144 0x0f50 lltdio - ok
08:55:36.0222 0x0f50 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
08:55:36.0269 0x0f50 lltdsvc - ok
08:55:36.0316 0x0f50 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
08:55:36.0379 0x0f50 lmhosts - ok
08:55:36.0488 0x0f50 [ 3DE66F47365AA8CEB18B1EE272F4FEBA, 8DDD6AB4AEDE3B2FEA0D3B63DD24E3F3422D6ADE067756A3919FCED53C349167 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
08:55:36.0519 0x0f50 LMS - ok
08:55:36.0582 0x0f50 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
08:55:36.0597 0x0f50 LSI_SAS - ok
08:55:36.0629 0x0f50 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
08:55:36.0644 0x0f50 LSI_SAS2 - ok
08:55:36.0660 0x0f50 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
08:55:36.0675 0x0f50 LSI_SAS3 - ok
08:55:36.0707 0x0f50 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
08:55:36.0707 0x0f50 LSI_SSS - ok
08:55:36.0754 0x0f50 [ 9B231CD3E52DF29EE50086FF676D3D6F, A47449CA6C88FE089A6953D05FA33A55A55E0306335A7A102A4CD75429FF0515 ] LSM C:\WINDOWS\System32\lsm.dll
08:55:36.0957 0x0f50 LSM - ok
08:55:37.0019 0x0f50 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys
08:55:37.0191 0x0f50 luafv - ok
08:55:37.0363 0x0f50 [ 0307CF4184F4F22DB75F36ACCCEF7ED1, 32EAC5DADDD70175EA7AD4FC0A8624BECB138B9ED9E66AF74AC4A06EEB3EB4B7 ] mbamchameleon C:\WINDOWS\system32\drivers\mbamchameleon.sys
08:55:37.0363 0x0f50 mbamchameleon - ok
08:55:37.0379 0x0f50 [ CA43F8904E24BBE49982E4C0B29E6579, 2E3E6D02980706061C478C1643F8838310DDAC573C8722AE7F3290CE36B02CB2 ] MBAMProtector C:\WINDOWS\system32\drivers\mbam.sys
08:55:37.0410 0x0f50 MBAMProtector - ok
08:55:37.0707 0x0f50 [ 0BB29DE40C9D9529793DCDB59A43CF5B, 251001A407D32EF22F64915EEFFAAEC229073C4549BF7D9D1D4209B7D15B4681 ] MBAMScheduler C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
08:55:37.0738 0x0f50 MBAMScheduler - ok
08:55:37.0957 0x0f50 [ 5F82D8188B370B0CF185D4AE2B9B4A0E, 549B53DD989A069E1C38347C4CEF5283DF9B428CE102799B06A20D3D8F23825F ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
08:55:37.0988 0x0f50 MBAMService - ok
08:55:38.0129 0x0f50 [ 26C43960C99EE861A5D0EDC4DCF3B1C3, 6238FB8E785652040CCE3E7044EA52066CE1BF173A1467474D64A3AB214B6BCD ] MBAMSwissArmy C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys
08:55:38.0129 0x0f50 MBAMSwissArmy - ok
08:55:38.0160 0x0f50 [ 9D7BFFDB5FA62B600DF1FCB4919D9D79, B610B18E25366F56A785C1BECE0EC534C836FAB0DF13E0BC3AF7A626E6CD6A5F ] MBAMWebAccessControl C:\WINDOWS\system32\drivers\mwac.sys
08:55:38.0160 0x0f50 MBAMWebAccessControl - ok
08:55:38.0191 0x0f50 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys
08:55:38.0222 0x0f50 megasas - ok
08:55:38.0301 0x0f50 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys
08:55:38.0332 0x0f50 megasr - ok
08:55:38.0363 0x0f50 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
08:55:38.0363 0x0f50 MEIx64 - ok
08:55:38.0413 0x0f50 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\WINDOWS\system32\mmcss.dll
08:55:38.0507 0x0f50 MMCSS - ok
08:55:38.0538 0x0f50 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys
08:55:38.0570 0x0f50 Modem - ok
08:55:38.0585 0x0f50 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys
08:55:38.0804 0x0f50 monitor - ok
08:55:38.0835 0x0f50 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
08:55:38.0851 0x0f50 mouclass - ok
08:55:38.0898 0x0f50 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
08:55:38.0945 0x0f50 mouhid - ok
08:55:38.0976 0x0f50 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
08:55:39.0007 0x0f50 mountmgr - ok
08:55:39.0007 0x0f50 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
08:55:39.0101 0x0f50 mpsdrv - ok
08:55:39.0148 0x0f50 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
08:55:39.0210 0x0f50 MpsSvc - ok
08:55:39.0241 0x0f50 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
08:55:39.0320 0x0f50 MRxDAV - ok
08:55:39.0351 0x0f50 [ 31233271EDE50D1BBB220F78AFA60486, 2122FAB5BD353DF63CF0FE9CEDBD5DFD1F26F2DE04303E1B3FFB03AA02AECED9 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
08:55:39.0523 0x0f50 mrxsmb - ok
08:55:39.0538 0x0f50 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
08:55:39.0601 0x0f50 mrxsmb10 - ok
08:55:39.0601 0x0f50 [ 6276AC2AA203CF47811F6EFBBD214FBF, AE55D87D863A626347B0074F4E962080F1989A94153DAF8475593249F616DA2F ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
08:55:39.0632 0x0f50 mrxsmb20 - ok
08:55:39.0663 0x0f50 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
08:55:39.0679 0x0f50 MsBridge - ok
08:55:39.0726 0x0f50 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\WINDOWS\System32\msdtc.exe
08:55:39.0757 0x0f50 MSDTC - ok
08:55:39.0757 0x0f50 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
08:55:39.0773 0x0f50 Msfs - ok
08:55:39.0788 0x0f50 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
08:55:39.0788 0x0f50 msgpiowin32 - ok
08:55:39.0820 0x0f50 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
08:55:39.0835 0x0f50 mshidkmdf - ok
08:55:39.0851 0x0f50 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
08:55:39.0866 0x0f50 mshidumdf - ok
08:55:39.0898 0x0f50 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
08:55:39.0898 0x0f50 msisadrv - ok
08:55:39.0960 0x0f50 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
08:55:39.0991 0x0f50 MSiSCSI - ok
08:55:39.0991 0x0f50 msiserver - ok
08:55:40.0007 0x0f50 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
08:55:40.0038 0x0f50 MSKSSRV - ok
08:55:40.0054 0x0f50 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
08:55:40.0116 0x0f50 MsLldp - ok
08:55:40.0163 0x0f50 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
08:55:40.0195 0x0f50 MSPCLOCK - ok
08:55:40.0226 0x0f50 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
08:55:40.0257 0x0f50 MSPQM - ok
08:55:40.0288 0x0f50 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
08:55:40.0320 0x0f50 MsRPC - ok
08:55:40.0320 0x0f50 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
08:55:40.0335 0x0f50 mssmbios - ok
08:55:40.0351 0x0f50 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
08:55:40.0366 0x0f50 MSTEE - ok
08:55:40.0382 0x0f50 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
08:55:40.0382 0x0f50 MTConfig - ok
08:55:40.0382 0x0f50 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys
08:55:40.0398 0x0f50 Mup - ok
08:55:40.0413 0x0f50 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
08:55:40.0413 0x0f50 mvumis - ok
08:55:40.0491 0x0f50 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\WINDOWS\system32\qagentRT.dll
08:55:40.0507 0x0f50 napagent - ok
08:55:40.0554 0x0f50 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
08:55:40.0570 0x0f50 NativeWifiP - ok
08:55:40.0632 0x0f50 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
08:55:40.0648 0x0f50 NcaSvc - ok
08:55:40.0679 0x0f50 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\WINDOWS\System32\ncbservice.dll
08:55:40.0741 0x0f50 NcbService - ok
08:55:40.0757 0x0f50 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
08:55:40.0820 0x0f50 NcdAutoSetup - ok
08:55:40.0976 0x0f50 [ 6D3A2565E01B3E4B0F1BEDB0D4B00B3F, 95F2608E17CA3E25BD7958D1A49F7030EC8088BC1DF12422F1DAC5BA99113E34 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
08:55:41.0007 0x0f50 NDIS - ok
08:55:41.0054 0x0f50 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
08:55:41.0070 0x0f50 NdisCap - ok
08:55:41.0085 0x0f50 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
08:55:41.0273 0x0f50 NdisImPlatform - ok
08:55:41.0288 0x0f50 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
08:55:41.0382 0x0f50 NdisTapi - ok
08:55:41.0429 0x0f50 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
08:55:41.0491 0x0f50 Ndisuio - ok
08:55:41.0507 0x0f50 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
08:55:41.0601 0x0f50 NdisVirtualBus - ok
08:55:41.0648 0x0f50 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:55:41.0695 0x0f50 NdisWan - ok
08:55:41.0742 0x0f50 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
08:55:41.0913 0x0f50 NdisWanLegacy - ok
08:55:41.0945 0x0f50 [ 0BBE2FA30BAD58C9ADC01E4F84A3D2A1, 913AEC8A5F735C2EFDCB417E4077AB5A15457C601E6E88A1F4FA52C91E6E0BBF ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
08:55:42.0070 0x0f50 NDProxy - ok
08:55:42.0101 0x0f50 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
08:55:42.0288 0x0f50 Ndu - ok
08:55:42.0367 0x0f50 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
08:55:42.0398 0x0f50 NetBIOS - ok
08:55:42.0429 0x0f50 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
08:55:42.0757 0x0f50 NetBT - ok
08:55:42.0788 0x0f50 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\WINDOWS\system32\lsass.exe
08:55:42.0804 0x0f50 Netlogon - ok
08:55:42.0913 0x0f50 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\WINDOWS\System32\netman.dll
08:55:42.0960 0x0f50 Netman - ok
08:55:43.0007 0x0f50 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
08:55:43.0070 0x0f50 netprofm - ok
08:55:43.0132 0x0f50 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
08:55:43.0148 0x0f50 NetTcpPortSharing - ok
08:55:43.0179 0x0f50 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\WINDOWS\System32\drivers\netvsc63.sys
08:55:43.0241 0x0f50 netvsc - ok
08:55:43.0304 0x0f50 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
08:55:43.0367 0x0f50 NlaSvc - ok
08:55:43.0367 0x0f50 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
08:55:43.0398 0x0f50 Npfs - ok
08:55:43.0445 0x0f50 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
08:55:43.0507 0x0f50 npsvctrig - ok
08:55:43.0538 0x0f50 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\WINDOWS\system32\nsisvc.dll
08:55:43.0585 0x0f50 nsi - ok
08:55:43.0585 0x0f50 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
08:55:43.0632 0x0f50 nsiproxy - ok
08:55:43.0788 0x0f50 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
08:55:43.0835 0x0f50 Ntfs - ok
08:55:43.0851 0x0f50 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys
08:55:43.0866 0x0f50 Null - ok
08:55:43.0976 0x0f50 [ 88F31550395CD97ED68168239A947941, 2C2C9364BDB80C98FB2D06C81EFE153CF9100862C1DD35CE643AADA24CEB72F7 ] nvkflt C:\WINDOWS\system32\DRIVERS\nvkflt.sys
08:55:43.0991 0x0f50 nvkflt - ok
08:55:44.0507 0x0f50 [ E71E299FF15390E585BACF2C18F55078, 7A51D989DA55349B1761839DEAFD593B6E6F88C433B132E7B027467E050FBA67 ] nvlddmkm C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
08:55:44.0741 0x0f50 nvlddmkm - ok
08:55:44.0788 0x0f50 [ FCC3A3F875C8CF258F71BE2F2CAA2355, BD174C47329F0A15D821E51997E4CDAA68FB9BFD72A89A2F2A85A8603625EB18 ] nvpciflt C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
08:55:44.0788 0x0f50 nvpciflt - ok
08:55:44.0820 0x0f50 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
08:55:44.0835 0x0f50 nvraid - ok
08:55:44.0851 0x0f50 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
08:55:44.0866 0x0f50 nvstor - ok
08:55:44.0929 0x0f50 [ 415695F5A54E91E869EEBFEA261361A6, 1829C15E07D902686171C8A66EB03040A037CAC1E00E24BF598030D9DA795CEC ] nvsvc C:\WINDOWS\system32\nvvsvc.exe
08:55:44.0945 0x0f50 nvsvc - ok
08:55:45.0070 0x0f50 [ AA130938A27BB80A8B6438EF83232275, 7C5A4863CD22413723C9F7658855E34088A2F89DF740531ED7986F67A30935E0 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
08:55:45.0085 0x0f50 nvUpdatusService - ok
08:55:45.0116 0x0f50 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
08:55:45.0116 0x0f50 nv_agp - ok
08:55:45.0241 0x0f50 [ C1342DDE1D9D33B670DC91F146AFEBAA, F9A41B74E45278381AF3519E9ED7F8C319F5C26084BEE3164EB211B1EE24ACE5 ] OAcat C:\Program Files (x86)\Online Armor\OAcat.exe
08:55:45.0257 0x0f50 OAcat - ok
08:55:45.0491 0x0f50 [ EF80132A2634B1F5751507C50215DACE, 2746BFEE8D02068B704F6568AF8AD65664D98DAB4685474BB13B4259B21702FC ] OADevice C:\Windows\SysWow64\Drivers\OADriver.sys
08:55:45.0491 0x0f50 OADevice - ok
08:55:45.0507 0x0f50 [ 0DF8148945D4BCE2C262FFB4AB041954, 14D8C6700ED4D083D1318D52FB940798438C51348D20023DC24624B2000D6219 ] oahlpXX C:\Windows\syswow64\drivers\oahlp64.sys
08:55:45.0523 0x0f50 oahlpXX - ok
08:55:45.0538 0x0f50 [ B96FBA4157328A0740575AFBA5DC87C9, 9B90D4CB327F98813A9A7DB625D84BB72670E7839735E93CF638503A16C50A89 ] OAmon C:\Windows\SysWOW64\Drivers\OAmon.sys
08:55:45.0538 0x0f50 OAmon - ok
08:55:45.0554 0x0f50 [ 82DA0901A5F9F9E0998002BDD8033785, 962C52E41965DAD71BF3699DB5A82FD63AA3E06E5A473B37D4C598CCE14FFC19 ] OAnet C:\WINDOWS\system32\DRIVERS\oanet.sys
08:55:45.0554 0x0f50 OAnet - ok
08:55:45.0632 0x0f50 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
08:55:45.0632 0x0f50 ose - ok
08:55:45.0688 0x0f50 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
08:55:45.0751 0x0f50 p2pimsvc - ok
08:55:45.0782 0x0f50 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\WINDOWS\system32\p2psvc.dll
08:55:45.0829 0x0f50 p2psvc - ok
08:55:45.0845 0x0f50 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys
08:55:45.0861 0x0f50 Parport - ok
08:55:45.0861 0x0f50 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
08:55:45.0876 0x0f50 partmgr - ok
08:55:45.0892 0x0f50 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
08:55:45.0907 0x0f50 PcaSvc - ok
08:55:45.0923 0x0f50 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys
08:55:45.0939 0x0f50 pci - ok
08:55:45.0954 0x0f50 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys
08:55:45.0954 0x0f50 pciide - ok
08:55:45.0970 0x0f50 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
08:55:45.0986 0x0f50 pcmcia - ok
08:55:45.0986 0x0f50 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
08:55:45.0986 0x0f50 pcw - ok
08:55:46.0032 0x0f50 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
08:55:46.0032 0x0f50 pdc - ok
08:55:46.0095 0x0f50 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
08:55:46.0157 0x0f50 PEAUTH - ok
08:55:46.0189 0x0f50 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe
08:55:46.0236 0x0f50 PerfHost - ok
08:55:46.0282 0x0f50 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\WINDOWS\system32\pla.dll
08:55:46.0329 0x0f50 pla - ok
08:55:46.0361 0x0f50 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
08:55:46.0376 0x0f50 PlugPlay - ok
08:55:46.0407 0x0f50 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
08:55:46.0423 0x0f50 PNRPAutoReg - ok
08:55:46.0439 0x0f50 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
08:55:46.0454 0x0f50 PNRPsvc - ok
08:55:46.0517 0x0f50 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
08:55:46.0564 0x0f50 PolicyAgent - ok
08:55:46.0579 0x0f50 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\WINDOWS\system32\umpo.dll
08:55:46.0626 0x0f50 Power - ok
08:55:46.0798 0x0f50 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
08:55:46.0907 0x0f50 PrintNotify - ok
08:55:46.0939 0x0f50 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys
08:55:46.0954 0x0f50 Processor - ok
08:55:46.0986 0x0f50 [ 19424364D8C03B990C4281BE53963FD0, 958FC8436E6B754858E20BC48B0D4B269991E8CA94C15C2761BF04ED52591907 ] ProfSvc C:\WINDOWS\system32\profsvc.dll
08:55:47.0048 0x0f50 ProfSvc - ok
08:55:47.0064 0x0f50 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
08:55:47.0095 0x0f50 Psched - ok
08:55:47.0111 0x0f50 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\WINDOWS\system32\qwave.dll
08:55:47.0157 0x0f50 QWAVE - ok
08:55:47.0189 0x0f50 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
08:55:47.0204 0x0f50 QWAVEdrv - ok
08:55:47.0220 0x0f50 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
08:55:47.0220 0x0f50 RasAcd - ok
08:55:47.0251 0x0f50 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\WINDOWS\System32\rasauto.dll
08:55:47.0267 0x0f50 RasAuto - ok
08:55:47.0298 0x0f50 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\WINDOWS\System32\rasmans.dll
08:55:47.0345 0x0f50 RasMan - ok
08:55:47.0361 0x0f50 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
08:55:47.0376 0x0f50 RasPppoe - ok
08:55:47.0392 0x0f50 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
08:55:47.0454 0x0f50 rdbss - ok
08:55:47.0470 0x0f50 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
08:55:47.0532 0x0f50 rdpbus - ok
08:55:47.0532 0x0f50 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
08:55:47.0579 0x0f50 RDPDR - ok
08:55:47.0595 0x0f50 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
08:55:47.0595 0x0f50 RdpVideoMiniport - ok
08:55:47.0611 0x0f50 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
08:55:47.0626 0x0f50 rdyboost - ok
08:55:47.0673 0x0f50 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys
08:55:47.0689 0x0f50 ReFS - ok
08:55:47.0736 0x0f50 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
08:55:47.0767 0x0f50 RemoteAccess - ok
08:55:47.0829 0x0f50 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
08:55:47.0892 0x0f50 RemoteRegistry - ok
08:55:47.0939 0x0f50 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\WINDOWS\system32\DRIVERS\rfcomm.sys
08:55:47.0954 0x0f50 RFCOMM - ok
08:55:47.0970 0x0f50 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
08:55:47.0986 0x0f50 RpcEptMapper - ok
08:55:48.0017 0x0f50 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\WINDOWS\system32\locator.exe
08:55:48.0079 0x0f50 RpcLocator - ok
08:55:48.0126 0x0f50 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\WINDOWS\system32\rpcss.dll
08:55:48.0157 0x0f50 RpcSs - ok
08:55:48.0204 0x0f50 [ 57D7B7CB015A7BE60C05A13F1B9C6AD0, F22D6CA9528FAF9FCD39DB8FBE5ACA4848259966010DD1E6A4CDA2F26260409B ] RSPCIESTOR C:\WINDOWS\system32\DRIVERS\RtsPStor.sys
08:55:48.0204 0x0f50 RSPCIESTOR - ok
08:55:48.0236 0x0f50 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
08:55:48.0267 0x0f50 rspndr - ok
08:55:48.0361 0x0f50 [ 3A50489C017292386C1C6CF6EB283F23, 42E2C75A83A45070BB548591B83C3744F5DF6BB3743221D0442C1BA23789AD5D ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
08:55:48.0392 0x0f50 RtkAudioService - ok
08:55:48.0408 0x0f50 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
08:55:48.0408 0x0f50 s3cap - ok
08:55:48.0439 0x0f50 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\WINDOWS\system32\lsass.exe
08:55:48.0454 0x0f50 SamSs - ok
08:55:48.0470 0x0f50 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
08:55:48.0486 0x0f50 sbp2port - ok
08:55:48.0517 0x0f50 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
08:55:48.0704 0x0f50 SCardSvr - ok
08:55:48.0720 0x0f50 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
08:55:48.0736 0x0f50 ScDeviceEnum - ok
08:55:48.0751 0x0f50 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
08:55:48.0783 0x0f50 scfilter - ok
08:55:48.0923 0x0f50 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\WINDOWS\system32\schedsvc.dll
08:55:48.0970 0x0f50 Schedule - ok
08:55:49.0001 0x0f50 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
08:55:49.0032 0x0f50 SCPolicySvc - ok
08:55:49.0064 0x0f50 [ 27FF998504DEF8D29A771FBB41707C5E, 82035EA15E5241C9C39B5474E5CBA49BB188B4B792B121ABF98659460A1EDE85 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
08:55:49.0079 0x0f50 sdbus - ok
08:55:49.0111 0x0f50 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
08:55:49.0126 0x0f50 sdstor - ok
08:55:49.0142 0x0f50 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
08:55:49.0173 0x0f50 secdrv - ok
08:55:49.0189 0x0f50 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\WINDOWS\system32\seclogon.dll
08:55:49.0204 0x0f50 seclogon - ok
08:55:49.0220 0x0f50 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\WINDOWS\System32\sens.dll
08:55:49.0251 0x0f50 SENS - ok
08:55:49.0251 0x0f50 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
08:55:49.0314 0x0f50 SensrSvc - ok
08:55:49.0314 0x0f50 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
08:55:49.0329 0x0f50 SerCx - ok
08:55:49.0361 0x0f50 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
08:55:49.0376 0x0f50 SerCx2 - ok
08:55:49.0392 0x0f50 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
08:55:49.0423 0x0f50 Serenum - ok
08:55:49.0439 0x0f50 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys
08:55:49.0454 0x0f50 Serial - ok
08:55:49.0486 0x0f50 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
08:55:49.0501 0x0f50 sermouse - ok
08:55:49.0517 0x0f50 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\WINDOWS\system32\sessenv.dll
08:55:49.0548 0x0f50 SessionEnv - ok
08:55:49.0564 0x0f50 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
08:55:49.0564 0x0f50 sfloppy - ok
08:55:49.0642 0x0f50 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
08:55:49.0689 0x0f50 SharedAccess - ok
08:55:49.0720 0x0f50 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
08:55:49.0798 0x0f50 ShellHWDetection - ok
08:55:49.0845 0x0f50 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
08:55:49.0861 0x0f50 SiSRaid2 - ok
08:55:49.0876 0x0f50 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
08:55:49.0892 0x0f50 SiSRaid4 - ok
08:55:49.0939 0x0f50 [ 5476D773EE180AEB9CADA786EA131777, BEBC1788A63FFC54047BE6633F8C3AF10F5E26C1F5B8255DAD88CEF81544B07C ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
08:55:49.0954 0x0f50 SmbDrvI - ok
08:55:49.0986 0x0f50 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\WINDOWS\System32\smphost.dll
08:55:50.0001 0x0f50 smphost - ok
08:55:50.0048 0x0f50 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
08:55:50.0079 0x0f50 SNMPTRAP - ok
08:55:50.0111 0x0f50 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
08:55:50.0126 0x0f50 spaceport - ok
08:55:50.0142 0x0f50 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
08:55:50.0158 0x0f50 SpbCx - ok
08:55:50.0204 0x0f50 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\WINDOWS\System32\spoolsv.exe
08:55:50.0298 0x0f50 Spooler - ok
08:55:50.0564 0x0f50 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe
08:55:50.0673 0x0f50 sppsvc - ok
08:55:50.0689 0x0f50 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
08:55:50.0783 0x0f50 srv - ok
08:55:50.0814 0x0f50 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
08:55:50.0845 0x0f50 srv2 - ok
08:55:50.0861 0x0f50 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
08:55:50.0939 0x0f50 srvnet - ok
08:55:50.0986 0x0f50 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
08:55:51.0017 0x0f50 SSDPSRV - ok
08:55:51.0048 0x0f50 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
08:55:51.0064 0x0f50 SstpSvc - ok
08:55:51.0095 0x0f50 [ F03B03AA7A18DEB0538D242F1DA01481, F1BF74979660F4AB004EBA6BB91EB0E66890BD2C76371ED017574F1F32228D7C ] stdcfltn C:\WINDOWS\system32\DRIVERS\stdcfltn.sys
08:55:51.0095 0x0f50 stdcfltn - ok
08:55:51.0236 0x0f50 [ A9D26626BEADF5A0641BF6B5095EF309, EABC711466FECA20058D7E24CA2593059E1F113B38A2E7574822E48BFBBF4146 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
08:55:51.0251 0x0f50 Stereo Service - ok
08:55:51.0267 0x0f50 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
08:55:51.0267 0x0f50 stexstor - ok
08:55:51.0408 0x0f50 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\WINDOWS\System32\wiaservc.dll
08:55:51.0486 0x0f50 stisvc - ok
08:55:51.0501 0x0f50 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys
08:55:51.0501 0x0f50 storahci - ok
08:55:51.0517 0x0f50 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys
08:55:51.0533 0x0f50 storflt - ok
08:55:51.0564 0x0f50 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
08:55:51.0564 0x0f50 stornvme - ok
08:55:51.0595 0x0f50 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\WINDOWS\system32\storsvc.dll
08:55:51.0642 0x0f50 StorSvc - ok
08:55:51.0673 0x0f50 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
08:55:51.0689 0x0f50 storvsc - ok
08:55:51.0720 0x0f50 [ 4A86CABA5B2696561BD8640A2B0C9778, 93BA61139BE96836B221CE634F47B15C9A209F60FEC6D09B8EA867DFE714E6DF ] ST_Accel C:\WINDOWS\system32\DRIVERS\ST_Accel.sys
08:55:51.0751 0x0f50 ST_Accel - ok
08:55:51.0939 0x0f50 [ DFF023B4100EB120D2DC62F3AC393A05, 7303C256F47A2BF9A20FCF80875BF614EA2A14CAE19073B6BDD4D7C405204AC8 ] SvcOnlineArmor C:\Program Files (x86)\Online Armor\oasrv.exe
08:55:52.0033 0x0f50 SvcOnlineArmor - ok
08:55:52.0064 0x0f50 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\WINDOWS\system32\svsvc.dll
08:55:52.0126 0x0f50 svsvc - ok
08:55:52.0142 0x0f50 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\WINDOWS\System32\drivers\swenum.sys
08:55:52.0158 0x0f50 swenum - ok
08:55:52.0189 0x0f50 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\WINDOWS\System32\swprv.dll
08:55:52.0220 0x0f50 swprv - ok
08:55:52.0267 0x0f50 [ 75B2DF282F2D40C7DC721EC4CADC7DB5, 0E92F61CC2241DFBBACFEB048BC3702494A52BF1BDB2000408A64EA748A6A727 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
08:55:52.0267 0x0f50 SynTP - ok
08:55:52.0376 0x0f50 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\WINDOWS\system32\sysmain.dll
08:55:52.0486 0x0f50 SysMain - ok
08:55:52.0533 0x0f50 [ 23BECB70654B192A7E378DEE3DBD8D42, 7596174AE7508B62C40A429645198F6A420D0CD5B62A10AB78516113584E7EDB ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
08:55:52.0564 0x0f50 SystemEventsBroker - ok
08:55:52.0611 0x0f50 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
08:55:52.0673 0x0f50 TabletInputService - ok
08:55:52.0736 0x0f50 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
08:55:52.0798 0x0f50 TapiSrv - ok
08:55:52.0954 0x0f50 [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
08:55:53.0001 0x0f50 Tcpip - ok
08:55:53.0064 0x0f50 [ 3C2DF97A21A9BBE6355B0A51F288EFFF, 47BBE47CFE2379B072AEEC360C4F207059BED9AD18C55FDF2AC0DA9CAD837BFB ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
08:55:53.0126 0x0f50 TCPIP6 - ok
08:55:53.0158 0x0f50 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
08:55:53.0204 0x0f50 tcpipreg - ok
08:55:53.0251 0x0f50 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
08:55:53.0283 0x0f50 tdx - ok
08:55:53.0298 0x0f50 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
08:55:53.0314 0x0f50 terminpt - ok
08:55:53.0501 0x0f50 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService

Peekabooboo · Mar 23, 2015

C:\WINDOWS\System32\termsrv.dll
08:55:53.0533 0x0f50 TermService - ok
08:55:53.0548 0x0f50 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\WINDOWS\system32\themeservice.dll
08:55:53.0564 0x0f50 Themes - ok
08:55:53.0595 0x0f50 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\WINDOWS\system32\mmcss.dll
08:55:53.0611 0x0f50 THREADORDER - ok
08:55:53.0611 0x0f50 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
08:55:53.0673 0x0f50 TimeBroker - ok
08:55:53.0704 0x0f50 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys
08:55:53.0736 0x0f50 TPM - ok
08:55:53.0767 0x0f50 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\WINDOWS\System32\trkwks.dll
08:55:53.0783 0x0f50 TrkWks - ok
08:55:53.0845 0x0f50 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
08:55:53.0892 0x0f50 TrustedInstaller - ok
08:55:53.0923 0x0f50 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
08:55:53.0986 0x0f50 TsUsbFlt - ok
08:55:54.0001 0x0f50 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
08:55:54.0048 0x0f50 TsUsbGD - ok
08:55:54.0064 0x0f50 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
08:55:54.0095 0x0f50 tunnel - ok
08:55:54.0142 0x0f50 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
08:55:54.0173 0x0f50 uagp35 - ok
08:55:54.0189 0x0f50 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
08:55:54.0204 0x0f50 UASPStor - ok
08:55:54.0236 0x0f50 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
08:55:54.0267 0x0f50 UCX01000 - ok
08:55:54.0283 0x0f50 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
08:55:54.0314 0x0f50 udfs - ok
08:55:54.0345 0x0f50 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
08:55:54.0361 0x0f50 UEFI - ok
08:55:54.0376 0x0f50 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
08:55:54.0408 0x0f50 UI0Detect - ok
08:55:54.0423 0x0f50 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
08:55:54.0423 0x0f50 uliagpkx - ok
08:55:54.0439 0x0f50 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys
08:55:54.0454 0x0f50 umbus - ok
08:55:54.0470 0x0f50 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
08:55:54.0486 0x0f50 UmPass - ok
08:55:54.0517 0x0f50 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
08:55:54.0533 0x0f50 UmRdpService - ok
08:55:54.0548 0x0f50 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\WINDOWS\System32\upnphost.dll
08:55:54.0579 0x0f50 upnphost - ok
08:55:54.0579 0x0f50 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
08:55:54.0595 0x0f50 usbccgp - ok
08:55:54.0626 0x0f50 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
08:55:54.0626 0x0f50 usbcir - ok
08:55:54.0642 0x0f50 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
08:55:54.0658 0x0f50 usbehci - ok
08:55:54.0658 0x0f50 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
08:55:54.0673 0x0f50 usbhub - ok
08:55:54.0689 0x0f50 [ FAA564A13576F9284546BF016D27B551, 1D2CD13DC0B02DD40657EE4F93F4A13C78D2F2EF91685E563D78E217C96DF544 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
08:55:54.0689 0x0f50 USBHUB3 - ok
08:55:54.0720 0x0f50 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
08:55:54.0829 0x0f50 usbohci - ok
08:55:54.0845 0x0f50 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
08:55:54.0876 0x0f50 usbprint - ok
08:55:54.0892 0x0f50 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
08:55:54.0908 0x0f50 USBSTOR - ok
08:55:54.0908 0x0f50 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
08:55:54.0923 0x0f50 usbuhci - ok
08:55:54.0939 0x0f50 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
08:55:54.0970 0x0f50 usbvideo - ok
08:55:54.0986 0x0f50 [ 1A20F03700D2B2ED775E38D751EF2F63, 76F8BE9F412D4397437E60A7E6231C80EA9B4F5436C9A8FAB967C78604994AE9 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
08:55:54.0986 0x0f50 USBXHCI - ok
08:55:55.0001 0x0f50 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\WINDOWS\system32\lsass.exe
08:55:55.0001 0x0f50 VaultSvc - ok
08:55:55.0017 0x0f50 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
08:55:55.0017 0x0f50 vdrvroot - ok
08:55:55.0079 0x0f50 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\WINDOWS\System32\vds.exe
08:55:55.0126 0x0f50 vds - ok
08:55:55.0126 0x0f50 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
08:55:55.0142 0x0f50 VerifierExt - ok
08:55:55.0158 0x0f50 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
08:55:55.0173 0x0f50 vhdmp - ok
08:55:55.0189 0x0f50 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
08:55:55.0189 0x0f50 viaide - ok
08:55:55.0204 0x0f50 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
08:55:55.0220 0x0f50 vmbus - ok
08:55:55.0220 0x0f50 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
08:55:55.0236 0x0f50 VMBusHID - ok
08:55:55.0283 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
08:55:55.0314 0x0f50 vmicguestinterface - ok
08:55:55.0345 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
08:55:55.0361 0x0f50 vmicheartbeat - ok
08:55:55.0376 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
08:55:55.0392 0x0f50 vmickvpexchange - ok
08:55:55.0392 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
08:55:55.0408 0x0f50 vmicrdv - ok
08:55:55.0423 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
08:55:55.0439 0x0f50 vmicshutdown - ok
08:55:55.0454 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
08:55:55.0470 0x0f50 vmictimesync - ok
08:55:55.0486 0x0f50 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\WINDOWS\System32\ICSvc.dll
08:55:55.0501 0x0f50 vmicvss - ok
08:55:55.0517 0x0f50 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
08:55:55.0517 0x0f50 volmgr - ok
08:55:55.0533 0x0f50 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
08:55:55.0548 0x0f50 volmgrx - ok
08:55:55.0548 0x0f50 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
08:55:55.0564 0x0f50 volsnap - ok
08:55:55.0579 0x0f50 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\WINDOWS\System32\drivers\vpci.sys
08:55:55.0579 0x0f50 vpci - ok
08:55:55.0595 0x0f50 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
08:55:55.0611 0x0f50 vsmraid - ok
08:55:55.0704 0x0f50 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\WINDOWS\system32\vssvc.exe
08:55:55.0783 0x0f50 VSS - ok
08:55:55.0798 0x0f50 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
08:55:55.0814 0x0f50 VSTXRAID - ok
08:55:55.0845 0x0f50 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
08:55:55.0892 0x0f50 vwifibus - ok
08:55:55.0908 0x0f50 [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
08:55:55.0923 0x0f50 vwififlt - ok
08:55:55.0923 0x0f50 [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
08:55:55.0939 0x0f50 vwifimp - ok
08:55:55.0986 0x0f50 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\WINDOWS\system32\w32time.dll
08:55:56.0017 0x0f50 W32Time - ok
08:55:56.0033 0x0f50 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
08:55:56.0033 0x0f50 WacomPen - ok
08:55:56.0204 0x0f50 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\WINDOWS\system32\wbengine.exe
08:55:56.0267 0x0f50 wbengine - ok
08:55:56.0298 0x0f50 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
08:55:56.0361 0x0f50 WbioSrvc - ok
08:55:56.0361 0x0f50 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
08:55:56.0376 0x0f50 Wcmsvc - ok
08:55:56.0392 0x0f50 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
08:55:56.0408 0x0f50 wcncsvc - ok
08:55:56.0439 0x0f50 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
08:55:56.0470 0x0f50 WcsPlugInService - ok
08:55:56.0501 0x0f50 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
08:55:56.0501 0x0f50 WdBoot - ok
08:55:56.0626 0x0f50 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
08:55:56.0642 0x0f50 Wdf01000 - ok
08:55:56.0658 0x0f50 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
08:55:56.0673 0x0f50 WdFilter - ok
08:55:56.0689 0x0f50 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
08:55:56.0704 0x0f50 WdiServiceHost - ok
08:55:56.0704 0x0f50 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
08:55:56.0720 0x0f50 WdiSystemHost - ok
08:55:56.0751 0x0f50 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
08:55:56.0751 0x0f50 WdNisDrv - ok
08:55:56.0783 0x0f50 WdNisSvc - ok
08:55:56.0798 0x0f50 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\WINDOWS\System32\webclnt.dll
08:55:56.0861 0x0f50 WebClient - ok
08:55:56.0876 0x0f50 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
08:55:56.0908 0x0f50 Wecsvc - ok
08:55:56.0923 0x0f50 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
08:55:56.0939 0x0f50 WEPHOSTSVC - ok
08:55:56.0954 0x0f50 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
08:55:57.0064 0x0f50 wercplsupport - ok
08:55:57.0095 0x0f50 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\WINDOWS\System32\WerSvc.dll
08:55:57.0126 0x0f50 WerSvc - ok
08:55:57.0158 0x0f50 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
08:55:57.0173 0x0f50 WFPLWFS - ok
08:55:57.0189 0x0f50 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
08:55:57.0204 0x0f50 WiaRpc - ok
08:55:57.0220 0x0f50 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
08:55:57.0220 0x0f50 WIMMount - ok
08:55:57.0236 0x0f50 WinDefend - ok
08:55:57.0314 0x0f50 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
08:55:57.0345 0x0f50 WinHttpAutoProxySvc - ok
08:55:57.0392 0x0f50 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
08:55:57.0439 0x0f50 Winmgmt - ok
08:55:57.0611 0x0f50 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\WINDOWS\system32\WsmSvc.dll
08:55:57.0658 0x0f50 WinRM - ok
08:55:57.0783 0x0f50 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
08:55:57.0829 0x0f50 WinUsb - ok
08:55:57.0986 0x0f50 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
08:55:58.0017 0x0f50 WlanSvc - ok
08:55:58.0079 0x0f50 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
08:55:58.0126 0x0f50 wlidsvc - ok
08:55:58.0142 0x0f50 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
08:55:58.0158 0x0f50 WmiAcpi - ok
08:55:58.0204 0x0f50 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
08:55:58.0236 0x0f50 wmiApSrv - ok
08:55:58.0267 0x0f50 WMPNetworkSvc - ok
08:55:58.0283 0x0f50 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys
08:55:58.0283 0x0f50 Wof - ok
08:55:58.0423 0x0f50 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
08:55:58.0517 0x0f50 workfolderssvc - ok
08:55:58.0548 0x0f50 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
08:55:58.0564 0x0f50 wpcfltr - ok
08:55:58.0595 0x0f50 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
08:55:58.0642 0x0f50 WPCSvc - ok
08:55:58.0658 0x0f50 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
08:55:58.0704 0x0f50 WPDBusEnum - ok
08:55:58.0720 0x0f50 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
08:55:58.0720 0x0f50 WpdUpFltr - ok
08:55:58.0751 0x0f50 [ 1CBA9D51136506BF038CB9FD81B55729, FA5D0292729BC99CEF66551F2A9815459C5AAC13D84C060EB4D5E866B78A3D6E ] WRkrn C:\WINDOWS\system32\drivers\WRkrn.sys
08:55:58.0767 0x0f50 WRkrn - ok
08:55:58.0876 0x0f50 [ F26F1B95672B020FE7B7464E5BC1481A, ABA78EC1CBCC573130F074E6076B81F20C79EE20EEE0A5B803D5D8F1E77C8D4C ] WRSVC C:\Program Files\Webroot\WRSA.exe
08:55:58.0939 0x0f50 WRSVC - ok
08:55:58.0970 0x0f50 [ 22C7AB222E19865659E412A43A9FB216, 1681780A3C6BCBA4619291A3B1F16BC6DCF84A3B619F89D0C262416441DBD01C ] wrUrlFlt C:\Windows\system32\DRIVERS\wrUrlFlt.sys
08:55:58.0970 0x0f50 wrUrlFlt - ok
08:55:59.0048 0x0f50 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
08:55:59.0079 0x0f50 ws2ifsl - ok
08:55:59.0111 0x0f50 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
08:55:59.0283 0x0f50 wscsvc - ok
08:55:59.0283 0x0f50 WSearch - ok
08:55:59.0530 0x0f50 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\WINDOWS\System32\WSService.dll
08:55:59.0592 0x0f50 WSService - ok
08:56:00.0139 0x0f50 [ FCF3912833E1B7F4EE61F07E79A7BBAC, D0E9F8969560BF2CF0BAA13C34AB4299F64841B2CF765537A72236BAAB86771E ] wuauserv C:\WINDOWS\system32\wuaueng.dll
08:56:00.0233 0x0f50 wuauserv - ok
08:56:00.0249 0x0f50 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
08:56:00.0280 0x0f50 WudfPf - ok
08:56:00.0311 0x0f50 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
08:56:00.0342 0x0f50 WUDFRd - ok
08:56:00.0374 0x0f50 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
08:56:00.0389 0x0f50 wudfsvc - ok
08:56:00.0405 0x0f50 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
08:56:00.0405 0x0f50 WUDFWpdFs - ok
08:56:00.0436 0x0f50 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
08:56:00.0452 0x0f50 WUDFWpdMtp - ok
08:56:00.0499 0x0f50 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
08:56:00.0546 0x0f50 WwanSvc - ok
08:56:00.0546 0x0f50 ================ Scan global ===============================
08:56:00.0639 0x0f50 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\WINDOWS\system32\basesrv.dll
08:56:00.0686 0x0f50 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
08:56:00.0717 0x0f50 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
08:56:00.0780 0x0f50 [ 5BF02EBEFEDC706318C96E2E60EDCB91, DC866C5BC3A887CAAA7169AB9BB2992F6F877B3EA04B62B4F95B6BD54943155F ] C:\WINDOWS\system32\services.exe
08:56:00.0796 0x0f50 [ Global ] - ok
08:56:00.0796 0x0f50 ================ Scan MBR ==================================
08:56:00.0811 0x0f50 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
08:56:00.0952 0x0f50 \Device\Harddisk0\DR0 - ok
08:56:00.0967 0x0f50 ================ Scan VBR ==================================
08:56:00.0983 0x0f50 [ 2786CD69DA466BDB94AB0EDD972C4767 ] \Device\Harddisk0\DR0\Partition1
08:56:00.0999 0x0f50 \Device\Harddisk0\DR0\Partition1 - ok
08:56:01.0014 0x0f50 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition2
08:56:01.0030 0x0f50 \Device\Harddisk0\DR0\Partition2 - ok
08:56:01.0046 0x0f50 [ FCB1DE8DF08BDFB2C532978720AAB5FC ] \Device\Harddisk0\DR0\Partition3
08:56:01.0046 0x0f50 \Device\Harddisk0\DR0\Partition3 - ok
08:56:01.0077 0x0f50 [ 3F23273DD6EAE2B7B1FF46669370A882 ] \Device\Harddisk0\DR0\Partition4
08:56:01.0077 0x0f50 \Device\Harddisk0\DR0\Partition4 - ok
08:56:01.0092 0x0f50 [ B90AC030D2E28DB80004C142087BCD33 ] \Device\Harddisk0\DR0\Partition5
08:56:01.0124 0x0f50 \Device\Harddisk0\DR0\Partition5 - ok
08:56:01.0155 0x0f50 [ E075EF4040E121CC55B222E41A6CC654 ] \Device\Harddisk0\DR0\Partition6
08:56:01.0217 0x0f50 \Device\Harddisk0\DR0\Partition6 - ok
08:56:01.0217 0x0f50 ================ Scan generic autorun ======================
08:56:01.0733 0x0f50 [ 76FC26D2DF6A1970AF70ACEC854450C0, 79973A2343739BFB8FA1BABC4DEBAD9C779B459227C3885F88853BF1A0E330C0 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
08:56:01.0842 0x0f50 RTHDVCPL - ok
08:56:01.0952 0x0f50 [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
08:56:01.0967 0x0f50 RtHDVBg_Dolby - ok
08:56:02.0014 0x0f50 [ 45D629AAF007A0DED6689A7A031D2AC7, DD10DEA927A2CC16EE38765DD1DE45E88288C09923DC14A95C1C6E457D535BCC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
08:56:02.0046 0x0f50 RtHDVBg_PushButton - ok
08:56:02.0249 0x0f50 [ 8792F13FD4EEE4C1C8C93086011A1A0A, 05DBD7292083D6063C81BC4B26E919111395210AD9AB1DDECEEC474EACAF48FA ] C:\Program Files (x86)\Online Armor\oaui.exe
08:56:02.0374 0x0f50 @OnlineArmor GUI - ok
08:56:02.0405 0x0f50 [ F81335DDF58DE487446438A5CBBC782F, E0C2350547B4B66C709679551177188C31E134E019011A703CAB39F9172731BC ] C:\Windows\system32\igfxtray.exe
08:56:02.0421 0x0f50 IgfxTray - ok
08:56:02.0421 0x0f50 SynTPEnh - ok
08:56:02.0577 0x0f50 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
08:56:02.0624 0x0f50 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
08:56:05.0093 0x0f50 Detect skipped due to KSN trusted
08:56:05.0093 0x0f50 IAStorIcon - ok
08:56:05.0311 0x0f50 [ F26F1B95672B020FE7B7464E5BC1481A, ABA78EC1CBCC573130F074E6076B81F20C79EE20EEE0A5B803D5D8F1E77C8D4C ] C:\Program Files\Webroot\WRSA.exe
08:56:05.0327 0x0f50 WRSVC - ok
08:56:05.0452 0x0f50 [ 369993D4B8C009393A2F9BCBB7BD2587, DD9FBF8C32BB3A29F7062BABA23B84FB9F7395A4AB3FB7001071154CDE92F7D5 ] C:\Program Files (x86)\Windows Mail\wab.exe
08:56:05.0530 0x0f50 WAB Migrate - ok
08:56:05.0530 0x0f50 Waiting for KSN requests completion. In queue: 16
08:56:06.0546 0x0f50 Waiting for KSN requests completion. In queue: 16
08:56:07.0546 0x0f50 Waiting for KSN requests completion. In queue: 16
08:56:08.0671 0x0f50 AV detected via SS2: Webroot SecureAnywhere, C:\Program Files\Webroot\WRSA.exe ( 8.0.7.33 ), 0x41000 ( enabled : updated )
08:56:08.0671 0x0f50 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
08:56:08.0671 0x0f50 FW detected via SS2: Online Armor Firewall, oasrv.exe ( ), 0x40010 ( disabled )
08:56:08.0686 0x0f50 Win FW state via NFP2: enabled
08:56:11.0186 0x0f50 ============================================================
08:56:11.0186 0x0f50 Scan finished
08:56:11.0186 0x0f50 ============================================================
08:56:11.0202 0x1a60 Detected object count: 0
08:56:11.0202 0x1a60 Actual detected object count: 0
08:56:15.0243 0x05a4 Deinitialize success

dbreeze · Mar 24, 2015

I have checked your other log files and there is nothing showing in them; they are clean. The RogueKiller file / program will always show the DNS and desktop lines as they must be manually verified to be good.

What are you seeing as a malware problem?

Peekabooboo · Mar 24, 2015

Previously, my windows version degraded so that I couldn't install security updates. I had my credit card number stolen. My Word kept crashing. Things were found off and on by various antivirus.

With my current installation (very fresh). My Bnet is acting wonky. Hearthstone is always crashing and Wow logs into the wrong account. So I worry that it's all happening again and there was a seed in my files somewhere. I don't have much else on the computer.

So maybe I'm just paranoid after seeing the RogueKiller entries there and having such a problem before. I'll reinstall Battlenet today. Anything else I should do?

Many thanks

dbreeze · Mar 24, 2015

This next step may take a while (just to warn you) .....

ESET Online does not work with IE 11 (Internet Explorer) at the moment (a few weeks ago anyway) so if you have IE 11, Chrome or Firefox has to be used instead. ESET Online does work with IE 10 and earlier.

You can leave Norton Enabled even though ESET may warn about it. just makes the scan take longer. The pictures below showing what to click may be blue instead of green on the ESET website now, but the procedure is still the same

Please read carefully and Slowly, Notice all the settings listed below to check before starting the scan. Stop and ask if you have any questions.

Take note of the NO tick in the Remove found threats setting below at it needs to have the tick removed.

-------------------------------------------------------------------------------------------------------------------

Hold down Control key and click on the following link to open ESET OnlineScan in a new window.

Link =>> ESET Online Scanner <<

Click the Run ESET Online Scanner located on the left side of the page (not the free trial).

For browsers other than Internet Explorer only: (Microsoft Internet Explorer users can skip this step)
Click on the esetsmartinstaller link in the popup window that opens. Save it to your desktop.

Double click on the icon on your desktop.

Check (accept) the Terms of Use.

Click the START button.
Accept any security warnings from your browser.

Now in the Computer scan settings window that appears:-
Make sure that the option Enable detection of potentially unwanted applications is selected.
Now click on Advanced Settings and configure the options as follows:

Remove found threats is Not checked
Scan archives is checked
Scan for potentially unsafe applications is checked
Enable Anti-Stealth Technology is checked

Now click on: Start

ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.

When the scan is finished, if any threats are found you will see the screen below. Click to view the found threats.

At the bottom of the listed threats, there is an option to save the results to a text file. Please do this so you can attach the results here for review and removal of the items that are not false positives (these will be scripted out so do not worry).

Once the log text file is saved, return to the Scan Finished screen by clicking "<<Back", then click on the uninstall button and click Finish.

Attach the saved log file in your next reply please. Thanks.

Peekabooboo · Mar 25, 2015

1 item found. Left unfixed.

C:\Windows\options\setb.exe a variant of Win32/Packed.Themida potentially unwanted application

dbreeze · Mar 25, 2015

In checking on the infection that was 'found' there seems to be quite a bit of debate over ESET's detection of this malware in the past. It would be best if we check the file with other scanners before doing anything else with it.

File Scanner
There is a file I need you to upload for checking

Please go to VirusTotal.com FREE on-line scan service
Click on the "Choose file" box in the middle of the page
Using the File Upload window that opens, navigate to the following file
- C:\Windows\options\setb.exe
Click on the Upload button and then the Scan It! button on the main VirusTotal web page.
If a pop-up appears saying the file has been scanned already, please select the ReScan button.
Once the Scan is completed, left click on the Address bar of your browser (this should select the entire address of the web page with the scan results), right click on the highlighted address and select Copy.
Paste the copied address in your next reply.

Thank you.

Peekabooboo · Mar 25, 2015

https://www.virustotal.com/en/file/...586bd5b8cb7b5ce3a2f1522e3a10287901c/analysis/

Thanks.

dbreeze · Mar 26, 2015

Wow; don't know where this file came from or how long it has been on your system but please delete it and then empty your Recycle Bin right after that.

After that, how is your system running now?

Peekabooboo · Mar 26, 2015

Okay, deleted.

I reinstalled battlenet and the games are running fine. Word seems stable. That's all I've used. And it seems to boot fast.

dbreeze · Mar 26, 2015

See if you have any errors with the system and if not, then let's clean the tools off the system and get you back to having fun!

Clean up of Malware Removal Tools
Now that we are through using these tools, let's clean them off your system so that should you ever need to have malware removed again (we hope not) fresh, updated copies will be downloaded.

Download Delfix from here to your desktop and double click it to start the program
Ensure Remove disinfection tools is ticked
Also tick:
Activate UAC
Create registry backup
Purge system restore
Reset system settings
Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

You can delete any log files left on your desktop as these are no longer needed.

Peekabooboo · Mar 26, 2015

Okay Webroot thought it was a virus so I shut it down for a bit.
--

# DelFix v10.9 - Logfile created 26/03/2015 at 09:05:49
# Updated 27/02/2015 by Xplode
# Username : Michael - MICHAELXXX
# Operating System : Windows 8.1 (64 bits)

~ Activating UAC ... OK

~ Removing disinfection tools ...

Deleted : C:\FRST
Deleted : C:\AdwCleaner
Deleted : C:\Users\Michael\Desktop\esetsmartinstaller_enu.exe
Deleted : HKLM\SOFTWARE\AdwCleaner

~ Creating registry backup ... OK

~ Cleaning system restore ...

Deleted : RP #6 [Scheduled Checkpoint | 03/23/2015 18:37:36]

New restore point created !

~ Resetting system settings ... OK

########## - EOF - ##########

Help Needed

Peekabooboo

Attachments

Peekabooboo

dbreeze

Peekabooboo

Peekabooboo

dbreeze

Peekabooboo

dbreeze

Peekabooboo

Attachments

dbreeze

Peekabooboo

dbreeze

Peekabooboo

dbreeze

Peekabooboo

Users Who Are Viewing This Thread (Users: 0, Guests: 1)

Welcome to Tech Support Guy!

Latest posts

Staff online

Members online