Jump to content

FallenWisp

Members
  • Content Count

    11
  • Joined

  • Last visited

About FallenWisp

  • Rank
    New Member
  1. Good day, Nothing uses a lot of CPU in the Task Manager, aside form the task manager window itself for a brief second when I open it. Then it's fine. The problem with the fan making noise when I watch high quality streams/videos, play games still persists. Tbh, I feel like we may have killed the miner already? What if this fan problem is just the damage caused by the miner, a consequence of the miner infecting a laptop? A hardware problem? Here's the FRST Fixlog Fixlog.txt
  2. Hi, Yeah, I deleted ForgedAlliance and Mail.ru but they seem to be just the leftovers. About the router... I'm using neighbour's Wi-Fi, so I don't think I can do anything in that regard
  3. Hello, Here's the RogueKiller log: RogueKiller Anti-Malware V13.4.3.0 (x64) [Aug 20 2019] (Free) by Adlice Software mail : https://adlice.com/contact/ Website : https://adlice.com/download/roguekiller/ Operating System : Windows 8.1 (6.3.9600) 64 bits Started in : Normal mode User : User [Administrator] Started from : C:\Program Files\RogueKiller\RogueKiller64.exe Signatures : 20190828_155619, Driver : Loaded Mode : Standard Scan, Scan -- Date : 2019/08/29 15:40:14 (Duration : 00:25:37) ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ >>>>>> XX - Software [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2839409425-609468984-1780624264-1001\Software\eSupport.com -- N/A -> Found [PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-2839409425-609468984-1780624264-1001\Software\IM -- N/A -> Found >>>>>> O87 - Firewall [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|TCP Query User{D47E049A-9EE5-4467-80DB-A3E9B9976064}C:\programdata\faforever\bin\forgedalliance.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=6|Profile=Private|App=C:\programdata\faforever\bin\forgedalliance.exe|Name=forgedalliance|Desc=forgedalliance|Defer=User| (C:\programdata\faforever\bin\forgedalliance.exe) -> Found [Suspicious.Path (Potentially Malicious)] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules|UDP Query User{DD793C1C-A8AE-49CB-9369-9B1A81509C52}C:\programdata\faforever\bin\forgedalliance.exe -- v2.10|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Private|App=C:\programdata\faforever\bin\forgedalliance.exe|Name=forgedalliance|Desc=forgedalliance|Defer=User| (C:\programdata\faforever\bin\forgedalliance.exe) -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [Hj.Hosts (Malicious)] rad.msn.com => 127.0.0.1 -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ [PUP.MailRU (Potentially Malicious)] (folder) Mail.Ru -- C:\ProgramData\Mail.Ru -> Found ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ ------- Here's the TDSS log: 16:40:41.0006 0x1bf8 TDSS rootkit removing tool 3.1.0.28 Apr 9 2019 21:11:46 16:40:41.0006 0x1bf8 UEFI system 16:40:44.0712 0x1bf8 ============================================================ 16:40:44.0712 0x1bf8 Current date / time: 2019/08/29 16:40:44.0712 16:40:44.0712 0x1bf8 SystemInfo: 16:40:44.0712 0x1bf8 16:40:44.0712 0x1bf8 OS Version: 6.3.9600 ServicePack: 0.0 16:40:44.0712 0x1bf8 Product type: Workstation 16:40:44.0712 0x1bf8 ComputerName: FALLENWISP 16:40:44.0712 0x1bf8 UserName: User 16:40:44.0712 0x1bf8 Windows directory: C:\Windows 16:40:44.0712 0x1bf8 System windows directory: C:\Windows 16:40:44.0712 0x1bf8 Running under WOW64 16:40:44.0712 0x1bf8 Processor architecture: Intel x64 16:40:44.0712 0x1bf8 Number of processors: 4 16:40:44.0712 0x1bf8 Page size: 0x1000 16:40:44.0712 0x1bf8 Boot type: Normal boot 16:40:44.0712 0x1bf8 CodeIntegrityOptions = 0x00000001 16:40:44.0712 0x1bf8 ============================================================ 16:40:45.0290 0x1bf8 KLMD registered as C:\Windows\system32\drivers\37527874.sys 16:40:45.0290 0x1bf8 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 9600.19067, osProperties = 0x19 16:40:45.0509 0x1bf8 System UUID: {5CA0D464-108D-3DF8-D1C7-D12D99CA6B44} 16:40:46.0087 0x1bf8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 16:40:46.0103 0x1bf8 ============================================================ 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0: 16:40:46.0103 0x1bf8 GPT partitions: 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {00DA632E-8732-4CA9-A751-30BA00A9A30F}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x145000 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {C87D009A-B358-4366-971F-FB2233813006}, Name: EFI system partition, StartLBA 0x145800, BlocksNum 0x82000 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {485EE031-8117-4DD5-AEC8-A9DB61354771}, Name: Microsoft reserved partition, StartLBA 0x1C7800, BlocksNum 0x40000 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {884EF22B-197F-433A-858F-8C12C09DFD8F}, Name: Basic data partition, StartLBA 0x207800, BlocksNum 0x37A04800 16:40:46.0103 0x1bf8 \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {70CEA76F-76B7-44B9-AA9F-F475A298E3DC}, Name: Basic data partition, StartLBA 0x37C0C000, BlocksNum 0x2777800 16:40:46.0103 0x1bf8 MBR partitions: 16:40:46.0103 0x1bf8 ============================================================ 16:40:46.0119 0x1bf8 😄 <-> \Device\Harddisk0\DR0\Partition4 16:40:46.0165 0x1bf8 😧 <-> \Device\Harddisk0\DR0\Partition5 16:40:46.0197 0x1bf8 ============================================================ 16:40:46.0197 0x1bf8 Initialize success 16:40:46.0197 0x1bf8 ============================================================ 16:41:39.0521 0x1944 ============================================================ 16:41:39.0521 0x1944 Scan started 16:41:39.0521 0x1944 Mode: Manual; 16:41:39.0521 0x1944 ============================================================ 16:41:39.0521 0x1944 KSN ping started 16:41:39.0599 0x1944 KSN ping finished: true 16:41:43.0528 0x1944 ================ Scan BIOS ================================= 16:41:43.0528 0x1944 BIOS info: vendor = Insyde, version = F.11, releaseDate = 08/07/2014 16:41:43.0528 0x1944 Base board info: manufacturer = Hewlett-Packard, product = 2281, version = 77.25 16:41:43.0997 0x1944 [ E6A1066A12F8E1A95DF527617F33CF62, F765D8FD2E15ED5C5232E5F92845B69AA393F84DC34B6325E5DAA0A9DBA8A862 ] BIOS 16:41:43.0997 0x1944 BIOS - ok 16:41:43.0997 0x1944 ================ Scan system memory ======================== 16:41:43.0997 0x1944 System memory - ok 16:41:44.0012 0x1944 ================ Scan services ============================= 16:41:44.0169 0x1944 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys 16:41:44.0184 0x1944 1394ohci - ok 16:41:44.0216 0x1944 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\Windows\system32\drivers\3ware.sys 16:41:44.0216 0x1944 3ware - ok 16:41:44.0247 0x1944 [ F39180029723D7779C80360F9E255709, F4831FEE79AAF4DB66BF58D3F89B8A6DD8F38CD546B3C653BFF7052DDA112CC6 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys 16:41:44.0247 0x1944 Accelerometer - ok 16:41:44.0309 0x1944 [ 508526EB2308D259DB8542FF50E9112C, DBF657F5D8890E2F58D3EE47B5F5A98DFB838CDD2871CE580B3FC1BDDC2A590E ] ACPI C:\Windows\system32\drivers\ACPI.sys 16:41:44.0325 0x1944 ACPI - ok 16:41:44.0341 0x1944 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\Windows\system32\Drivers\acpiex.sys 16:41:44.0341 0x1944 acpiex - ok 16:41:44.0356 0x1944 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys 16:41:44.0356 0x1944 acpipagr - ok 16:41:44.0356 0x1944 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys 16:41:44.0356 0x1944 AcpiPmi - ok 16:41:44.0372 0x1944 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\Windows\System32\drivers\acpitime.sys 16:41:44.0372 0x1944 acpitime - ok 16:41:44.0403 0x1944 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS 16:41:44.0429 0x1944 ADP80XX - ok 16:41:44.0476 0x1944 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll 16:41:44.0476 0x1944 AeLookupSvc - ok 16:41:44.0538 0x1944 [ B246BEE99740A2A357E21D863A18774D, CE000059C157101D6C429594E76A69C4E863A9E752015D542E4F308E8D515386 ] AFD C:\Windows\system32\drivers\afd.sys 16:41:44.0554 0x1944 AFD - ok 16:41:44.0569 0x1944 [ 20FFFCA6E9870E358DBE402F7DBD3E6C, 8F964219C777C86ECC572E8B340C814CA09A0B88E4F1CF3DE4D5F1FD115D73ED ] agp440 C:\Windows\system32\drivers\agp440.sys 16:41:44.0569 0x1944 agp440 - ok 16:41:44.0616 0x1944 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys 16:41:44.0616 0x1944 ahcache - ok 16:41:44.0663 0x1944 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\Windows\System32\alg.exe 16:41:44.0663 0x1944 ALG - ok 16:41:44.0710 0x1944 [ 4A3FAD94DC163A7C145EB7609D38925C, 81F4745EDC3267412016EE5FF954D9AAD60122421B5D3D9AA814DB2E464397A0 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys 16:41:44.0726 0x1944 AmdK8 - ok 16:41:44.0741 0x1944 [ 466133F035543C450C6AC00B8860FDA4, 417F259B97E5AFD405ED9235551E31860A66D84868306AF90E94A46BAA0F6D75 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys 16:41:44.0741 0x1944 AmdPPM - ok 16:41:44.0773 0x1944 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\Windows\system32\drivers\amdsata.sys 16:41:44.0773 0x1944 amdsata - ok 16:41:44.0788 0x1944 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys 16:41:44.0804 0x1944 amdsbs - ok 16:41:44.0819 0x1944 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\Windows\system32\drivers\amdxata.sys 16:41:44.0819 0x1944 amdxata - ok 16:41:44.0867 0x1944 [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc C:\Windows\system32\inetsrv\apphostsvc.dll 16:41:44.0867 0x1944 AppHostSvc - ok 16:41:44.0914 0x1944 [ 29A3E5D36112A738B354E4DF2691CE41, 135028B4ECB9C31B57CEA68B898B265EC379FF738FF924B6F412D7E5EB61C2A6 ] AppID C:\Windows\system32\drivers\appid.sys 16:41:44.0914 0x1944 AppID - ok 16:41:44.0961 0x1944 [ 942C8297400FCFB13CEE3F3CD89C5CE5, AFD9EC35F6C44D86DD5943A2AB0B99B0C1B1783D70FD966F6467F97F0831403F ] AppIDSvc C:\Windows\System32\appidsvc.dll 16:41:44.0961 0x1944 AppIDSvc - ok 16:41:44.0992 0x1944 [ 54ACF58A59A5FD3AD29EABBECA5B5BA4, B3B7572E93ACFF3CCB08968F33B796A6FC6DDCF75F48038A0626E46997AAD2D1 ] Appinfo C:\Windows\System32\appinfo.dll 16:41:45.0007 0x1944 Appinfo - ok 16:41:45.0054 0x1944 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\Windows\system32\AppReadiness.dll 16:41:45.0070 0x1944 AppReadiness - ok 16:41:45.0148 0x1944 [ E0F846ADE7DED88981D0908DE56FF160, D8F536438091878724A5004849306ADFB96A2778A9D958ED3DCC0CD9E35160BB ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll 16:41:45.0195 0x1944 AppXSvc - ok 16:41:45.0226 0x1944 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\Windows\system32\drivers\arcsas.sys 16:41:45.0226 0x1944 arcsas - ok 16:41:45.0367 0x1944 [ B29B39713E36AEDC517AEF58321B52D9, 016FFC93CB5BA15E6FA48B3334F69E8D80D0FC9B51B0477B4D4CEE0186303ABC ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe 16:41:45.0383 0x1944 aspnet_state - ok 16:41:45.0398 0x1944 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\Windows\system32\drivers\atapi.sys 16:41:45.0398 0x1944 atapi - ok 16:41:45.0445 0x1944 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll 16:41:45.0461 0x1944 AudioEndpointBuilder - ok 16:41:45.0523 0x1944 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\Windows\System32\Audiosrv.dll 16:41:45.0554 0x1944 Audiosrv - ok 16:41:45.0586 0x1944 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\Windows\System32\AxInstSV.dll 16:41:45.0586 0x1944 AxInstSV - ok 16:41:45.0625 0x1944 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys 16:41:45.0641 0x1944 b06bdrv - ok 16:41:45.0672 0x1944 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys 16:41:45.0672 0x1944 BasicDisplay - ok 16:41:45.0719 0x1944 [ BF002CF6CA41491665F7D3DCA51B7EFB, 4925B7689B47C583901CD75E7AB9160100838D5E33B829EB3CA4F71F7514958B ] BasicRender C:\Windows\System32\drivers\BasicRender.sys 16:41:45.0719 0x1944 BasicRender - ok 16:41:45.0750 0x1944 [ F8FE7E12F8151E0A17C23CF840599F9A, 5D1AA3A5DAC08B521A7BE775F32434AFF1F5F19B69CD16D2D94B0D399E61C371 ] bcbtums C:\Windows\system32\drivers\bcbtums.sys 16:41:45.0750 0x1944 bcbtums - ok 16:41:46.0000 0x1944 [ 4613137067E0E39B8CCF22284FBB4FD2, 8347CBD51AE51032A88F2FD92C3315B43C0FFC33E03C9DD073AA3E59A5CEC6B3 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys 16:41:46.0329 0x1944 BCM43XX - ok 16:41:46.0410 0x1944 [ 43907773F7563AF4DF0999D47522E802, 2563666842008E202B6A64435F06169A259D6DC56D16AF7359114C20A4FA4400 ] BcmBtRSupport C:\Windows\system32\BtwRSupportService.exe 16:41:46.0488 0x1944 BcmBtRSupport - ok 16:41:46.0504 0x1944 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys 16:41:46.0504 0x1944 bcmfn2 - ok 16:41:46.0551 0x1944 [ 174394F4EF93C117BF7BE3878046A1B1, D58E868342D1DAFC4B04384A3713F729DF07F408AA6AE4762E6A4244F976526A ] BDESVC C:\Windows\System32\bdesvc.dll 16:41:46.0566 0x1944 BDESVC - ok 16:41:46.0582 0x1944 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\Windows\system32\drivers\Beep.sys 16:41:46.0582 0x1944 Beep - ok 16:41:46.0629 0x1944 [ 4BA5C192E77375B62D603B38B9D99128, E1BF8646DA927EF81A9B940D0FAE7E49116A713F335625C5E18224BBB79F165E ] BFE C:\Windows\System32\bfe.dll 16:41:46.0660 0x1944 BFE - ok 16:41:46.0723 0x1944 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\Windows\System32\qmgr.dll 16:41:46.0754 0x1944 BITS - ok 16:41:46.0832 0x1944 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe 16:41:46.0848 0x1944 Bonjour Service - ok 16:41:46.0879 0x1944 [ 4938A9236300A356F97E378491EE4844, 60D892960D48EEF48F8EC4DE4F174EBD0BC0E7B28B6D8723D554CD1979EB55B4 ] bowser C:\Windows\system32\DRIVERS\bowser.sys 16:41:46.0894 0x1944 bowser - ok 16:41:46.0941 0x1944 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll 16:41:46.0941 0x1944 BrokerInfrastructure - ok 16:41:46.0988 0x1944 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\Windows\System32\browser.dll 16:41:46.0988 0x1944 Browser - ok 16:41:47.0066 0x1944 [ 0E03E300CB28F30843F40069563CE2AD, 8D1E78A847B548F32E15573A39E403E6A65838C77628B9F9BFBDED527BAE9054 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe 16:41:47.0066 0x1944 BrYNSvc - ok 16:41:47.0098 0x1944 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys 16:41:47.0098 0x1944 BthAvrcpTg - ok 16:41:47.0144 0x1944 [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum C:\Windows\System32\drivers\BthEnum.sys 16:41:47.0144 0x1944 BthEnum - ok 16:41:47.0191 0x1944 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys 16:41:47.0191 0x1944 BthHFEnum - ok 16:41:47.0207 0x1944 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys 16:41:47.0207 0x1944 bthhfhid - ok 16:41:47.0254 0x1944 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll 16:41:47.0269 0x1944 BthHFSrv - ok 16:41:47.0301 0x1944 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys 16:41:47.0316 0x1944 BthLEEnum - ok 16:41:47.0337 0x1944 [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys 16:41:47.0337 0x1944 BTHMODEM - ok 16:41:47.0368 0x1944 [ D0AF91AF656E25AD8617EFA5B52EF457, FD723D99A0B8466BD991648DEED1831D32FD3A5995DD0E0837390746B8A7B439 ] BthPan C:\Windows\System32\drivers\bthpan.sys 16:41:47.0383 0x1944 BthPan - ok 16:41:47.0462 0x1944 [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys 16:41:47.0508 0x1944 BTHPORT - ok 16:41:47.0555 0x1944 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\Windows\system32\bthserv.dll 16:41:47.0555 0x1944 bthserv - ok 16:41:47.0587 0x1944 [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys 16:41:47.0602 0x1944 BTHUSB - ok 16:41:47.0634 0x1944 [ 8A44414F20A086D6C4F4CF6CA51E02F9, D360454AD7F20AFFD79BBD618CD8BE162DE59EBA9BC8D01D5C2480C9F3845EEB ] btwampfl C:\Windows\system32\DRIVERS\btwampfl.sys 16:41:47.0634 0x1944 btwampfl - ok 16:41:47.0665 0x1944 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys 16:41:47.0665 0x1944 cdfs - ok 16:41:47.0712 0x1944 [ D61EDE3D49B04E703AEC3B111C763F42, A07780B7AAA982B1971C1FE3B597840541BF9FCE9D8322807C9C12300F9D2987 ] cdrom C:\Windows\System32\drivers\cdrom.sys 16:41:47.0712 0x1944 cdrom - ok 16:41:47.0759 0x1944 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] CertPropSvc C:\Windows\System32\certprop.dll 16:41:47.0759 0x1944 CertPropSvc - ok 16:41:47.0774 0x1944 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\Windows\System32\drivers\circlass.sys 16:41:47.0790 0x1944 circlass - ok 16:41:47.0837 0x1944 [ 83798256E1662C64991267FB95E1149F, F94E103CF66988B8235FCA0293C5F44C1A30D6D910ADBB05A9D638E0B0F64EE8 ] CLFS C:\Windows\system32\drivers\CLFS.sys 16:41:47.0837 0x1944 CLFS - ok 16:41:47.0868 0x1944 [ 5C646CAC91E086F7FF53C7F2E857F263, 67AF6FBF88B7EE530A9BA53833EAFCC78BF8362E82BF81180858F1D17DFC73E6 ] CLVirtualDrive C:\Windows\system32\DRIVERS\CLVirtualDrive.sys 16:41:47.0868 0x1944 CLVirtualDrive - ok 16:41:47.0899 0x1944 [ 9731DAFDC7B690B2C7752FDFF045BFD8, 9DDBDC4FE519AF38993EAB2F16602B2B71CF8675BDD1F651F22DFA8C5C2C80F7 ] clwvd C:\Windows\system32\DRIVERS\clwvd.sys 16:41:47.0899 0x1944 clwvd - ok 16:41:47.0899 0x1944 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\Windows\System32\drivers\CmBatt.sys 16:41:47.0915 0x1944 CmBatt - ok 16:41:47.0962 0x1944 [ 6B3BFBC8A93CA85851CAF9C5ACF89824, 6921D52AFCCDF3B712E5192C7278B5CE141CF37D90BA9932A12F218209CE2829 ] CNG C:\Windows\system32\Drivers\cng.sys 16:41:47.0977 0x1944 CNG - ok 16:41:48.0024 0x1944 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys 16:41:48.0024 0x1944 CompositeBus - ok 16:41:48.0024 0x1944 COMSysApp - ok 16:41:48.0055 0x1944 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\Windows\system32\drivers\condrv.sys 16:41:48.0055 0x1944 condrv - ok 16:41:48.0118 0x1944 [ 370CE1518F8AC94F045BD9F74BD21F63, 2B697B7801A5ED46992E530CD271C44C3450BA3E17165D41AC15AF8E72781DCB ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe 16:41:48.0118 0x1944 cphs - ok 16:41:48.0180 0x1944 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\Windows\system32\cryptsvc.dll 16:41:48.0180 0x1944 CryptSvc - ok 16:41:48.0196 0x1944 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\Windows\system32\drivers\dam.sys 16:41:48.0196 0x1944 dam - ok 16:41:48.0275 0x1944 [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] DcomLaunch C:\Windows\system32\rpcss.dll 16:41:48.0290 0x1944 DcomLaunch - ok 16:41:48.0369 0x1944 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\Windows\System32\defragsvc.dll 16:41:48.0384 0x1944 defragsvc - ok 16:41:48.0431 0x1944 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\Windows\system32\das.dll 16:41:48.0447 0x1944 DeviceAssociationService - ok 16:41:48.0494 0x1944 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\Windows\system32\umpnpmgr.dll 16:41:48.0494 0x1944 DeviceInstall - ok 16:41:48.0540 0x1944 [ D1049D4D1311D43F6FCF180CAA5BF78B, E32D3B0FB3CFE2E9C243E7540B9A534B6B5B53759A3883A231EB69F4A8C823C1 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys 16:41:48.0540 0x1944 Dfsc - ok 16:41:48.0587 0x1944 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\Windows\system32\dhcpcore.dll 16:41:48.0603 0x1944 Dhcp - ok 16:41:48.0697 0x1944 [ 0AC9F83A5508935DE89C447473085EEA, 223782B17BACEFB0A663EB13514B68B919C95EF641CDDA7AC30CB239BC4307EC ] DiagTrack C:\Windows\system32\diagtrack.dll 16:41:48.0759 0x1944 DiagTrack - ok 16:41:48.0822 0x1944 [ 91DF13EC831BDCFA36A7A12CD13D66B9, 5054281FE91D4BE0DB446F6F30E3D59E669185555F6C20B988DEC250713FFCED ] Disc Soft Lite Bus Service C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe 16:41:48.0869 0x1944 Disc Soft Lite Bus Service - ok 16:41:48.0916 0x1944 [ BF6D8575DDF30384939B2D5251F27C1F, 1605530BC61FB726F1095C5B5C8E27B18C06BCE01948550988E9EDCEBBCC0B3D ] disk C:\Windows\system32\drivers\disk.sys 16:41:48.0916 0x1944 disk - ok 16:41:48.0947 0x1944 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys 16:41:48.0947 0x1944 dmvsc - ok 16:41:48.0994 0x1944 [ 2777CAC4B6E23C95A7C6E11701F4ED62, 0B6E2D46FD66BFB1AACF80A4E42B31470A6335FE484F469E478BFCDBA9B84F66 ] Dnscache C:\Windows\System32\dnsrslvr.dll 16:41:49.0009 0x1944 Dnscache - ok 16:41:49.0056 0x1944 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\Windows\System32\dot3svc.dll 16:41:49.0056 0x1944 dot3svc - ok 16:41:49.0103 0x1944 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\Windows\system32\dps.dll 16:41:49.0119 0x1944 DPS - ok 16:41:49.0166 0x1944 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys 16:41:49.0166 0x1944 drmkaud - ok 16:41:49.0181 0x1944 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll 16:41:49.0197 0x1944 DsmSvc - ok 16:41:49.0212 0x1944 [ 496C3C6BC3D930D0960C9E75AA30F4A7, 3FE0E86DA8C2C6A990BB2F1B92C22BD3483882B8D69FF8025BB68A199362C234 ] dtlitescsibus C:\Windows\System32\drivers\dtlitescsibus.sys 16:41:49.0212 0x1944 dtlitescsibus - ok 16:41:49.0306 0x1944 [ C8104980940704E2F86A6448C601FD06, 0EBA7901DB97AE6D09A12B7A82FF56587E7BA2772B59BE711CF1F216EAC4D3AE ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys 16:41:49.0353 0x1944 DXGKrnl - ok 16:41:49.0406 0x1944 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\Windows\System32\eapsvc.dll 16:41:49.0406 0x1944 Eaphost - ok 16:41:49.0536 0x1944 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\Windows\system32\drivers\evbda.sys 16:41:49.0645 0x1944 ebdrv - ok 16:41:49.0694 0x1944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\Windows\System32\lsass.exe 16:41:49.0694 0x1944 EFS - ok 16:41:49.0725 0x1944 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys 16:41:49.0725 0x1944 EhStorClass - ok 16:41:49.0741 0x1944 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys 16:41:49.0757 0x1944 EhStorTcgDrv - ok 16:41:49.0772 0x1944 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\Windows\System32\drivers\errdev.sys 16:41:49.0772 0x1944 ErrDev - ok 16:41:49.0850 0x1944 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\Windows\system32\es.dll 16:41:49.0866 0x1944 EventSystem - ok 16:41:49.0913 0x1944 [ A0539478593A00AA64E600CF7E19F195, BD835D70F3EE9BFEFFABE747AD65BC97C73AD8042F653BF93535277FB0CBD4CE ] EvolveVirtualAdapter C:\Windows\system32\DRIVERS\evolve.sys 16:41:49.0913 0x1944 EvolveVirtualAdapter - ok 16:41:49.0944 0x1944 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\Windows\system32\drivers\exfat.sys 16:41:49.0944 0x1944 exfat - ok 16:41:49.0991 0x1944 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\Windows\system32\drivers\fastfat.sys 16:41:49.0991 0x1944 fastfat - ok 16:41:50.0053 0x1944 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\Windows\system32\fxssvc.exe 16:41:50.0069 0x1944 Fax - ok 16:41:50.0085 0x1944 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\Windows\System32\drivers\fdc.sys 16:41:50.0085 0x1944 fdc - ok 16:41:50.0125 0x1944 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\Windows\system32\fdPHost.dll 16:41:50.0125 0x1944 fdPHost - ok 16:41:50.0188 0x1944 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\Windows\system32\fdrespub.dll 16:41:50.0188 0x1944 FDResPub - ok 16:41:50.0219 0x1944 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\Windows\system32\fhsvc.dll 16:41:50.0219 0x1944 fhsvc - ok 16:41:50.0250 0x1944 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys 16:41:50.0250 0x1944 FileInfo - ok 16:41:50.0266 0x1944 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\Windows\system32\drivers\filetrace.sys 16:41:50.0281 0x1944 Filetrace - ok 16:41:50.0281 0x1944 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys 16:41:50.0281 0x1944 flpydisk - ok 16:41:50.0328 0x1944 [ E8F02B7A595B9E7F0A38BDB1C40C60A5, 64E64BA029B798739C38E524E24530EE570897E327B72854A8CBCE4FAD7AD1E5 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys 16:41:50.0344 0x1944 FltMgr - ok 16:41:50.0423 0x1944 [ 223CD19D2F84B7B42081F4FB530B658F, 4A9D1A6688C3C8F0B866B0FE2715C9FBA62BE66D4ADCC327A8CABF9EA876A664 ] FontCache C:\Windows\system32\FntCache.dll 16:41:50.0486 0x1944 FontCache - ok 16:41:50.0569 0x1944 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 16:41:50.0569 0x1944 FontCache3.0.0.0 - ok 16:41:50.0616 0x1944 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys 16:41:50.0616 0x1944 FsDepends - ok 16:41:50.0632 0x1944 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys 16:41:50.0632 0x1944 Fs_Rec - ok 16:41:50.0694 0x1944 [ 2C8D12C3C6E6FA87795B3328BDA85EB0, 042885D56D56BF43BE9C67721F2095FF896A91BE8C958058765D5191B6375A5F ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys 16:41:50.0710 0x1944 fvevol - ok 16:41:50.0725 0x1944 [ 49E44F7804BD7575639A833ADC89A1B4, D89605DF3284A92623A42C906EABFAED4A206B089C76869D232F6AD711FEF6DB ] FxPPM C:\Windows\System32\drivers\fxppm.sys 16:41:50.0725 0x1944 FxPPM - ok 16:41:50.0757 0x1944 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys 16:41:50.0757 0x1944 gagp30kx - ok 16:41:50.0788 0x1944 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys 16:41:50.0788 0x1944 gencounter - ok 16:41:50.0960 0x1944 [ AA561BD7D527EC7FC8F284FC16CE32BE, 209B6E4AAC3BCFA64FD8D3E7049B78BE9F2BE17F100852FDEF5D8B5DA61EA9C6 ] GoogleChromeElevationService C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\elevation_service.exe 16:41:51.0007 0x1944 GoogleChromeElevationService - ok 16:41:51.0054 0x1944 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys 16:41:51.0054 0x1944 GPIOClx0101 - ok 16:41:51.0132 0x1944 [ 2DAFF4F76A90E3C523C2FE50338537E9, 625745E538208B50E8F5A9A2C09C6CD03D51E424BB16BC6C5B156CBC25373B6D ] gpsvc C:\Windows\System32\gpsvc.dll 16:41:51.0179 0x1944 gpsvc - ok 16:41:51.0241 0x1944 [ 82F657B0AEE67A6A560321CF0927F9F7, 794CF7644115198DB451431BCA7C89FF9A97550482B1E3F7F13EB7ACA6120A11 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:41:51.0241 0x1944 gupdate - ok 16:41:51.0241 0x1944 [ 82F657B0AEE67A6A560321CF0927F9F7, 794CF7644115198DB451431BCA7C89FF9A97550482B1E3F7F13EB7ACA6120A11 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe 16:41:51.0241 0x1944 gupdatem - ok 16:41:51.0288 0x1944 [ 7F79205B4EFA98F0767309479C8C01C6, 4B576903A83F33A8CF31D3887144A3D51C56D1187115C83AC99C0E9F6B4BF128 ] Hamachi C:\Windows\system32\DRIVERS\Hamdrv.sys 16:41:51.0288 0x1944 Hamachi - ok 16:41:51.0319 0x1944 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys 16:41:51.0335 0x1944 HdAudAddService - ok 16:41:51.0382 0x1944 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys 16:41:51.0382 0x1944 HDAudBus - ok 16:41:51.0399 0x1944 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\Windows\System32\drivers\HidBatt.sys 16:41:51.0399 0x1944 HidBatt - ok 16:41:51.0446 0x1944 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\Windows\System32\drivers\hidbth.sys 16:41:51.0446 0x1944 HidBth - ok 16:41:51.0446 0x1944 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys 16:41:51.0446 0x1944 hidi2c - ok 16:41:51.0461 0x1944 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\Windows\System32\drivers\hidir.sys 16:41:51.0477 0x1944 HidIr - ok 16:41:51.0508 0x1944 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\Windows\system32\hidserv.dll 16:41:51.0508 0x1944 hidserv - ok 16:41:51.0586 0x1944 [ 49676FEC898AB2A11B157F848269A56E, 011E6DDEF9570212520F92FEFD205E1F8104F198B57C40D11BE857FCBCC5F68D ] HidUsb C:\Windows\System32\drivers\hidusb.sys 16:41:51.0586 0x1944 HidUsb - ok 16:41:51.0617 0x1944 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\Windows\system32\kmsvc.dll 16:41:51.0633 0x1944 hkmsvc - ok 16:41:51.0664 0x1944 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\Windows\system32\ListSvc.dll 16:41:51.0680 0x1944 HomeGroupListener - ok 16:41:51.0727 0x1944 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll 16:41:51.0742 0x1944 HomeGroupProvider - ok 16:41:51.0789 0x1944 [ D304B2B9C544B66847359F2BAE1F3DE9, C54EC99BEFECBDF53779D36C8BA2B8B3352B0BAF1582051EE15A1086E95DEFE8 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe 16:41:51.0789 0x1944 HP Support Assistant Service - ok 16:41:51.0822 0x1944 [ 8B8E6BD988EAF18C1B86704BF05E5C03, 84052C116032F3DC47B0D3A7A8FC8E86DF94DDB3136C866D8FC8A3DF23209DEC ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys 16:41:51.0822 0x1944 hpdskflt - ok 16:41:51.0885 0x1944 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe 16:41:51.0932 0x1944 hpqwmiex - ok 16:41:51.0948 0x1944 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys 16:41:51.0948 0x1944 HpSAMD - ok 16:41:51.0963 0x1944 [ 0865F178E272C682B0689F1AA269128D, F8CC23EA339F0C917C3948FF35BEFE10664CCFF8796954898E41F4EC1618E5E1 ] hpsrv C:\Windows\system32\Hpservice.exe 16:41:51.0963 0x1944 hpsrv - ok 16:41:52.0010 0x1944 [ 719594914B59973856155FF81F709A9D, 7FD064350B9EBD06ED2A7040F036BF7B5EBC9B07321651DCF2713012C4CF3868 ] HPWMISVC C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe 16:41:52.0010 0x1944 HPWMISVC - ok 16:41:52.0088 0x1944 [ E45EB7AE6C890F2C8DE8F160AC641C8A, 3637D1FCE42A5600BD7FCC1F602C926968B327097CB36EE5FAC9140DD99EEC2D ] HTTP C:\Windows\system32\drivers\HTTP.sys 16:41:52.0104 0x1944 HTTP - ok 16:41:52.0119 0x1944 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys 16:41:52.0135 0x1944 hwpolicy - ok 16:41:52.0151 0x1944 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys 16:41:52.0151 0x1944 hyperkbd - ok 16:41:52.0166 0x1944 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys 16:41:52.0166 0x1944 HyperVideo - ok 16:41:52.0213 0x1944 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\Windows\System32\drivers\i8042prt.sys 16:41:52.0213 0x1944 i8042prt - ok 16:41:52.0229 0x1944 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys 16:41:52.0229 0x1944 iaLPSSi_GPIO - ok 16:41:52.0244 0x1944 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys 16:41:52.0260 0x1944 iaLPSSi_I2C - ok 16:41:52.0307 0x1944 [ 4558F084BCB7EFA3E8321C95B4EE736F, 4E088E1A9F9CE9F3FCA9CA2954CA7969135D4A42F632E495070FBAC4051148C2 ] iaStorA C:\Windows\system32\drivers\iaStorA.sys 16:41:52.0323 0x1944 iaStorA - ok 16:41:52.0369 0x1944 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys 16:41:52.0385 0x1944 iaStorAV - ok 16:41:52.0432 0x1944 [ 3FE5F886F28B78FCED4BD5668902B7FC, 500BF5292051C3E447E94CAE3638D68CEDC2775587787E4DE38D6BCD34160B36 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 16:41:52.0432 0x1944 IAStorDataMgrSvc - ok 16:41:52.0463 0x1944 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys 16:41:52.0479 0x1944 iaStorV - ok 16:41:52.0479 0x1944 IEEtwCollectorService - ok 16:41:52.0619 0x1944 [ 623DB9620F552B480690AD882AFACED1, F44039122CF6001CB40A4032D3C108D9A83F06FC700A5B47D83EF605F83C9D2F ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys 16:41:52.0760 0x1944 igfx - ok 16:41:52.0791 0x1944 [ E766B747824DA1FD97F0DDD8653CB5F4, 1FEFAEB2E672488BAAB9532E3DB368B41C3B200C525ADC3E4DB9E9FF0BC798FC ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe 16:41:52.0791 0x1944 igfxCUIService1.0.0.0 - ok 16:41:52.0823 0x1944 [ E71AC94964ED675B3ED0727059B7F97B, 5468B5E9B75B10EA0BFBD81827FFC9CABFC69A4065CC5A5792DBC289D4DA27EE ] ikbevent C:\Windows\system32\DRIVERS\ikbevent.sys 16:41:52.0823 0x1944 ikbevent - ok 16:41:52.0901 0x1944 [ 3B6E74B3BE0CA74525A37B5C8E510084, BEA54067BAA524A13A2F67EB76C6B206546BA06567446725CF8BA0D7F6A30311 ] IKEEXT C:\Windows\System32\ikeext.dll 16:41:52.0948 0x1944 IKEEXT - ok 16:41:52.0979 0x1944 [ 2FDB67F5B9F4E96B40FDC9D1AA0B686F, B556328D54F886792A89588F3FEFE38F7129E3D7A417CDC012778FA4EF37A8C1 ] imsevent C:\Windows\system32\DRIVERS\imsevent.sys 16:41:52.0979 0x1944 imsevent - ok 16:41:53.0010 0x1944 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\Windows\System32\Drivers\INETMON.sys 16:41:53.0010 0x1944 INETMON - ok 16:41:53.0041 0x1944 [ FC7C456AF9B9811499EDBD10616832EE, CA2D8B0E672D3AE449C2FF0B9E142D74E8C72FD877D11162A9F7CC51AF58220F ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys 16:41:53.0041 0x1944 intaud_WaveExtensible - ok 16:41:53.0182 0x1944 [ 44ED7064A8CFF33E6D2BCC81412145F7, FFC2D581044D7E43D0287D13F33AA97CDF1F03D4B167ACD6BE551E92C9551C0E ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys 16:41:53.0307 0x1944 IntcAzAudAddService - ok 16:41:53.0354 0x1944 [ 890144FA6AB42F2B54EE633BF96A019A, 8741904C66170BA11C78D31681E3759537C0BF2338538678BC64234DB8FDE93F ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys 16:41:53.0370 0x1944 IntcDAud - ok 16:41:53.0417 0x1944 [ DAE6C3099D291EED8922A65C29ABCF52, AD0A932345382824122F84AF97A8609BAE1B916A3B9FD608779A1411E37D3643 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 16:41:53.0448 0x1944 Intel(R) Capability Licensing Service Interface - ok 16:41:53.0479 0x1944 [ D45226E3E7A25F1E7CE8DF8FD0A2A098, 7BD74E9E3CB0A83D26BA3FD8177C6B9BA46A8695B6569CF7887FDC87947DA2D6 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 16:41:53.0495 0x1944 Intel(R) Capability Licensing Service TCP IP Interface - ok 16:41:53.0542 0x1944 [ 57739E742ABC085C2A4340D4404B4A8B, B4B85C35AC96D11F5940AFCB15A2B2A41D70E3C392E1D4D9353899FA140FF281 ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe 16:41:53.0542 0x1944 Intel(R) ME Service - ok 16:41:53.0574 0x1944 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\Windows\system32\drivers\intelide.sys 16:41:53.0574 0x1944 intelide - ok 16:41:53.0605 0x1944 [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep C:\Windows\system32\drivers\intelpep.sys 16:41:53.0605 0x1944 intelpep - ok 16:41:53.0652 0x1944 [ 24FF99B76037E1449E4E2E6DDF03F417, D001CFF6CF40B47E8D235378A563DAE22D32B4AE1D50755436567B6B2BB188A3 ] intelppm C:\Windows\System32\drivers\intelppm.sys 16:41:53.0652 0x1944 intelppm - ok 16:41:53.0667 0x1944 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys 16:41:53.0683 0x1944 IpFilterDriver - ok 16:41:53.0753 0x1944 [ B452623C1DE60544054E784D94A7AA47, 57AECDEE0AB2B80DFFE11E43608988D46E9169288CB56D644DDE2CAFED6AFD40 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll 16:41:53.0768 0x1944 iphlpsvc - ok 16:41:53.0831 0x1944 [ C800DCD904016B2BF6AB541083770A3A, 95A8FB9AB2818A4F44AFCBF2715B0B3024DCE38E1406EA639F2A5ECA105D2290 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys 16:41:53.0831 0x1944 IPMIDRV - ok 16:41:53.0847 0x1944 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\Windows\system32\drivers\ipnat.sys 16:41:53.0847 0x1944 IPNAT - ok 16:41:53.0862 0x1944 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\Windows\system32\drivers\irenum.sys 16:41:53.0862 0x1944 IRENUM - ok 16:41:53.0894 0x1944 [ 00AD710037F4A4F00CDDD94CBA7BABEA, 234FD60D659D9338C9FA0A54D176840BFDDEEB358DAF67A8B13F7699D442CAC0 ] isapnp C:\Windows\system32\drivers\isapnp.sys 16:41:53.0894 0x1944 isapnp - ok 16:41:53.0940 0x1944 [ 6205F494094FC3DB755CB1139917D058, EFD5CBE86D4523F9693E26F78292A52B211B25451B47B26B8C3CBC00B3C86C25 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys 16:41:53.0940 0x1944 iScsiPrt - ok 16:41:53.0972 0x1944 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\System32\drivers\ISCTD64.sys 16:41:53.0972 0x1944 ISCT - ok 16:41:54.0003 0x1944 [ 2A676B190889ACEDF3AA8D64C269F8AF, 7830536B86BC4233AD4EDD30B6CDEFDCA3969BD53B970BAA6ADCE9C3B88B8593 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe 16:41:54.0019 0x1944 ISCTAgent - ok 16:41:54.0037 0x1944 [ A90C843F4FDD7A07129BA73C6BE13976, A76DEA9F09E3B2F18D3B646A0DD39E2773EC62E2F3C55421BA61C12190D78C1C ] iwdbus C:\Windows\System32\drivers\iwdbus.sys 16:41:54.0037 0x1944 iwdbus - ok 16:41:54.0068 0x1944 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 16:41:54.0068 0x1944 jhi_service - ok 16:41:54.0084 0x1944 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\Windows\System32\drivers\kbdclass.sys 16:41:54.0084 0x1944 kbdclass - ok 16:41:54.0115 0x1944 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys 16:41:54.0115 0x1944 kbdhid - ok 16:41:54.0146 0x1944 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys 16:41:54.0162 0x1944 kdnic - ok 16:41:54.0162 0x1944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\Windows\system32\lsass.exe 16:41:54.0178 0x1944 KeyIso - ok 16:41:54.0209 0x1944 [ 304DA394D958BC3B62AF6DF514005B01, 8D17777C82F034E800181E82D30FCED800CBC46CD659AE2E0D972CA1381BD4C2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys 16:41:54.0209 0x1944 KSecDD - ok 16:41:54.0256 0x1944 [ A9C617281ECE2711C02F3B7C951A1882, AD871D3C2A9EA9F4D1809C93093EC314DFFFF8CBCD176E96941F26AF9DB7AF4E ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys 16:41:54.0256 0x1944 KSecPkg - ok 16:41:54.0271 0x1944 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys 16:41:54.0271 0x1944 ksthunk - ok 16:41:54.0318 0x1944 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\Windows\system32\msdtckrm.dll 16:41:54.0334 0x1944 KtmRm - ok 16:41:54.0396 0x1944 [ B75ADC97905F43C7C946F1465A8697BD, AF50E3F5DBF222DB095B40FD4896650B5F8DD47153CB9A1ADE54D17FCE85C529 ] LanmanServer C:\Windows\system32\srvsvc.dll 16:41:54.0412 0x1944 LanmanServer - ok 16:41:54.0428 0x1944 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll 16:41:54.0443 0x1944 LanmanWorkstation - ok 16:41:54.0490 0x1944 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\Windows\System32\GeofenceMonitorService.dll 16:41:54.0506 0x1944 lfsvc - ok 16:41:54.0537 0x1944 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys 16:41:54.0537 0x1944 lltdio - ok 16:41:54.0615 0x1944 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\Windows\System32\lltdsvc.dll 16:41:54.0615 0x1944 lltdsvc - ok 16:41:54.0662 0x1944 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\Windows\System32\lmhsvc.dll 16:41:54.0662 0x1944 lmhosts - ok 16:41:54.0709 0x1944 [ E2952760B05A256FB1412D20A41C89C1, B5AF47DF90D5DC8E6549DE1AFF897669E8200D08083D43DF86E34F6EE19C59DA ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 16:41:54.0709 0x1944 LMS - ok 16:41:54.0724 0x1944 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys 16:41:54.0740 0x1944 LSI_SAS - ok 16:41:54.0756 0x1944 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys 16:41:54.0756 0x1944 LSI_SAS2 - ok 16:41:54.0771 0x1944 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\Windows\system32\drivers\lsi_sas3.sys 16:41:54.0771 0x1944 LSI_SAS3 - ok 16:41:54.0787 0x1944 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys 16:41:54.0787 0x1944 LSI_SSS - ok 16:41:54.0849 0x1944 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\Windows\System32\lsm.dll 16:41:54.0881 0x1944 LSM - ok 16:41:54.0928 0x1944 [ B0AF753AF28303BB69C67BD85F06FFC9, 6B6805C17BC39F972BB7FF52BDF798B0B57EC5D5F3CE1C97415E86110235C603 ] luafv C:\Windows\system32\drivers\luafv.sys 16:41:54.0928 0x1944 luafv - ok 16:41:55.0178 0x1944 [ 4223C695C09CC3027B839803BB0359A1, A6CD44D233429F40DF3D0E411C98D88F7188EF5F66052E2E3ED703BABADC9438 ] MBAMService C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe 16:41:55.0382 0x1944 MBAMService - ok 16:41:55.0413 0x1944 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\Windows\system32\drivers\megasas.sys 16:41:55.0413 0x1944 megasas - ok 16:41:55.0460 0x1944 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\Windows\system32\drivers\megasr.sys 16:41:55.0476 0x1944 megasr - ok 16:41:55.0507 0x1944 [ EB1D78140D6634C32A46AB1006105EDC, 586F988A7272A7E3F6AA2CC9A001A08A3D178A011AE8C095BB7EAD9FFB45AAB1 ] MEIx64 C:\Windows\system32\DRIVERS\TeeDriverx64.sys 16:41:55.0507 0x1944 MEIx64 - ok 16:41:55.0585 0x1944 Microsoft SharePoint Workspace Audit Service - ok 16:41:55.0616 0x1944 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\Windows\system32\mmcss.dll 16:41:55.0616 0x1944 MMCSS - ok 16:41:55.0632 0x1944 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\Windows\system32\drivers\modem.sys 16:41:55.0632 0x1944 Modem - ok 16:41:55.0647 0x1944 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\Windows\System32\drivers\monitor.sys 16:41:55.0663 0x1944 monitor - ok 16:41:55.0663 0x1944 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\Windows\System32\drivers\mouclass.sys 16:41:55.0663 0x1944 mouclass - ok 16:41:55.0710 0x1944 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\Windows\System32\drivers\mouhid.sys 16:41:55.0710 0x1944 mouhid - ok 16:41:55.0757 0x1944 [ E5E8665272EBCD87A0A632314F0D221D, 37FDC4CEB8E5FC39C10DE875676863D090CFEA708AC3A8415114DCDD94BD7A1D ] mountmgr C:\Windows\system32\drivers\mountmgr.sys 16:41:55.0757 0x1944 mountmgr - ok 16:41:55.0835 0x1944 [ 5B462C644A1BC0FD520F4B8778954C3D, 28E433E60BD567730B480DBBBDE49A9D1523F1CB61F2BD7528541F83151F4AC4 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 16:41:55.0851 0x1944 MozillaMaintenance - ok 16:41:55.0897 0x1944 [ 2C8149371222053B82349A6E250900EB, CC6FE69C7B1F9D9EBCCD8568364CD062940962EF42903715CA7F8B877C6B40F7 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys 16:41:55.0897 0x1944 mpsdrv - ok 16:41:55.0960 0x1944 [ 4D33C8B6159B61C7F13984ED10EA2A82, 2E6B8C104F34BFED3C521062F0F12B8D9B4A602221256C41791932771EB79B2C ] MpsSvc C:\Windows\system32\mpssvc.dll 16:41:55.0991 0x1944 MpsSvc - ok 16:41:56.0038 0x1944 [ 3F818C1518DA702C8F10259095C9BDE0, B98C1A6F9A3C01A10503B2B2C45CC89AFF17B346B15990F4DB4820F68BDC62C8 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys 16:41:56.0038 0x1944 MRxDAV - ok 16:41:56.0101 0x1944 [ CF49856813FFDF2EB251762BB8B675C8, 5976D21C6B0A1FF489B406108DBE6ACDB22D706F437B12F58552A6EAA9D3BFD7 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys 16:41:56.0101 0x1944 mrxsmb - ok 16:41:56.0165 0x1944 [ AFE6DC2E57E876175BA074AD2CB5594F, 004873302BA0BF1B1359A90A5399915BE00A9ED800F60E477A5AE4682C70A708 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys 16:41:56.0165 0x1944 mrxsmb10 - ok 16:41:56.0212 0x1944 [ B37B58F9F80A51098C42663D5FA5F2BA, 996E2D8344F0095C136D1670D63A476E6B6F6BBA9DD773EEE5F0FD580562B000 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys 16:41:56.0212 0x1944 mrxsmb20 - ok 16:41:56.0259 0x1944 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys 16:41:56.0259 0x1944 MsBridge - ok 16:41:56.0306 0x1944 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\Windows\System32\msdtc.exe 16:41:56.0306 0x1944 MSDTC - ok 16:41:56.0337 0x1944 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\Windows\system32\drivers\Msfs.sys 16:41:56.0337 0x1944 Msfs - ok 16:41:56.0353 0x1944 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys 16:41:56.0353 0x1944 msgpiowin32 - ok 16:41:56.0368 0x1944 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys 16:41:56.0368 0x1944 mshidkmdf - ok 16:41:56.0384 0x1944 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys 16:41:56.0399 0x1944 mshidumdf - ok 16:41:56.0431 0x1944 [ 15552CD43BD9DA6C00659167403D19E6, B93BAE0FB5A132FA3F0218B07284117D424175DB0A69C4FB3E3C2E33F122207F ] msisadrv C:\Windows\system32\drivers\msisadrv.sys 16:41:56.0431 0x1944 msisadrv - ok 16:41:56.0462 0x1944 [ A06142B3850B06972F1C89748FAA2C02, B1CCC5C8D100FEB384FCC85FED2A77F47DA4C9BA5F6889A130F4D73E30ACAA78 ] MSiSCSI C:\Windows\system32\iscsiexe.dll 16:41:56.0478 0x1944 MSiSCSI - ok 16:41:56.0478 0x1944 msiserver - ok 16:41:56.0493 0x1944 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys 16:41:56.0493 0x1944 MSKSSRV - ok 16:41:56.0524 0x1944 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys 16:41:56.0540 0x1944 MsLldp - ok 16:41:56.0556 0x1944 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys 16:41:56.0556 0x1944 MSPCLOCK - ok 16:41:56.0571 0x1944 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys 16:41:56.0571 0x1944 MSPQM - ok 16:41:56.0587 0x1944 [ 493AA78266AA041593DB24155556B8BF, CBAF7FAD5215957D8B8C5956DB423249BB630FCFD03A10B9734E889D594F8EBD ] MsRPC C:\Windows\system32\drivers\MsRPC.sys 16:41:56.0603 0x1944 MsRPC - ok 16:41:56.0618 0x1944 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys 16:41:56.0618 0x1944 mssmbios - ok 16:41:56.0634 0x1944 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys 16:41:56.0649 0x1944 MSTEE - ok 16:41:56.0649 0x1944 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\Windows\System32\drivers\MTConfig.sys 16:41:56.0649 0x1944 MTConfig - ok 16:41:56.0696 0x1944 [ 438EA7A2D8D4F9B8AFB64748ACA70BA8, AEEB7B657B645C4006C6D5E8D07ECE581DEE7AD22EA1A587C552574990CF091B ] Mup C:\Windows\system32\Drivers\mup.sys 16:41:56.0696 0x1944 Mup - ok 16:41:56.0712 0x1944 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\Windows\system32\drivers\mvumis.sys 16:41:56.0712 0x1944 mvumis - ok 16:41:56.0759 0x1944 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\Windows\system32\qagentRT.dll 16:41:56.0774 0x1944 napagent - ok 16:41:56.0837 0x1944 [ F3A70F2C79D91B7C95F78E959DEDAD0E, CB1826614D1EEC1C2E8E6F8D2B8DE486CE7AF628DAC6969655E57EC4BAF70C9D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys 16:41:56.0853 0x1944 NativeWifiP - ok 16:41:56.0884 0x1944 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\Windows\System32\ncasvc.dll 16:41:56.0899 0x1944 NcaSvc - ok 16:41:56.0931 0x1944 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\Windows\System32\ncbservice.dll 16:41:56.0931 0x1944 NcbService - ok 16:41:56.0978 0x1944 [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll 16:41:56.0978 0x1944 NcdAutoSetup - ok 16:41:57.0056 0x1944 [ FFAA6C6E798FBA448FA7628A1B277F5C, 9E1F2C848A019CE6397F652A21AE43B76149EF95452BB8353249BD9E28D98083 ] NDIS C:\Windows\system32\drivers\ndis.sys 16:41:57.0087 0x1944 NDIS - ok 16:41:57.0150 0x1944 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys 16:41:57.0150 0x1944 NdisCap - ok 16:41:57.0181 0x1944 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys 16:41:57.0197 0x1944 NdisImPlatform - ok 16:41:57.0228 0x1944 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys 16:41:57.0244 0x1944 NdisTapi - ok 16:41:57.0275 0x1944 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys 16:41:57.0275 0x1944 Ndisuio - ok 16:41:57.0291 0x1944 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys 16:41:57.0291 0x1944 NdisVirtualBus - ok 16:41:57.0353 0x1944 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys 16:41:57.0353 0x1944 NdisWan - ok 16:41:57.0369 0x1944 [ C3755FCF9A0B5C6FE8ED9E873B85D3CE, 4D3DAFAFA5FB2930522D6DA536E3A731BABE0C24613C190D2330DB415D1A6515 ] NdisWanLegacy C:\Windows\system32\DRIVERS\ndiswan.sys 16:41:57.0369 0x1944 NdisWanLegacy - ok 16:41:57.0400 0x1944 [ 4F5178EEF4CC259F0A8CF56C2F16ADDB, 1940275E4AB0A863B146736A189F797EE06841DD74376AF6E09033FB1EEB6643 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys 16:41:57.0415 0x1944 NDProxy - ok 16:41:57.0447 0x1944 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\Windows\system32\drivers\Ndu.sys 16:41:57.0462 0x1944 Ndu - ok 16:41:57.0478 0x1944 [ AD6A78E25BBC916354753A500C4E73C8, 52D10B07CA52B90E6934EC8916715B1BA78711A12600980A3A7A16EA5408F99A ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys 16:41:57.0478 0x1944 NetBIOS - ok 16:41:57.0525 0x1944 [ 0FE750800DEEE91D22399D081371BA79, 7E1E01A5D5BAE68F975070D1676BD830ADF010E42A8046D4074D17B710230CD9 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys 16:41:57.0525 0x1944 NetBT - ok 16:41:57.0540 0x1944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\Windows\system32\lsass.exe 16:41:57.0540 0x1944 Netlogon - ok 16:41:57.0587 0x1944 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\Windows\System32\netman.dll 16:41:57.0587 0x1944 Netman - ok 16:41:57.0650 0x1944 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\Windows\System32\netprofmsvc.dll 16:41:57.0665 0x1944 netprofm - ok 16:41:57.0728 0x1944 [ 51CD641EFF20C9FFBA2C0F72C269795E, ADA16CBCF4C915EDE7BB57C5B6562077918380C55D9E967B87421A24BD43DDE7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 16:41:57.0775 0x1944 NetTcpPortSharing - ok 16:41:57.0822 0x1944 [ 39935F3D3582A8B3387E9A2ED4C85413, 4B0629CA22B9AEF90425991BC800043DBE18007AC90445809A8D5D122B41218D ] netvsc C:\Windows\System32\drivers\netvsc63.sys 16:41:57.0837 0x1944 netvsc - ok 16:41:57.0884 0x1944 [ A0D7A655BC61C2421CB33F3A1CD97B8A, EF87D3CDB01789195E83FB629B0871ED03211C624BCF814260D86DDA57BD9B33 ] NlaSvc C:\Windows\System32\nlasvc.dll 16:41:57.0900 0x1944 NlaSvc - ok 16:41:57.0931 0x1944 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\Windows\system32\drivers\Npfs.sys 16:41:57.0931 0x1944 Npfs - ok 16:41:57.0931 0x1944 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys 16:41:57.0931 0x1944 npsvctrig - ok 16:41:57.0982 0x1944 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\Windows\system32\nsisvc.dll 16:41:57.0982 0x1944 nsi - ok 16:41:58.0013 0x1944 [ 018510D88536798852DAE12F9BA6E138, C0D89C36F8737FD139CEA80BED65D1DB4248E667804645FF71C39BA92FEC4109 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys 16:41:58.0013 0x1944 nsiproxy - ok 16:41:58.0107 0x1944 [ 9E60AD04B25D39986599D4397FD96FF8, F4004443A7982EDE01F6069F0601BBAB452B62F1D1F954AFFDA2FE8DA13BFCE5 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys 16:41:58.0185 0x1944 Ntfs - ok 16:41:58.0201 0x1944 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\Windows\system32\drivers\Null.sys 16:41:58.0201 0x1944 Null - ok 16:41:58.0609 0x1944 [ DA35308DEDB50C91EFD46B42F991DE26, 86E72D446014ED655E3DD2BB85A1A21BF0BF3C0EE5266E8E3D893FCDE25F9BE4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys 16:41:58.0984 0x1944 nvlddmkm - ok 16:41:59.0094 0x1944 [ 020F45E362D3B57CCC5735582BB1A6EC, E2D953CEF208528382153D06FED8394BEB52657C547E4D2D2954E537C9A382DC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 16:41:59.0157 0x1944 NvNetworkService - ok 16:41:59.0203 0x1944 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\Windows\system32\drivers\nvraid.sys 16:41:59.0203 0x1944 nvraid - ok 16:41:59.0219 0x1944 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\Windows\system32\drivers\nvstor.sys 16:41:59.0219 0x1944 nvstor - ok 16:41:59.0328 0x1944 [ F82BCEB9F57B2959F6AAE2A3DDA892A8, 5B02C74BAF0E12B84F239B1449DAA955B28BD5BA7D35D315DB57F45E042E0DB3 ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 16:41:59.0328 0x1944 NvStreamKms - ok 16:41:59.0469 0x1944 [ 9209D57C1AA24841EF8D5DE6A5B2AAEB, C1A53621F5361DCE9C962A9B9B586D1904901C9EC20EFCA76C40ADCD98BEDF3C ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 16:41:59.0579 0x1944 NvStreamNetworkSvc - ok 16:41:59.0720 0x1944 [ 0EDF9504CA5174075BA5902AFC1F57C8, 8E210E71BA91813D3BB6B59E5F6AD0889711336AD12B1B1C67CCC882A6ED3E53 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 16:41:59.0813 0x1944 NvStreamSvc - ok 16:41:59.0861 0x1944 [ A9FE27CA00E66C455520E8B75883B630, D2FEFC75C0881ECC0A80EA2DD92DD9D2A28EB26F81085F8C17DCEA3F717D86E9 ] nvsvc C:\Windows\system32\nvvsvc.exe 16:41:59.0908 0x1944 nvsvc - ok 16:41:59.0955 0x1944 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys 16:41:59.0955 0x1944 nvvad_WaveExtensible - ok 16:42:00.0002 0x1944 [ 9D1D5F4A66790A6B6B83B49497DB7A9F, CEFB57674BB681A0F446307E6D10D141DC2F5C5650A481FCF4D7FA877F421D0B ] nv_agp C:\Windows\system32\drivers\nv_agp.sys 16:42:00.0002 0x1944 nv_agp - ok 16:42:00.0048 0x1944 [ 8DD366F3B9F16ED722A6A66D956DA27F, 3A61B3D7B0D60CAA801FFDA086BFDDCF9C820CB11114DC60FDC9B30F828CC04F ] omniserv C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe 16:42:00.0064 0x1944 omniserv - ok 16:42:00.0142 0x1944 [ D21AC5BC8098D309FF47132451390679, 5CE539E25DB04CF474317188F6BED5CF302FF2805932426207969998E9E61B4A ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE 16:42:00.0158 0x1944 ose - ok 16:42:00.0361 0x1944 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 16:42:00.0517 0x1944 osppsvc - ok 16:42:00.0580 0x1944 [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll 16:42:00.0595 0x1944 p2pimsvc - ok 16:42:00.0627 0x1944 [ 0B100C336809C1D7DBD108A75DAFFEF5, F8E5B7EBB5F751FD5BBBD0A5CE5CD60F2EE32CC75EFA68DAAD17E2B26B71AF4E ] p2psvc C:\Windows\system32\p2psvc.dll 16:42:00.0642 0x1944 p2psvc - ok 16:42:00.0673 0x1944 [ 57DCE4FB0467986AE78E1C6FC5240D32, F7F3ADD1B48E4D6BB0A664A2FE556F71ED7453054B4FB667A29BE050C845045B ] Parport C:\Windows\System32\drivers\parport.sys 16:42:00.0673 0x1944 Parport - ok 16:42:00.0720 0x1944 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\Windows\system32\drivers\partmgr.sys 16:42:00.0720 0x1944 partmgr - ok 16:42:00.0767 0x1944 [ 10D35971E29936AE422A9C728014E761, 7B1547312663D50D72B76A7C13A01E532F41132A8E108AF5C6C086B456C86ACA ] PcaSvc C:\Windows\System32\pcasvc.dll 16:42:00.0783 0x1944 PcaSvc - ok 16:42:00.0845 0x1944 [ 9C1015B033ABDFC59584F480207AECDD, 288011A1F5A6C6D530122210EF3CAD09DF0BDA15E490CD5C52209037B3A0714F ] pci C:\Windows\system32\drivers\pci.sys 16:42:00.0861 0x1944 pci - ok 16:42:00.0892 0x1944 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\Windows\system32\drivers\pciide.sys 16:42:00.0892 0x1944 pciide - ok 16:42:00.0908 0x1944 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\Windows\system32\drivers\pcmcia.sys 16:42:00.0908 0x1944 pcmcia - ok 16:42:00.0923 0x1944 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\Windows\system32\drivers\pcw.sys 16:42:00.0923 0x1944 pcw - ok 16:42:00.0970 0x1944 [ E6B3ACBA06BAF48594557FCCBFA66FD2, 44A0FAC6169D9130870456DEFBFFE563FCCC4AD7A9754B455D5A1C1A77F0699D ] pdc C:\Windows\system32\drivers\pdc.sys 16:42:00.0970 0x1944 pdc - ok 16:42:01.0002 0x1944 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\Windows\system32\drivers\peauth.sys 16:42:01.0017 0x1944 PEAUTH - ok 16:42:01.0095 0x1944 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\Windows\SysWow64\perfhost.exe 16:42:01.0095 0x1944 PerfHost - ok 16:42:01.0189 0x1944 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\Windows\system32\pla.dll 16:42:01.0252 0x1944 pla - ok 16:42:01.0298 0x1944 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\Windows\system32\umpnpmgr.dll 16:42:01.0298 0x1944 PlugPlay - ok 16:42:01.0330 0x1944 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll 16:42:01.0330 0x1944 PNRPAutoReg - ok 16:42:01.0361 0x1944 [ B0D4F47A4D74F6E6A3FF6B2D109D6734, B34F0AF0EAE3A39FCE8BF3871310A7308E2C0BEF3E2F4CAB5852F8D2B2A8B457 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll 16:42:01.0377 0x1944 PNRPsvc - ok 16:42:01.0423 0x1944 [ 0FF8507A8B901B904E98EB36B9E347EE, FE4A9A6159A8490F3155D166656748722EFDEDCDC447C09155A5AD6D9F5D294D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll 16:42:01.0423 0x1944 PolicyAgent - ok 16:42:01.0439 0x1944 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\Windows\system32\umpo.dll 16:42:01.0455 0x1944 Power - ok 16:42:01.0580 0x1944 [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll 16:42:01.0673 0x1944 PrintNotify - ok 16:42:01.0728 0x1944 [ 400E95F70BC0336D206139C930C3F7F6, 50D40C9E4B4BAEC25067B0A4E55A8FE0CEF6C6B66BDBAE62BBDB5A02C62DDF7E ] Processor C:\Windows\System32\drivers\processr.sys 16:42:01.0728 0x1944 Processor - ok 16:42:01.0775 0x1944 [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc C:\Windows\system32\profsvc.dll 16:42:01.0775 0x1944 ProfSvc - ok 16:42:01.0822 0x1944 [ DEF4D00D1E55B1E29138A1541D0B82D3, CB042B49BA34F501CAD5AE1277EBFC34BD7BC01C1251811733901566880FF280 ] Psched C:\Windows\system32\DRIVERS\pacer.sys 16:42:01.0838 0x1944 Psched - ok 16:42:01.0869 0x1944 [ 4B09DE6B528BBCF85BC839A0438FC569, C7C059A2EC2DC11E1C63F07E3B522903FC4D0E4F0DE25011D3C3475DEC19A11E ] qcfilter C:\Windows\System32\drivers\qcusbfilter.sys 16:42:01.0885 0x1944 qcfilter - ok 16:42:01.0932 0x1944 [ DF65D1F63D20049D2A3835CE023CBBB1, E7EE23D5F4886215D2C6625BCC7F76ABEFF41520A83D5247FB6EFB1D6D7BB7BE ] qcusbnet C:\Windows\system32\DRIVERS\qcusbnet.sys 16:42:01.0947 0x1944 qcusbnet - ok 16:42:01.0963 0x1944 [ F5E76151C86C818A6ECA628B731E1DDA, 4D5880A9479C186D01895D49CDCAE79749F381266E259F406B7C37861F7BDB92 ] qcusbser C:\Windows\system32\DRIVERS\qcusbser.sys 16:42:01.0963 0x1944 qcusbser - ok 16:42:02.0010 0x1944 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\Windows\system32\qwave.dll 16:42:02.0025 0x1944 QWAVE - ok 16:42:02.0072 0x1944 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys 16:42:02.0072 0x1944 QWAVEdrv - ok 16:42:02.0088 0x1944 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys 16:42:02.0088 0x1944 RasAcd - ok 16:42:02.0135 0x1944 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\Windows\System32\rasauto.dll 16:42:02.0150 0x1944 RasAuto - ok 16:42:02.0197 0x1944 [ 0A655DD285E4E1E2975CEAB8FDE75295, 023B73A71CB48578702548F8F1096BDF72BE09D836F2D324DDA869E4F0354133 ] RasMan C:\Windows\System32\rasmans.dll 16:42:02.0213 0x1944 RasMan - ok 16:42:02.0244 0x1944 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys 16:42:02.0244 0x1944 RasPppoe - ok 16:42:02.0291 0x1944 [ 3560C2D5A5DAC09BF81F5C5CD0029192, BF07AE75CAC322304024AF2385034847F18615439894306CC96D3F6F3C088CB5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys 16:42:02.0307 0x1944 rdbss - ok 16:42:02.0322 0x1944 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys 16:42:02.0322 0x1944 rdpbus - ok 16:42:02.0338 0x1944 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\Windows\system32\drivers\rdpdr.sys 16:42:02.0353 0x1944 RDPDR - ok 16:42:02.0385 0x1944 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys 16:42:02.0385 0x1944 RdpVideoMiniport - ok 16:42:02.0400 0x1944 [ 468F9F3886DD3320357ECDBFF838DBBF, B8A8198A3D7CF19D662718AC9D33AD3722D179DA88D9F3FCFFB67AAA3F95C153 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys 16:42:02.0416 0x1944 rdyboost - ok 16:42:02.0478 0x1944 [ D6B1EC83A1C6B7E49074429F0E0B3A6A, A1D61E8AAFE731EECD78865102707F65C62CF1B5A45F811C877EBC72939C8202 ] ReFS C:\Windows\system32\drivers\ReFS.sys 16:42:02.0510 0x1944 ReFS - ok 16:42:02.0572 0x1944 [ DF78648AC3C8DC9D70E6714AF785382F, 56E104939ED0AB5B26AE07BAB1BBB7D15828DBD3A2AD35361423D7ADDA4BA551 ] RemoteAccess C:\Windows\System32\mprdim.dll 16:42:02.0572 0x1944 RemoteAccess - ok 16:42:02.0619 0x1944 [ 7594FEFBAD6BA4645CE7AA175C19BAD0, 32625BA39B905576F0465E261F15D222ED228A19071E3A1BC4286B5FECA0F948 ] RemoteRegistry C:\Windows\system32\regsvc.dll 16:42:02.0635 0x1944 RemoteRegistry - ok 16:42:02.0682 0x1944 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys 16:42:02.0682 0x1944 RFCOMM - ok 16:42:02.0744 0x1944 [ 9E18DF158751CF968E7DF83256D70233, 89385DA5ABD283F289E37D7D9E33358B06216E9B3659B2E70F19FD5BA49C7F90 ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe 16:42:02.0744 0x1944 RichVideo64 - ok 16:42:02.0807 0x1944 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll 16:42:02.0807 0x1944 RpcEptMapper - ok 16:42:02.0838 0x1944 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\Windows\system32\locator.exe 16:42:02.0853 0x1944 RpcLocator - ok 16:42:02.0900 0x1944 [ 2928249E4DD39C2ADD3E74F02427AB8B, E331028A55FFFD753BC09163F25765AA67B1FE55BD0EB2803CC50D841E14BDA6 ] RpcSs C:\Windows\system32\rpcss.dll 16:42:02.0932 0x1944 RpcSs - ok 16:42:02.0994 0x1944 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys 16:42:02.0994 0x1944 rspndr - ok 16:42:03.0025 0x1944 [ E8384111FDD1FC2D39FD114A50F79A84, AB8BC4251C2B1AFF3B890001CB9EAB905659EA0BEFEFB1F2126E10748196496D ] RSUSBSTOR C:\Windows\System32\Drivers\RtsUStor.sys 16:42:03.0041 0x1944 RSUSBSTOR - ok 16:42:03.0057 0x1944 [ BCDE27DA663D2F1BE1EA262F2BFDA8D0, 07744F83C41503D8C948E8D8569628C7C9D283EBA3C20CB63BC81123812A0A25 ] RSUSBVSTOR C:\Windows\System32\Drivers\RtsUVStor.sys 16:42:03.0072 0x1944 RSUSBVSTOR - ok 16:42:03.0119 0x1944 [ F1D20C2B36F78863530B251DF504CC51, A3C71BDB45B1DB321BC2D9889CB25CF7840E145DFB769882748B7D507A605A42 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe 16:42:03.0119 0x1944 RtkAudioService - ok 16:42:03.0166 0x1944 [ 48E042D6AAB285409AF06200966EA655, 64FD4305C4EBEC25AA7BC2058952BCB79DB0A054CF46F2413CC54FB1E550D5F4 ] RTL8168 C:\Windows\system32\DRIVERS\Rt630x64.sys 16:42:03.0197 0x1944 RTL8168 - ok 16:42:03.0213 0x1944 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\Windows\System32\drivers\vms3cap.sys 16:42:03.0228 0x1944 s3cap - ok 16:42:03.0275 0x1944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\Windows\system32\lsass.exe 16:42:03.0275 0x1944 SamSs - ok 16:42:03.0291 0x1944 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys 16:42:03.0291 0x1944 sbp2port - ok 16:42:03.0338 0x1944 [ 305B725E3FC1936162FE84A0BB526F22, 341E311BAF071F630E277BA41629883D5F8DB76E820425AB898BAC13D09971DC ] SCardSvr C:\Windows\System32\SCardSvr.dll 16:42:03.0338 0x1944 SCardSvr - ok 16:42:03.0385 0x1944 [ 92D2FA1870F4EB4A9BA767DB6E0DEF6F, AB019E17D5F330CBB7F7CAF8CEB01F3F3DBBB181CDE19E4C2354AF51E66C8291 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll 16:42:03.0385 0x1944 ScDeviceEnum - ok 16:42:03.0400 0x1944 [ DEA731D96816F1F67C32F49E4EF248DD, 6A977D80164616A85BDAE437A3D50E055720E3163941259F19E8719F54BE267D ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys 16:42:03.0416 0x1944 scfilter - ok 16:42:03.0479 0x1944 [ F5523FFAFFCE7937D076E4FE6F5BD9AD, 42B08D5B54C07331D3754688878122F9CD9C7C9253C5ED8C3185C4BF6F68D847 ] Schedule C:\Windows\system32\schedsvc.dll 16:42:03.0525 0x1944 Schedule - ok 16:42:03.0557 0x1944 [ ACFDC4EE40EC6E4A0AB91D923B8288C8, D31555AB31F504C247049219BE0ECDF26BB18E210BE7C45E8575FD166FD7EE23 ] SCPolicySvc C:\Windows\System32\certprop.dll 16:42:03.0557 0x1944 SCPolicySvc - ok 16:42:03.0619 0x1944 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\Windows\System32\drivers\sdbus.sys 16:42:03.0619 0x1944 sdbus - ok 16:42:03.0650 0x1944 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\Windows\System32\drivers\sdstor.sys 16:42:03.0650 0x1944 sdstor - ok 16:42:03.0666 0x1944 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys 16:42:03.0666 0x1944 secdrv - ok 16:42:03.0697 0x1944 [ 6627154693B6C2B8A59727F5B38728E8, F08251EE3436400295F120D48F3763E6F11BBF4132D674AD3E8112B6B3538455 ] seclogon C:\Windows\system32\seclogon.dll 16:42:03.0697 0x1944 seclogon - ok 16:42:03.0744 0x1944 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\Windows\System32\sens.dll 16:42:03.0744 0x1944 SENS - ok 16:42:03.0807 0x1944 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\Windows\system32\sensrsvc.dll 16:42:03.0822 0x1944 SensrSvc - ok 16:42:03.0838 0x1944 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\Windows\system32\drivers\SerCx.sys 16:42:03.0853 0x1944 SerCx - ok 16:42:03.0869 0x1944 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys 16:42:03.0885 0x1944 SerCx2 - ok 16:42:03.0916 0x1944 [ 1F0135949A6AD6025F363F80FE268251, DB2D503863143F2251E589F7B0B3E9FBF997D7333D54C55856590B5080B5513D ] Serenum C:\Windows\System32\drivers\serenum.sys 16:42:03.0916 0x1944 Serenum - ok 16:42:03.0947 0x1944 [ 81633C87B42B63BA484A6177179AC750, A22BA40E9EC74E88D8098CBDC954E1D63B832FCB789E3C7B731DE5DA39BEE2CA ] Serial C:\Windows\System32\drivers\serial.sys 16:42:03.0947 0x1944 Serial - ok 16:42:03.0979 0x1944 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\Windows\System32\drivers\sermouse.sys 16:42:03.0979 0x1944 sermouse - ok 16:42:04.0041 0x1944 [ 624BB76941938B9F5776DEA56004D33E, D4EE7A23665D71646622D477CA962335B4C17BAC931A728122DF8C112CD5A560 ] SessionEnv C:\Windows\system32\sessenv.dll 16:42:04.0041 0x1944 SessionEnv - ok 16:42:04.0057 0x1944 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys 16:42:04.0057 0x1944 sfloppy - ok 16:42:04.0119 0x1944 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\Windows\System32\ipnathlp.dll 16:42:04.0135 0x1944 SharedAccess - ok 16:42:04.0197 0x1944 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\Windows\System32\shsvcs.dll 16:42:04.0244 0x1944 ShellHWDetection - ok 16:42:04.0275 0x1944 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys 16:42:04.0275 0x1944 SiSRaid2 - ok 16:42:04.0291 0x1944 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys 16:42:04.0291 0x1944 SiSRaid4 - ok 16:42:04.0322 0x1944 [ C73F57BF4B8CF29794F9FBC9B4AF3494, C7A01C1B3E77D8C84F5C2C3AEF42B9F548E3C41A091C2F826BBF82DEA54097FA ] SmbDrv C:\Windows\System32\drivers\Smb_driver_AMDASF.sys 16:42:04.0322 0x1944 SmbDrv - ok 16:42:04.0338 0x1944 [ 6FDAA9A447D56E264B4C54B3ADCA4A7D, 9051A0E3E24AB0DA8C95AF556EFBF03B58916DF1BCA9D32E272E58621A18E71A ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys 16:42:04.0338 0x1944 SmbDrvI - ok 16:42:04.0375 0x1944 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\Windows\System32\smphost.dll 16:42:04.0391 0x1944 smphost - ok 16:42:04.0422 0x1944 [ 961507DB02D7AC0B7A7828D457143B8E, F423BE6287C65960A955EBB3BFBAC047313BEB2F54920A6E57E51FCCE855F5E0 ] SNMPTRAP C:\Windows\System32\snmptrap.exe 16:42:04.0422 0x1944 SNMPTRAP - ok 16:42:04.0485 0x1944 [ F6AF6499C3788105EA7AF1DA27769A77, F847789B0AD498CC9C985F334F7BA0906ACB41FB356CC2EF2A00C62C75D94A79 ] spaceport C:\Windows\system32\drivers\spaceport.sys 16:42:04.0500 0x1944 spaceport - ok 16:42:04.0516 0x1944 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys 16:42:04.0516 0x1944 SpbCx - ok 16:42:04.0579 0x1944 [ 851F06253BED584E39F5126EB5C2D6DD, 5144AA4C45598B0749D4F2CF477BB8E9B75DFB858385888E31E703B7C8FB6463 ] Spooler C:\Windows\System32\spoolsv.exe 16:42:04.0610 0x1944 Spooler - ok 16:42:04.0813 0x1944 [ F264662C057A54AA2DE41B3C7551712F, 2C123C6ACD967CDF1AD2855187CF3D8357B16A4FD9C2F18AE54CFA384165FA11 ] sppsvc C:\Windows\system32\sppsvc.exe 16:42:05.0016 0x1944 sppsvc - ok 16:42:05.0079 0x1944 [ CA62440584866C8435AF39E70C8CDDDD, 8B4C6AF1CFD628632D20C17D4D64C70BA6609382E416007DE28E542C5E5C8798 ] srv C:\Windows\system32\DRIVERS\srv.sys 16:42:05.0094 0x1944 srv - ok 16:42:05.0157 0x1944 [ C62A74CAF963057C3A98083D1177DA50, DCA30352D472F6DF4AB2F0BE30D321060584F58CB043B7EBF223538CF0C48BEA ] srv2 C:\Windows\system32\DRIVERS\srv2.sys 16:42:05.0172 0x1944 srv2 - ok 16:42:05.0219 0x1944 [ 09F76E4F5B3B37474A2F49CC6F94B39A, D0ADDF3E5BBF7D6CB6B01430FA4D8C7E15CFE7356877604B40AAA944CB35970C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys 16:42:05.0235 0x1944 srvnet - ok 16:42:05.0282 0x1944 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll 16:42:05.0282 0x1944 SSDPSRV - ok 16:42:05.0313 0x1944 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\Windows\system32\sstpsvc.dll 16:42:05.0313 0x1944 SstpSvc - ok 16:42:05.0471 0x1944 [ 7D20CB98DFC65BBB00D12734C134077F, 9B53B1FEE017026A08DC85F3D283BED2A17AC7F09008CA7B917E66F67C254A2A ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 16:42:05.0518 0x1944 Steam Client Service - ok 16:42:05.0565 0x1944 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\Windows\system32\drivers\stexstor.sys 16:42:05.0565 0x1944 stexstor - ok 16:42:05.0627 0x1944 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\Windows\System32\wiaservc.dll 16:42:05.0643 0x1944 stisvc - ok 16:42:05.0659 0x1944 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\Windows\system32\drivers\storahci.sys 16:42:05.0659 0x1944 storahci - ok 16:42:05.0690 0x1944 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\Windows\system32\drivers\vmstorfl.sys 16:42:05.0705 0x1944 storflt - ok 16:42:05.0737 0x1944 [ 1D5A045F59D216448FCDE3A8D69970E2, CEDEB0843D93339D10FE4BC209CCFCB6E12C6064FD62694DA7675082E8B8C915 ] stornvme C:\Windows\system32\drivers\stornvme.sys 16:42:05.0737 0x1944 stornvme - ok 16:42:05.0799 0x1944 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\Windows\system32\storsvc.dll 16:42:05.0799 0x1944 StorSvc - ok 16:42:05.0831 0x1944 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\Windows\system32\drivers\storvsc.sys 16:42:05.0831 0x1944 storvsc - ok 16:42:05.0862 0x1944 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\Windows\system32\svsvc.dll 16:42:05.0877 0x1944 svsvc - ok 16:42:05.0909 0x1944 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\Windows\System32\drivers\swenum.sys 16:42:05.0909 0x1944 swenum - ok 16:42:05.0971 0x1944 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\Windows\System32\swprv.dll 16:42:05.0987 0x1944 swprv - ok 16:42:06.0034 0x1944 [ 1646B613BD2ABAB87448DED453B104AE, 74CCD4EA332E8CBF9B1E28F52146A76694CB9A2ECA76A4B0F8468CF9CFF27061 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys 16:42:06.0049 0x1944 SynTP - ok 16:42:06.0080 0x1944 [ 03DC62FC26B8237EE13194528E454FBF, CBC2F9D0A7D7E396A5304C8A8463D2523F1226BF6D335307CB813903905BE5D6 ] SynTPEnhService C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe 16:42:06.0080 0x1944 SynTPEnhService - ok 16:42:06.0159 0x1944 [ 0404A539EC3D731EE42632AAFFF0666A, 5558B96C9A425ADEC69A020E0FEDB6D7562A60E403A2ECDCE58CAF2CA155549F ] SysMain C:\Windows\system32\sysmain.dll 16:42:06.0205 0x1944 SysMain - ok 16:42:06.0252 0x1944 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll 16:42:06.0268 0x1944 SystemEventsBroker - ok 16:42:06.0315 0x1944 [ 54A1F83B166F1062000A0D816CB3B43A, 8A104B2141546984CFB988CC178EB1910F6B42A19CB75A30F4E74D5EE67901EB ] TabletInputService C:\Windows\System32\TabSvc.dll 16:42:06.0315 0x1944 TabletInputService - ok 16:42:06.0361 0x1944 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\Windows\System32\tapisrv.dll 16:42:06.0377 0x1944 TapiSrv - ok 16:42:06.0486 0x1944 [ CB10F295128E551C0631C1459752BEDB, EFD2BC496D4F78C301DFCBA5210BB9BF99B6124AD519E4DED366023EA59EB950 ] Tcpip C:\Windows\system32\drivers\tcpip.sys 16:42:06.0565 0x1944 Tcpip - ok 16:42:06.0658 0x1944 [ CB10F295128E551C0631C1459752BEDB, EFD2BC496D4F78C301DFCBA5210BB9BF99B6124AD519E4DED366023EA59EB950 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys 16:42:06.0705 0x1944 TCPIP6 - ok 16:42:06.0737 0x1944 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys 16:42:06.0737 0x1944 tcpipreg - ok 16:42:06.0783 0x1944 [ 576FA545FAB846B06E79B324160DE25C, 14F1FD2769E7F5362E6452CA061564EF3DEBFDF6BC8EFF0CD4E22068A460A727 ] tdx C:\Windows\system32\DRIVERS\tdx.sys 16:42:06.0799 0x1944 tdx - ok 16:42:06.0830 0x1944 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\Windows\System32\drivers\terminpt.sys 16:42:06.0830 0x1944 terminpt - ok 16:42:06.0893 0x1944 [ 680396E9E1FA365C80CA470BEB7CEECF, C51E5E5EAD08E2CED701464C4030DD161877F9A291BC8BF12AF7A0358DCA1886 ] TermService C:\Windows\System32\termsrv.dll 16:42:06.0940 0x1944 TermService - ok 16:42:06.0971 0x1944 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\Windows\system32\themeservice.dll 16:42:06.0971 0x1944 Themes - ok 16:42:07.0018 0x1944 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\Windows\system32\mmcss.dll 16:42:07.0018 0x1944 THREADORDER - ok 16:42:07.0065 0x1944 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll 16:42:07.0080 0x1944 TimeBroker - ok 16:42:07.0127 0x1944 [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM C:\Windows\system32\drivers\tpm.sys 16:42:07.0143 0x1944 TPM - ok 16:42:07.0174 0x1944 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\Windows\System32\trkwks.dll 16:42:07.0190 0x1944 TrkWks - ok 16:42:07.0221 0x1944 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe 16:42:07.0221 0x1944 TrustedInstaller - ok 16:42:07.0236 0x1944 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys 16:42:07.0236 0x1944 TsUsbFlt - ok 16:42:07.0283 0x1944 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys 16:42:07.0283 0x1944 TsUsbGD - ok 16:42:07.0330 0x1944 [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys 16:42:07.0330 0x1944 tunnel - ok 16:42:07.0362 0x1944 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\Windows\system32\drivers\uagp35.sys 16:42:07.0362 0x1944 uagp35 - ok 16:42:07.0377 0x1944 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys 16:42:07.0393 0x1944 UASPStor - ok 16:42:07.0440 0x1944 [ 42FF91AAAFB5BFA7FE0F5A31E8D83AE3, 11D4EF275357BB69F9431F9B24A5524A631D65610F8128F68290C6E839009BE2 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys 16:42:07.0440 0x1944 UCX01000 - ok 16:42:07.0487 0x1944 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\Windows\system32\DRIVERS\udfs.sys 16:42:07.0502 0x1944 udfs - ok 16:42:07.0533 0x1944 [ 5DFA6081BE0AE39EA5B3A38CAC6A961F, D2EC133CF68E794225DE4FAB678F9FECD20D82EC7539A450769076BA57C1914F ] UEFI C:\Windows\System32\drivers\UEFI.sys 16:42:07.0533 0x1944 UEFI - ok 16:42:07.0580 0x1944 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\Windows\system32\UI0Detect.exe 16:42:07.0580 0x1944 UI0Detect - ok 16:42:07.0612 0x1944 [ 4EF2D1DCFFC75ADFFFDD471BD9EBEDCC, 9B47DB34537B08D2F934C5FA0503B3441F718F0F8CEDF2483F77C684BD2D63E5 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys 16:42:07.0627 0x1944 uliagpkx - ok 16:42:07.0643 0x1944 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\Windows\System32\drivers\umbus.sys 16:42:07.0643 0x1944 umbus - ok 16:42:07.0674 0x1944 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\Windows\System32\drivers\umpass.sys 16:42:07.0674 0x1944 UmPass - ok 16:42:07.0705 0x1944 [ 87743CF5FF2FB3F2B424F0D8DFF8FD8C, C14C979612426D4449274C109FCF25D3BE170DC5CD7EF8E230C7E8D5681904D3 ] UmRdpService C:\Windows\System32\umrdp.dll 16:42:07.0721 0x1944 UmRdpService - ok 16:42:07.0768 0x1944 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\Windows\System32\upnphost.dll 16:42:07.0783 0x1944 upnphost - ok 16:42:07.0830 0x1944 [ 621317D14B93CBFBD5694767EFB6B40A, 84D3F4AA2CAFA11DF5EAD178889ACCAA2FF50D48AFE9518F63FBB862928630FB ] usbccgp C:\Windows\System32\drivers\usbccgp.sys 16:42:07.0830 0x1944 usbccgp - ok 16:42:07.0877 0x1944 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\Windows\System32\drivers\usbcir.sys 16:42:07.0877 0x1944 usbcir - ok 16:42:07.0924 0x1944 [ C996CBEF922B5653A01E3F50DDCE2F86, 231EB5A36E7EE242197E796D3B4AB12F945D2C8570587BC8D57D45530A0C59B4 ] usbehci C:\Windows\System32\drivers\usbehci.sys 16:42:07.0924 0x1944 usbehci - ok 16:42:07.0987 0x1944 [ E30B159760053C5A1297D2CD08046CD7, E45472CEEC31616DBE2B38C4FD9B90179ED7FF29041F21FB124334B4A53AE48C ] usbhub C:\Windows\System32\drivers\usbhub.sys 16:42:08.0002 0x1944 usbhub - ok 16:42:08.0049 0x1944 [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys 16:42:08.0080 0x1944 USBHUB3 - ok 16:42:08.0096 0x1944 [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci C:\Windows\System32\drivers\usbohci.sys 16:42:08.0096 0x1944 usbohci - ok 16:42:08.0127 0x1944 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\Windows\System32\drivers\usbprint.sys 16:42:08.0127 0x1944 usbprint - ok 16:42:08.0158 0x1944 [ 9D168BFA334D47BE404367EB58D4E130, 23279CBE6ACBD074E7B268BA2EDA14E2255C41F8117173B2BBE653D8259ECFA2 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS 16:42:08.0174 0x1944 USBSTOR - ok 16:42:08.0190 0x1944 [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci C:\Windows\System32\drivers\usbuhci.sys 16:42:08.0190 0x1944 usbuhci - ok 16:42:08.0237 0x1944 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys 16:42:08.0252 0x1944 usbvideo - ok 16:42:08.0268 0x1944 [ 3413BCA17155F82614A3F18518923475, A3C8FAB425CDC088CE9CC33A23B242291469C17848B8BE8DDEAC276905F7BAA4 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS 16:42:08.0283 0x1944 USBXHCI - ok 16:42:08.0299 0x1944 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\Windows\system32\lsass.exe 16:42:08.0299 0x1944 VaultSvc - ok 16:42:08.0330 0x1944 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys 16:42:08.0330 0x1944 vdrvroot - ok 16:42:08.0402 0x1944 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\Windows\System32\vds.exe 16:42:08.0449 0x1944 vds - ok 16:42:08.0464 0x1944 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys 16:42:08.0480 0x1944 VerifierExt - ok 16:42:08.0542 0x1944 [ 8ABB4BABF59F092DF0B43778D8FD1884, 94C2100CE86448543A8DD586AD4A128AB9EB37959238D70F33EF59202270AC6C ] vhdmp C:\Windows\System32\drivers\vhdmp.sys 16:42:08.0558 0x1944 vhdmp - ok 16:42:08.0589 0x1944 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\Windows\system32\drivers\viaide.sys 16:42:08.0589 0x1944 viaide - ok 16:42:08.0621 0x1944 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\Windows\system32\drivers\vmbus.sys 16:42:08.0621 0x1944 vmbus - ok 16:42:08.0652 0x1944 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys 16:42:08.0652 0x1944 VMBusHID - ok 16:42:08.0714 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\Windows\System32\ICSvc.dll 16:42:08.0730 0x1944 vmicguestinterface - ok 16:42:08.0746 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\Windows\System32\ICSvc.dll 16:42:08.0761 0x1944 vmicheartbeat - ok 16:42:08.0777 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\Windows\System32\ICSvc.dll 16:42:08.0777 0x1944 vmickvpexchange - ok 16:42:08.0808 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\Windows\System32\ICSvc.dll 16:42:08.0808 0x1944 vmicrdv - ok 16:42:08.0824 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\Windows\System32\ICSvc.dll 16:42:08.0839 0x1944 vmicshutdown - ok 16:42:08.0855 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\Windows\System32\ICSvc.dll 16:42:08.0871 0x1944 vmictimesync - ok 16:42:08.0886 0x1944 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\Windows\System32\ICSvc.dll 16:42:08.0902 0x1944 vmicvss - ok 16:42:08.0949 0x1944 [ 436E1A724E7E683F6B612D3D58F04241, 939B5EF0090DF3759295F88402FD0EA33F499DDA9F89E5D0E90D1F9AED65D491 ] volmgr C:\Windows\system32\drivers\volmgr.sys 16:42:08.0949 0x1944 volmgr - ok 16:42:08.0996 0x1944 [ 7DD4EAE2E680948D9AFF3E1B5234C1D3, 7B893CEF2B72458F5C716C811A24E4A8856E12E2AC9F551606A64B59C9DCF272 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys 16:42:09.0011 0x1944 volmgrx - ok 16:42:09.0042 0x1944 [ 17F7B0F2298D97F4B6C7A69511033D3D, 5BDFC225F31553786726808FB7952940FC05CA72B3977D684056F42AFAA59565 ] volsnap C:\Windows\system32\drivers\volsnap.sys 16:42:09.0042 0x1944 volsnap - ok 16:42:09.0089 0x1944 [ DAC438FB5FF85A9E72806E2341D5D732, B1D1EFCA8C588A6BF53CEC941CC59702C366F15C7D5943431736EC857E57C0A2 ] vpci C:\Windows\System32\drivers\vpci.sys 16:42:09.0089 0x1944 vpci - ok 16:42:09.0121 0x1944 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\Windows\system32\drivers\vsmraid.sys 16:42:09.0136 0x1944 vsmraid - ok 16:42:09.0214 0x1944 [ D0CBA7B3531CCF2ADB985856D5F92434, 7FCBBCAF1AA85DCE8D75FB38DC4848AE12E8DD913CEBBC37BCD3D0123F0A3CAB ] VSS C:\Windows\system32\vssvc.exe 16:42:09.0261 0x1944 VSS - ok 16:42:09.0293 0x1944 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys 16:42:09.0308 0x1944 VSTXRAID - ok 16:42:09.0340 0x1944 [ 71066FF95C487327E44C8AF1B72EBE8B, EA2729126B452CAE0C80D07501779D804B08E47F1217B61D53277B40869FEC25 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys 16:42:09.0355 0x1944 vwifibus - ok 16:42:09.0355 0x1944 [ 29AB43937FFDA0B0FB56984226E698C6, 6A1A559964FE5D594E54988C46149969E6FFD5A8D5A6862E14648B608794CC29 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys 16:42:09.0371 0x1944 vwififlt - ok 16:42:09.0371 0x1944 [ 8B8624A93E3F88CB923AEB05B6313227, 2856B63CD376BF2B1A9129581E7B9207588D4EAFD29A2C8D98F176FEAFDE26A9 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys 16:42:09.0386 0x1944 vwifimp - ok 16:42:09.0418 0x1944 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\Windows\system32\w32time.dll 16:42:09.0433 0x1944 W32Time - ok 16:42:09.0480 0x1944 [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc C:\Windows\system32\inetsrv\w3logsvc.dll 16:42:09.0480 0x1944 w3logsvc - ok 16:42:09.0496 0x1944 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\Windows\System32\drivers\wacompen.sys 16:42:09.0496 0x1944 WacomPen - ok 16:42:09.0558 0x1944 [ 9A476AA8F78384678349BBC16502F4C4, C89A47C97EDF8BD09407C9BBE9BDC4FBFE8A54CA9AB4E1B82E8E0BAD6C18339B ] WAS C:\Windows\system32\inetsrv\iisw3adm.dll 16:42:09.0574 0x1944 WAS - ok 16:42:09.0652 0x1944 [ 841345442390953CBC8801B95D3D0540, FD4F9FD2C4C60A1A580177FFF2E9035009AC6A38E78D4236B0ED4773E3B263EE ] wbengine C:\Windows\system32\wbengine.exe 16:42:09.0699 0x1944 wbengine - ok 16:42:09.0777 0x1944 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll 16:42:09.0793 0x1944 WbioSrvc - ok 16:42:09.0840 0x1944 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\Windows\System32\wcmsvc.dll 16:42:09.0855 0x1944 Wcmsvc - ok 16:42:09.0902 0x1944 [ A7F2B008F038EFFED5A847029852BC27, EC6C6DEC559AA0DD4307F87880939A84A4CFB13C73C92C444E9B53EBBDE80F79 ] wcncsvc C:\Windows\System32\wcncsvc.dll 16:42:09.0918 0x1944 wcncsvc - ok 16:42:09.0965 0x1944 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll 16:42:09.0965 0x1944 WcsPlugInService - ok 16:42:09.0996 0x1944 [ F2E08D1C067FEFC3A42D21FD4810F1D3, A8AD114094D9AE3BC6F76940EF873FD21CCF130DE7F8712950F1962DCE25F1B3 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys 16:42:09.0996 0x1944 WdBoot - ok 16:42:10.0043 0x1944 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys 16:42:10.0074 0x1944 Wdf01000 - ok 16:42:10.0090 0x1944 [ E234820E6B84ABA5E84E00227F505AE8, 645B809B883D8F678F2535B575AA1D595F27EBFCE0A16433E9A54CC266BD74F2 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys 16:42:10.0105 0x1944 WdFilter - ok 16:42:10.0136 0x1944 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\Windows\system32\wdi.dll 16:42:10.0136 0x1944 WdiServiceHost - ok 16:42:10.0136 0x1944 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\Windows\system32\wdi.dll 16:42:10.0152 0x1944 WdiSystemHost - ok 16:42:10.0168 0x1944 [ A74AD6D80AC26E1B5DD276FC927F2BAC, F73F090D46BB2AAA6A8D148C658B2EA8C07B16201BB800A9283F4017DC249809 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys 16:42:10.0168 0x1944 WdNisDrv - ok 16:42:10.0199 0x1944 WdNisSvc - ok 16:42:10.0246 0x1944 [ A70CAF5EA36CBA5FCA24244306D4D5C6, 76C3E20B62B89D9699A1E817377FAD70B144B877BCC5C850A5B64CC68184D8DA ] WebClient C:\Windows\System32\webclnt.dll 16:42:10.0246 0x1944 WebClient - ok 16:42:10.0293 0x1944 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\Windows\system32\wecsvc.dll 16:42:10.0293 0x1944 Wecsvc - ok 16:42:10.0340 0x1944 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll 16:42:10.0340 0x1944 WEPHOSTSVC - ok 16:42:10.0386 0x1944 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\Windows\System32\wercplsupport.dll 16:42:10.0386 0x1944 wercplsupport - ok 16:42:10.0418 0x1944 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\Windows\System32\WerSvc.dll 16:42:10.0418 0x1944 WerSvc - ok 16:42:10.0465 0x1944 [ B3E08E32BD082100928C6BA18AE5E526, 1D93EB34B5A6DE9CEF3A0F41C346E2172CA43A3EEDD9230CB24DB1AC6F1974DF ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys 16:42:10.0465 0x1944 WFPLWFS - ok 16:42:10.0511 0x1944 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\Windows\System32\wiarpc.dll 16:42:10.0511 0x1944 WiaRpc - ok 16:42:10.0527 0x1944 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\Windows\system32\drivers\wimmount.sys 16:42:10.0527 0x1944 WIMMount - ok 16:42:10.0527 0x1944 WinDefend - ok 16:42:10.0574 0x1944 [ A083D80E73C2186C63A973971BD6E76D, 921BF84860F75FBDC841789B88E7C2835ADAB3DDCE7E7A7E61DE23D3376CAF96 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll 16:42:10.0589 0x1944 WinHttpAutoProxySvc - ok 16:42:10.0668 0x1944 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll 16:42:10.0668 0x1944 Winmgmt - ok 16:42:10.0777 0x1944 [ F81B96E455847919D2382098157DC20A, EDB286730D4F3D535F1F0B738DB39230B05B133FAFDD2F4904AD5B57C2705106 ] WinRM C:\Windows\system32\WsmSvc.dll 16:42:10.0871 0x1944 WinRM - ok 16:42:10.0933 0x1944 [ 3AF1FA17F1C4ACBDB660D8F98B1A9C13, 99B0851410B462685F6705EBF832D10943FB9634030B02D15BF5D0C66F26F2C2 ] WinUSB C:\Windows\System32\drivers\WinUSB.sys 16:42:10.0933 0x1944 WinUSB - ok 16:42:10.0949 0x1944 [ 4F2A80D65AE6F845776E2F06AE6782ED, 2455537C048115435D9EDE4B18F9F54C43912076AEF36BDEFEC35AF2140B8B2E ] WirelessButtonDriver C:\Windows\System32\drivers\WirelessButtonDriver64.sys 16:42:10.0949 0x1944 WirelessButtonDriver - ok 16:42:11.0043 0x1944 [ 2A4A54CB5198AEF84DF56560C679EDD9, 829BED307F9E57EEC38CEF91978034CC6846493AE33E51E76A1AC36EB5B1F197 ] WlanSvc C:\Windows\System32\wlansvc.dll 16:42:11.0090 0x1944 WlanSvc - ok 16:42:11.0215 0x1944 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\Windows\system32\wlidsvc.dll 16:42:11.0261 0x1944 wlidsvc - ok 16:42:11.0293 0x1944 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys 16:42:11.0293 0x1944 WmiAcpi - ok 16:42:11.0340 0x1944 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe 16:42:11.0355 0x1944 wmiApSrv - ok 16:42:11.0371 0x1944 WMPNetworkSvc - ok 16:42:11.0386 0x1944 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\Windows\system32\drivers\Wof.sys 16:42:11.0402 0x1944 Wof - ok 16:42:11.0484 0x1944 [ EDFA5CEDBE174FAAA4A09A6B297AEA42, 5998FE15462E4AD9C7B1444E5E2C17BD470DA3A5D474A0A118E02E47DADC678A ] workfolderssvc C:\Windows\system32\workfolderssvc.dll 16:42:11.0547 0x1944 workfolderssvc - ok 16:42:11.0583 0x1944 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys 16:42:11.0583 0x1944 wpcfltr - ok 16:42:11.0630 0x1944 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\Windows\System32\wpcsvc.dll 16:42:11.0630 0x1944 WPCSvc - ok 16:42:11.0677 0x1944 [ 25BE82B325AC22FE563A58A1AC29F4C1, 4247BAA9A44C964446F81ED44F18B28F1F730F46851EC2B756BAC57FB9D86700 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll 16:42:11.0677 0x1944 WPDBusEnum - ok 16:42:11.0693 0x1944 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys 16:42:11.0693 0x1944 WpdUpFltr - ok 16:42:11.0708 0x1944 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys 16:42:11.0708 0x1944 ws2ifsl - ok 16:42:11.0755 0x1944 [ 501D5EFAB9711039479AE48401386D2B, C8C1184DE93E9D2C4E8A60E4E9980745C4E5470E5DA9B59165D18705330ADEFE ] wscsvc C:\Windows\System32\wscsvc.dll 16:42:11.0755 0x1944 wscsvc - ok 16:42:11.0782 0x1944 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\Windows\System32\drivers\WSDPrint.sys 16:42:11.0782 0x1944 WSDPrintDevice - ok 16:42:11.0808 0x1944 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\Windows\system32\DRIVERS\WSDScan.sys 16:42:11.0808 0x1944 WSDScan - ok 16:42:11.0808 0x1944 WSearch - ok 16:42:11.0949 0x1944 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\Windows\System32\WSService.dll 16:42:12.0074 0x1944 WSService - ok 16:42:12.0231 0x1944 [ D9FFD9E4DECC180ECFD85C44B5459D7B, 863BB388B855407BFE45A71EB64EF683C72332C6B948888BD9953D644C044F85 ] wuauserv C:\Windows\system32\wuaueng.dll 16:42:12.0356 0x1944 wuauserv - ok 16:42:12.0403 0x1944 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys 16:42:12.0418 0x1944 WudfPf - ok 16:42:12.0450 0x1944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys 16:42:12.0465 0x1944 WUDFRd - ok 16:42:12.0465 0x1944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\Windows\System32\drivers\WUDFRd.sys 16:42:12.0465 0x1944 WUDFSensorLP - ok 16:42:12.0528 0x1944 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll 16:42:12.0528 0x1944 wudfsvc - ok 16:42:12.0543 0x1944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\Windows\System32\drivers\WUDFRd.sys 16:42:12.0543 0x1944 WUDFWpdFs - ok 16:42:12.0559 0x1944 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\Windows\system32\DRIVERS\WUDFRd.sys 16:42:12.0559 0x1944 WUDFWpdMtp - ok 16:42:12.0606 0x1944 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\Windows\System32\wwansvc.dll 16:42:12.0621 0x1944 WwanSvc - ok 16:42:12.0637 0x1944 ================ Scan global =============================== 16:42:12.0700 0x1944 [ 3500AF0BA2EF095BF313EEB75D2366C6, C755E57B02BFA82151A182DF964349859575570EA5C3FBA81F747B8D2134A4D0 ] C:\Windows\system32\basesrv.dll 16:42:12.0747 0x1944 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\Windows\system32\winsrv.dll 16:42:12.0793 0x1944 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\Windows\system32\sxssrv.dll 16:42:12.0856 0x1944 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\Windows\system32\services.exe 16:42:12.0872 0x1944 [ Global ] - ok 16:42:12.0872 0x1944 ================ Scan MBR ================================== 16:42:12.0887 0x1944 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0 16:42:12.0887 0x1944 \Device\Harddisk0\DR0 - ok 16:42:12.0887 0x1944 ================ Scan VBR ================================== 16:42:12.0903 0x1944 [ B453EC453D2C5215C931DEE91DCB38F1 ] \Device\Harddisk0\DR0\Partition1 16:42:12.0903 0x1944 \Device\Harddisk0\DR0\Partition1 - ok 16:42:12.0918 0x1944 [ D9A3CF3777D4831B2751D3A0DFD5EF76 ] \Device\Harddisk0\DR0\Partition2 16:42:12.0918 0x1944 \Device\Harddisk0\DR0\Partition2 - ok 16:42:12.0934 0x1944 [ 47C24E0AE6750EF6FD9C9EBC81909B82 ] \Device\Harddisk0\DR0\Partition3 16:42:12.0934 0x1944 \Device\Harddisk0\DR0\Partition3 - ok 16:42:12.0952 0x1944 [ BDF39DF96BEA82277FCDCAF669E76851 ] \Device\Harddisk0\DR0\Partition4 16:42:12.0952 0x1944 \Device\Harddisk0\DR0\Partition4 - ok 16:42:12.0983 0x1944 [ 975C9911D0466B4B833B01F515B91DAE ] \Device\Harddisk0\DR0\Partition5 16:42:12.0983 0x1944 \Device\Harddisk0\DR0\Partition5 - ok 16:42:12.0983 0x1944 ================ Scan generic autorun ====================== 16:42:13.0265 0x1944 [ EE0170917D3E6BC75D668C1D39815CAD, 138297BFC2B37FA694D5CFC126AF08516F9CD3372B4CCEC3B950BBC8250C428F ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe 16:42:13.0499 0x1944 RTHDVCPL - ok 16:42:13.0656 0x1944 [ 94A8196066774252DF015EEDF02CCA44, AD2DFDA427E3CCB5C8404F0AFAFE71C64B862D2E26A67E1BFC2B40738FD0B873 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe 16:42:13.0734 0x1944 NvBackend - ok 16:42:13.0890 0x1944 [ DE9938F17D9B173B1CA83E218F03CCC0, BC007746535036743640A17E4AB495114F1370A7522BA6391309266C0B7789A2 ] C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe 16:42:14.0046 0x1944 SimplePass - ok 16:42:14.0078 0x1944 [ 9159063E3EF84A832DB5251447BACE9C, EE1DD20A5176816F484DD6945674750F43EC37B13355815FD20459097028EAA5 ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe 16:42:14.0078 0x1944 OPBHOBroker - ok 16:42:14.0109 0x1944 [ AC382EA1AA21E592C808E46D95E6533D, B2941B6AAB48C245B47E94C74F0A1149A66428586ED3747C74C45BBFDA03741E ] C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe 16:42:14.0124 0x1944 OPBHOBrokerDesktop - ok 16:42:14.0124 0x1944 SynTPEnh - ok 16:42:14.0184 0x1944 [ FD8635F0976F6538C43CD306AF4A3BE5, 6108A2B39DEF7947317F2BEC881153939A1122391AEEE85356C3915AF2FFE9AC ] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe 16:42:14.0184 0x1944 AccelerometerSysTrayApplet - ok 16:42:14.0214 0x1944 [ 5C62CE5C736F9F3FE7731BB313D1B521, F8CD6CE19996472350A966772ADEE3BF7C62087509CAAEB401A58E9AB2B8C995 ] C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe 16:42:14.0229 0x1944 HPMessageService - ok 16:42:14.0276 0x1944 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe 16:42:14.0276 0x1944 BCSSync - ok 16:42:14.0511 0x1944 [ F5281FA7188154C928ED27911B0BA6FD, 6CBF1F4E0D04986EF60A42A8A826FDB9681370EB30DB37958716FBB717757DEA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe 16:42:14.0652 0x1944 BrStsMon00 - ok 16:42:14.0762 0x1944 [ 9DEF1B844FF294FE5900711764F82B72, 155BC2F63E395D4A20073329044A9D6AB13CCC6CA14DF63B43DE34C5F5ED035F ] C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe 16:42:14.0824 0x1944 BrStsInd00 - ok 16:42:14.0902 0x1944 [ 91988A31FB052AD9ADFA1FA97881C6D5, 4807ABC2A3AB127A39418EB0412DC4CAD95A07B5B1071C8D50B4C754A09A13F1 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe 16:42:14.0918 0x1944 SunJavaUpdateSched - ok 16:42:15.0090 0x1944 [ 3D5D4137594D2EBA8868EAD504B89366, D5FEB5B8303B083A79A4617E59B2FB34FAD71BE72F3F8DD6E4B69B3D03FE658A ] C:\Program Files\DAEMON Tools Lite\DTAgent.exe 16:42:15.0231 0x1944 DAEMON Tools Lite Automount - ok 16:42:15.0402 0x1944 [ 53FA80D59C4AAB29D2913F26BF6F0786, BEAA015C567B6263FBDEDB511AF2401DD9158ACF2356A797CAE60F1F721CF043 ] C:\Program Files (x86)\Steam\steam.exe 16:42:15.0512 0x1944 Steam - ok 16:42:15.0527 0x1944 Waiting for KSN requests completion. In queue: 169 16:42:16.0587 0x1944 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.209.0 ), 0x60110 ( disabled : outofdate ) 16:42:16.0587 0x1944 AV detected via SS2: Malwarebytes, C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe ( 3.0.0.198 ), 0x61000 ( enabled : updated ) 16:42:16.0634 0x1944 Win FW state via NFP2: enabled ( trusted ) 16:42:16.0696 0x1944 ============================================================ 16:42:16.0696 0x1944 Scan finished 16:42:16.0696 0x1944 ============================================================ 16:42:16.0696 0x0308 Detected object count: 0 16:42:16.0696 0x0308 Actual detected object count: 0 16:45:35.0006 0x0e40 Deinitialize success ------- P.s. I tried watching a high quality stream in Safe Mode with Networking. Unfortunately, RealTemp couldn't launch, so I could only judge by the sound of the fan. It was getting pretty loud, so, I think, the problem persists even in Safe Mode
  4. Yes, the search didn't find anything in this path: C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\ But what about this path? C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\cpu Cpu is an invisible folder in the internet settings folder and I can't open it or check whether there are any files in that folder Btw, is it possible that this miner, considering that he used my videocard to mine stuff, somehow damaged my videocard or did something to the fan's cooling paste? Maybe because of that the temperature is rising since high quality videos/streams put a pressure on a damaged videocard or a fan?
  5. The problem with increasing temperature from watching high quality streams or youtube videos still persists. I forgot to tell but the increasing temperature is accompanied by a fan spinning really hard/making noise, so that's another way to know if the problem still persists. Chrome is not Synced with other devices
  6. Here's the adwcleaner log and attached frst fixlog # ------------------------------- # Malwarebytes AdwCleaner 7.4.0.0 # ------------------------------- # Build: 07-23-2019 # Database: 2019-08-27.1 (Cloud) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Clean # ------------------------------- # Start: 08-29-2019 # Duration: 00:00:04 # OS: Windows 8.1 Single Language # Cleaned: 14 # Failed: 0 ***** [ Services ] ***** No malicious services cleaned. ***** [ Folders ] ***** Deleted C:\Program Files (x86)\LibraryModule ***** [ Files ] ***** No malicious files cleaned. ***** [ DLL ] ***** No malicious DLLs cleaned. ***** [ WMI ] ***** No malicious WMI cleaned. ***** [ Shortcuts ] ***** No malicious shortcuts cleaned. ***** [ Tasks ] ***** No malicious tasks cleaned. ***** [ Registry ] ***** Deleted HKCU\Software\Amigo Deleted HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted HKCU\Software\Classes\ITVA Deleted HKCU\Software\Xpom Deleted HKLM\Software\Classes\ITVA Deleted HKLM\Software\Wow6432Node\{12A61307-94CD-4F8E-94BC-918E511FAA81} Deleted HKLM\Software\Wow6432Node\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted HKLM\Software\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Deleted HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} Deleted HKU\S-1-5-18\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} ***** [ Chromium (and derivatives) ] ***** Deleted ahnphcmhmhcjjcjhmnnjjlbmaeljecga Deleted Домашняя страница Mail.Ru Deleted Домашняя страница Mail.Ru ***** [ Chromium URLs ] ***** No malicious Chromium URLs cleaned. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries cleaned. ***** [ Firefox URLs ] ***** No malicious Firefox URLs cleaned. ***** [ Preinstalled Software ] ***** No Preinstalled Software cleaned. ************************* [+] Delete Tracing Keys [+] Reset Winsock ************************* AdwCleaner[S00].txt - [2595 octets] - [29/08/2019 12:48:51] AdwCleaner[S01].txt - [2375 octets] - [29/08/2019 12:54:01] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ########## Fixlog.txt
  7. Sorry, the corect path is C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\ and C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\cpu User instead of MYNAME after Users
  8. Good day, Did as you said although the problem still persists. I neve described the problem as to what exactly miner does, here it is: I use the program called RealTemp to see the temperature of my laptop and when it got infected with the miner, whenever laptop was idling for 4 minutes, the program Mint.exe was trying to launch but was prompting an error since Malwarebytes deleted one of .dll files it needed. Despite this, RealTemp was showing an increase in temperature, probably because Mint.exe was trying to start its thing. I managed to delete all visible (there could be invisible) miner files in the hidden folder where it was located, and this issue with this Mint.exe trying to start disppeared and the temperature no longer increases after idling. It was located in C:\Users\MYNAME\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings In the reddit thread I mentioned in the 1st post there is another folder called cpu that goes after Internet Settings where Mint.exe was located. There are other files and reddit user attached a screenshot which shows them. C:\Users\MYNAME\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\cpu I suspect that these files are still intact and maybe something else is hidden somewhere, maybe in the registry? The problem with mint.exe after idling wasn't the only one, there is another one as well: Whenever I'm playing a game or watch a high quality (60 FPS, 1080p, etc.) Youtube video or stream on Twitch, the RealTemp would show an enormous increase in temperature (up to 100 C). These videos/streams would also start lagging a lot and the audio would start to crackle really hard. This is still the case, so I suspect that laptop is still infected with the miner to some degree. On the bright side, MalwareBytes is working again, so that's good. But I'm afraid that we're not done yet... Here is the fixlog file Fixlog.txt
  9. Are you looking through it? It would be nice to know how much time on average it takes for you to respond, so I wouldn't worry about it
  10. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-08-2019 Ran by User (administrator) on FALLENWISP (Hewlett-Packard HP Pavilion 15 Notebook PC) (27-08-2019 15:26:51) Running from C:\Users\User\Desktop\Help Loaded Profiles: User (Available Profiles: User) Platform: Windows 8.1 Single Language (Update) (X64) Language: Русский (Россия) Default browser: Chrome Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) () [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\opvapp.exe (Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe (CyberLink Corp. -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe (CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe (Discord Inc. -> Discord Inc.) C:\Users\User\AppData\Local\Discord\app-0.0.305\Discord.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe (Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe (Hewlett-Packard Company -> Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe (Hewlett-Packard Company) [File not signed] C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation - Intel® Rapid Storage Technology -> Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation - Software and Firmware Products -> Intel Corporation) C:\Windows\System32\igfxHK.exe (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel(R) Smart Connect software -> ) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (Intel(R) Smart Connect software -> Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\alg.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\InputMethod\JPN\JpnIME.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe (Microsoft) [File not signed] C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Guard.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Softex Inc.) [File not signed] C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe (Softex Incorporated -> Hewlett-Packard) C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (TechPowerUp Ltd -> uWebb Software) C:\Users\User\Desktop\Games\RealTemp\RealTemp.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7573208 2014-04-23] (Realtek Semiconductor Corp -> Realtek Semiconductor) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2397120 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) HKLM\...\Run: [SimplePass] => C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe [3962936 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [OPBHOBroker] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [OPBHOBrokerDesktop] => C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe [415288 2014-03-28] (Softex Incorporated -> Hewlett-Packard) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2818800 2014-06-17] (Synaptics Incorporated -> Synaptics Incorporated) HKLM-x32\...\Run: [AccelerometerSysTrayApplet] => C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe [126240 2014-04-01] (Hewlett-Packard Company -> Hewlett-Packard Company) HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe [506680 2014-06-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation -> Microsoft Corporation) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4509184 2012-12-27] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [BrStsInd00] => C:\Program Files (x86)\BrownyInd\Brother\BrIndicator.exe [1885184 2012-12-18] (Brother Industries, Ltd.) [File not signed] HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [644552 2019-07-04] (Oracle America, Inc. -> Oracle Corporation) HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd) HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3148576 2019-06-18] (Valve -> Valve Corporation) HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Run: [GarenaPlus] => "C:\Program Files (x86)\Garena Plus\GarenaMessenger.exe" -autolaunch HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Policies\Explorer: [DisallowRun] 1 HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Policies\Explorer\DisallowRun: [1] updatedg.exe HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Policies\Explorer\DisallowRun: [2] HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\Policies\Explorer\DisallowRun: [3] HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {36efd3fa-5886-11e5-826e-b01041efc924} - "H:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {36efdec3-5886-11e5-826e-b01041efc924} - "F:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {3ccfd6f4-03a8-11e9-8303-b01041efc924} - "E:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {79b50c7b-61cf-11e5-826f-b01041efc924} - "H:\autorun.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {84ab9fed-af9a-11e5-827d-b01041efc924} - "E:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {9b80979b-89d9-11e5-8275-b01041efc924} - "I:\Launch.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {adc50d67-7536-11e7-82cf-806e6f6e6963} - "F:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {b4266c02-03af-11e9-8303-b01041efc924} - "E:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {bb87b6a5-cbad-11e8-82fc-b01041efc924} - "E:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {d43a69f4-2552-11e5-825d-b01041efc924} - "J:\RunGame.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {e02ce01a-c55a-11e8-82f9-b01041efc924} - "E:\setup.exe" HKU\S-1-5-21-2839409425-609468984-1780624264-1001\...\MountPoints2: {ed2ba550-d13c-11e8-82fd-b01041efc924} - "E:\setup.exe" HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.100\Installer\chrmstp.exe [2019-08-08] (Google LLC -> Google LLC) HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level HKLM\Software\...\Authentication\Credential Providers: [{538C240D-3DEE-4032-AB4C-08A3A6EB0861}] -> C:\Program Files (x86)\CyberLink\YouCam\CLCredProv\x64\CLCredProv.dll [2014-06-18] (CyberLink Corp. -> CyberLink) HKLM\Software\...\Authentication\Credential Providers: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed] HKLM\Software\...\Authentication\Credential Provider Filters: [{F3F1B0FA-4775-41d8-8578-436772D93FB4}] -> C:\Program Files\Hewlett-Packard\SimplePass\OmniPassCredProv.dll [2014-03-28] (Softex Inc..) [File not signed] Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-09-25] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel(R) Smart Connect software -> Intel Corporation) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FacebookGamesNotifier.exe.lnk [2016-06-12] ShortcutTarget: FacebookGamesNotifier.exe.lnk -> C:\Users\User\AppData\Local\Facebook\Games\FacebookGamesNotifier.exe (No File) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Guard.lnk [2019-08-27] ShortcutTarget: Guard.lnk -> C:\Users\User\AppData\Roaming\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Settings\Guard.exe (Microsoft) [File not signed] GroupPolicy: Restriction ? <==== ATTENTION GroupPolicy\User: Restriction ? <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {19566586-DED4-44AC-9ECF-F1592AB01398} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542520 2014-06-03] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {52537E47-480F-4DC6-A1BE-2E01D2218A3C} - System32\Tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon => C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe [1354552 2014-05-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) Task: {7A737068-7DD1-412C-9859-4FD0A0152292} - System32\Tasks\YCMServiceAgent => C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe [267224 2014-06-18] (CyberLink Corp. -> CyberLink Corp.) Task: {8AC60677-5EF0-42F0-A5A5-38C2C83BA7DB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_142_Plugin.exe [1457152 2019-02-18] (Adobe Systems Incorporated -> Adobe Systems Incorporated) Task: {8D76C5A6-2F75-44D6-A834-1DD5F589F692} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} Task: {9E00C13C-A222-4E83-B1F4-C366371E9E05} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [630584 2014-05-12] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {A190B3C8-DCF2-42C7-A1F6-14F40276FC63} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-20] (Google Inc -> Google LLC) Task: {AAC1E720-7F59-43B3-964B-CE0F6B8D42AD} - System32\Tasks\{CB653881-1574-47B9-B433-A8EC0ED40F2D} => C:\Windows\system32\pcalua.exe -a C:\Users\User\AppData\Roaming\uTorrent\uTorrent.exe -c /UNINSTALL Task: {B4DF5950-7B0C-4093-BF11-B1F26499E6A5} - System32\Tasks\{6B60790A-3699-46DE-9267-9457818F3A16} => C:\Windows\system32\pcalua.exe -a C:\Users\User\Desktop\Desu\th06e.exe -d C:\Users\User\Desktop\Desu Task: {B5721181-1425-495A-AFA7-27FCB3A68F52} - System32\Tasks\Virtual Disk Service Manager => C:\Users\User\AppData\Roaming\Command and Conquer 3 Kanes Wrath\MSSvc\mssvc.exe Task: {BB7FBD2E-1F57-4E8C-AF2A-FFA677B66F5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [542520 2014-06-03] (Hewlett-Packard Company -> Hewlett-Packard Company) Task: {BFD73CF8-645C-4E2F-A5ED-7D64AE590F65} - System32\Tasks\{ECCC9A2B-02BE-4E0C-AB51-9459DB972196} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\THQ\Titan Quest Immortal Throne\Tqit.exe" -d "C:\Program Files (x86)\THQ\Titan Quest Immortal Throne" Task: {E0791E28-FB7B-444C-9A73-28F89B827B8B} - System32\Tasks\{F8E27667-E223-40A3-8FD3-AC9EB6F4913F} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\R.G. Mechanics\Gatling Gears\Game\GatlingGears\GatlingGears.exe" -d "C:\Program Files (x86)\R.G. Mechanics\Gatling Gears\Game\GatlingGears" Task: {EC149958-7B3D-430C-918E-44723AC8E50A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-05-20] (Google Inc -> Google LLC) Task: {F627077A-096D-46D0-AA3C-08123CE085FC} - System32\Tasks\{26C11AFB-A9BA-4A9D-8BFD-BAD8C9C9A16F} => C:\Windows\system32\pcalua.exe -a "C:\Games\Majesty2 Cold Sunrise\Majesty2_launcher.exe" -d "C:\Games\Majesty2 Cold Sunrise\" Task: {F6A33A6B-E39A-4172-BB9C-6CCFA7637717} - System32\Tasks\{D83DF9EB-D95C-46FA-BAA3-B7ED936F1E36} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\Grey Goo\GooG.exe" -d "C:\Program Files (x86)\Grey Goo" (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 Tcpip\..\Interfaces\{B7E32ADB-1C67-45CD-AD20-EBE47BD0B89F}: [DhcpNameServer] 192.168.0.1 Internet Explorer: ================== HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130850658070550226&GUID=5E1EAB67-A87D-6248-EAFF-803598739E39 HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/36 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130850658070891245&GUID=5E1EAB67-A87D-6248-EAFF-803598739E39 HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/36 HKU\S-1-5-21-2839409425-609468984-1780624264-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://casualgame.biz HKU\S-1-5-21-2839409425-609468984-1780624264-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://g.uk.msn.com/HPALL14/36 SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM-x32 -> {8F323AEA-8300-44EC-AE1A-EAFC736F39C3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} SearchScopes: HKU\S-1-5-21-2839409425-609468984-1780624264-1001 -> {8F323AEA-8300-44EC-AE1A-EAFC736F39C3} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie=UTF-8&tag=hp-uk3-vsb-21&link%5Fcode=qs&index=aps&field-keywords={searchTerms} BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO: JoniCooupon -> {DD62485D-CB3C-40C9-BB05-B58A5D281D34} -> C:\Program Files (x86)\JoniCooupon\FyAdqQR0FatEBa.x64.dll => No File BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\ssv.dll [2019-08-07] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\jp2ssv.dll [2019-08-07] (Oracle America, Inc. -> Oracle Corporation) BHO-x32: JoniCooupon -> {DD62485D-CB3C-40C9-BB05-B58A5D281D34} -> C:\Program Files (x86)\JoniCooupon\FyAdqQR0FatEBa.dll => No File FireFox: ======== FF DefaultProfile: abtjy82t.default FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\abtjy82t.default [2019-07-27] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_142.dll [2019-02-18] (Adobe Systems Incorporated -> ) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_142.dll [2019-02-18] (Adobe Systems Incorporated -> ) FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll [2013-09-05] (Adobe Systems, Inc.) [File not signed] FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] (Foxit Corporation -> ) FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-13] (Foxit Corporation -> ) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel® Identity Protection Technology Software -> Intel Corporation) FF Plugin-x32: @java.com/DTPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\dtplugin\npDeployJava1.dll [2019-08-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.221.2 -> C:\Program Files (x86)\Java\jre1.8.0_221\bin\plugin2\npjp2.dll [2019-08-07] (Oracle America, Inc. -> Oracle Corporation) FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation -> Microsoft Corporation) FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-20] (Google Inc -> Google LLC) FF Plugin HKU\S-1-5-21-2839409425-609468984-1780624264-1001: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] Chrome: ======= CHR DefaultProfile: Default CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__ CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default [2019-08-27] CHR Extension: (Google Презентации) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-15] CHR Extension: (BetterTTV) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2018-07-29] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Get Styles) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cammakhaipbljopbkbbffhachjekcfki [2016-04-15] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27] CHR Extension: (FrankerFaceZ) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\fadndhdgpmmaapbmfcknlfgcflmmmieb [2017-01-01] CHR Extension: (Google Таблицы) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-15] CHR Extension: (Google Документы офлайн) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14] CHR Extension: (Into The Mist) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgihmkgobaljfehcadcckdggpeojaadh [2016-12-15] CHR Extension: (Superblock - Adblocker) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\miijbmhjndcihicbljlcieiajhemmdeb [2018-04-19] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-24] CHR Extension: (Chrome Media Router) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-08-09] CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\System Profile [2018-10-09] CHR HKU\S-1-5-21-2839409425-609468984-1780624264-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ahnphcmhmhcjjcjhmnnjjlbmaeljecga] - hxxps://clients2.google.com/service/update2/crx CHR HKU\S-1-5-21-2839409425-609468984-1780624264-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [ehfjihahbphdpljpiadbkmgmhnfehhgi] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 Bonjour Service; C:\Program Files (x86)\Blizzard\Bonjour Service\mDNSResponder.exe [390504 2018-11-19] (Apple Inc. -> Apple Inc.) S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed] S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd -> Disc Soft Ltd) R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2014-06-03] (Hewlett-Packard Company) [File not signed] R2 HPWMISVC; C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPWMISVC.exe [475960 2014-06-19] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315376 2014-05-15] (Intel Corporation - Software and Firmware Products -> Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation) R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [200168 2013-12-04] (Intel(R) Smart Connect software -> ) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) U2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes) R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1879488 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 NvStreamNetworkSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe [3632576 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2521024 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R2 omniserv; C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe [88064 2014-03-28] (Softex Inc.) [File not signed] R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [389896 2014-04-14] (CyberLink Corp. -> ) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [290520 2014-01-09] (Realtek Semiconductor Corp -> Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [191728 2014-06-17] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation) S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Accelerometer; C:\Windows\system32\DRIVERS\Accelerometer.sys [43320 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard) S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Broadcom Corporation -> Windows (R) Win 7 DDK provider) R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2015-07-10] (Disc Soft Ltd -> Disc Soft Ltd) S3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2016-06-06] (Echobit, LLC -> Echobit, LLC) S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2016-05-04] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.) R0 hpdskflt; C:\Windows\System32\DRIVERS\hpdskflt.sys [30520 2013-07-23] (Hewlett-Packard Company -> Hewlett-Packard) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-13] (Intel(R) Smart Connect software -> ) R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-13] (Intel(R) Smart Connect software -> ) R3 INETMON; C:\Windows\System32\Drivers\INETMON.sys [29088 2013-08-13] (Intel(R) Smart Connect software -> ) R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-13] (Intel(R) Smart Connect software -> ) R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-08-26] (Malwarebytes Corporation -> Malwarebytes) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation) R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [26560 2016-06-14] (NVIDIA Corporation -> NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [56384 2016-04-14] (NVIDIA Corporation -> NVIDIA Corporation) S3 qcfilter; C:\Windows\System32\drivers\qcusbfilter.sys [49208 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 qcusbnet; C:\Windows\system32\DRIVERS\qcusbnet.sys [428600 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) S3 qcusbser; C:\Windows\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (Microsoft Windows Hardware Compatibility Publisher -> QUALCOMM Incorporated) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [476888 2014-03-22] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation) S4 secdrv; C:\Windows\SysWow64\Drivers\secdrv.sys [11376 2003-09-02] () [File not signed] S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [30448 2014-06-17] (Synaptics Incorporated -> Synaptics Incorporated) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [31472 2014-06-17] (Synaptics Incorporated -> Synaptics Incorporated) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation) R3 WinRing0_1_2_0; C:\Users\User\Desktop\Games\RealTemp\WinRing0x64.sys [14544 2008-07-26] (Noriyuki MIYAZAKI -> OpenLibSys.org) R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20800 2013-07-22] (Hewlett-Packard Company -> Hewlett-Packard Development Company, L.P.) S3 DrvAgent64; \??\C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS [X] S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X] S3 gkernel; \??\C:\Users\User\AppData\Local\Temp\gkernel.sys [X] <==== ATTENTION S1 MpKslc4fcf727; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6BE51DAD-091F-47AD-82C3-B7789D847A3A}\MpKslc4fcf727.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-27 15:26 - 2019-08-27 15:26 - 000000000 ____D C:\FRST 2019-08-27 15:20 - 2019-08-27 15:26 - 000000000 ____D C:\Users\User\Desktop\Help 2019-08-27 01:44 - 2019-08-27 01:44 - 000003126 _____ C:\Windows\System32\Tasks\{CB653881-1574-47B9-B433-A8EC0ED40F2D} 2019-08-26 22:26 - 2019-08-26 22:26 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys 2019-08-21 18:19 - 2019-08-21 18:20 - 000000000 ____D C:\Users\User\Documents\My Spore Creations ==================== One month (modified) ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2019-08-27 15:24 - 2015-07-04 22:40 - 000000000 ____D C:\Users\User\Desktop\Games 2019-08-27 15:08 - 2015-05-15 11:35 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2839409425-609468984-1780624264-1001 2019-08-27 14:05 - 2019-03-13 11:37 - 000000000 ____D C:\Users\User\Documents\Youcam 2019-08-27 14:02 - 2016-09-10 18:36 - 000000000 ____D C:\Users\User\AppData\Local\CrashDumps 2019-08-27 01:51 - 2016-09-25 22:08 - 000000000 ____D C:\Users\User\AppData\Roaming\discord 2019-08-26 22:24 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2019-08-26 22:23 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI 2019-08-26 19:52 - 2015-07-10 22:35 - 000000000 ____D C:\Games 2019-08-26 19:12 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\WinMetadata 2019-08-26 19:11 - 2019-03-18 23:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2019-08-26 19:11 - 2019-03-15 09:18 - 000000000 ____D C:\Users\User\AppData\Roaming\obs-studio 2019-08-26 19:11 - 2018-04-04 22:36 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2019-08-26 19:09 - 2013-08-22 18:36 - 000000000 ___HD C:\Program Files\WindowsApps 2019-08-26 19:01 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2019-08-26 19:01 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\system32\Macromed 2019-08-26 19:01 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\registration 2019-08-26 19:01 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf 2019-08-26 19:00 - 2019-04-25 21:54 - 000000000 ____D C:\Users\User\AppData\Roaming\ShanghaiAlice 2019-08-26 19:00 - 2015-08-04 15:43 - 000000000 __RHD C:\MSOCache 2019-08-26 15:09 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\LiveKernelReports 2019-08-17 14:57 - 2017-11-15 18:39 - 000000000 ____D C:\Users\User\AppData\Local\Adobe 2019-08-14 02:52 - 2019-05-26 23:54 - 000001503 _____ C:\Users\User\Desktop\Tuhu 17.txt 2019-08-08 01:28 - 2015-08-01 09:22 - 000001270 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk 2019-08-08 01:28 - 2015-08-01 09:22 - 000000000 ____D C:\Program Files\paint.net 2019-08-08 00:35 - 2019-05-20 13:25 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2019-08-07 14:28 - 2015-08-04 17:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2019-08-07 14:28 - 2015-07-28 21:19 - 000000000 ____D C:\Program Files (x86)\Java 2019-08-07 14:26 - 2019-03-15 10:46 - 000098288 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2019-08-07 14:18 - 2014-08-28 04:08 - 000817002 _____ C:\Windows\system32\perfh019.dat 2019-08-07 14:18 - 2014-08-28 04:08 - 000173272 _____ C:\Windows\system32\perfc019.dat 2019-08-07 14:18 - 2014-03-18 12:53 - 001940736 _____ C:\Windows\system32\PerfStringBackup.INI 2019-07-31 23:30 - 2015-07-26 00:23 - 000000000 ____D C:\Program Files (x86)\Steam 2019-07-29 19:58 - 2019-01-12 23:02 - 000000000 ____D C:\Users\User\Downloads\Книги ==================== Files in the root of some directories ================ 2016-11-07 18:51 - 2013-07-22 03:59 - 000012005 _____ () C:\Users\User\AppData\Roaming\alsoft.ini ==================== SigCheck =============================== (There is no automatic fix for files that do not pass verification.) LastRegBack: 2019-08-26 17:28 ==================== End of FRST.txt ============================ Addition.txt
  11. Good day, My laptop got infected with a BitCoinMiner, possibly the same situation as in this case: https://www.reddit.com/r/techsupport/comments/afi615/bitcoin_mining_virus_on_my_laptop_mines_when_idle/ (reddit thread) Guy found something in the task scheduler but I didn't find anything on my end. The DisallowRun thing he did didn't do anything for me either. I tried System Restore but it didn't help. Used Malwarebytes to scan the problem and it found 4 .dll files in the AppContainer path mentioned in the reddit thread. I quarantined and deleted them, restarted the system but it didn't seem to help. Later Malwarebytes detected 2 of the 4 .dll files again, I deleted them. Since nothing helped, I decided to seek help here. Also, today I found out that uTorrent (I know, this thing probably came from the torrents and after all these years of torrenting it finally happened) kinda deleted itself or something? Then Malwarebytes all of a sudden doesn't want to launch as well, giving me the «Unable to connect the Service» error. I tried reinstalling it but I couldn't even uninstall it because it was missing unins0001.msg file. I tried installing Malwarebytes on already exsiting files but the installation setup doesn't even want to start (task manager says it doesn't respond). So yesterday everything was fine, today Malwarebytes is kinda gone - can't launch, can't properly uninstall, can't install the new one... I'm very worried about this situation now and I wonder if I made things even worse for myself which wouldn't be too surprising... Please help
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.