New
#71
Here we go.
This is the first time I ran RKILL tonight. If you want I have other logs too.
Code:Rkill 2.8.4 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2016 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 10/08/2016 06:34:04 PM in x64 mode. Windows Version: Windows 10 Home Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * Security Center (wscsvc) is not Running. Startup Type set to: Automatic (Delayed Start) * agp440 [Missing Service] * gagp30kx [Missing Service] * IEEtwCollectorService [Missing Service] * IoQos [Missing Service] * nv_agp [Missing Service] * TimeBroker [Missing Service] * uagp35 [Missing Service] * uliagpkx [Missing Service] * WcsPlugInService [Missing Service] * wpcfltr [Missing Service] * WSService [Missing Service] * AJRouter => %SystemRoot%\system32\svchost.exe -k LocalServiceNetworkRestricted [Incorrect ImagePath] * WpnService => %systemroot%\system32\svchost.exe -k netsvcs [Incorrect ImagePath] * vmicrdv => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] * vmicvss => %SystemRoot%\System32\icsvcext.dll [Incorrect ServiceDLL] Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * HOSTS file entries found: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com 0.0.0.0 media.opencandy.com 0.0.0.0 cdn.opencandy.com 0.0.0.0 tracking.opencandy.com 0.0.0.0 api.opencandy.com 0.0.0.0 api.recommendedsw.com 0.0.0.0 installer.betterinstaller.com 0.0.0.0 installer.filebulldog.com 0.0.0.0 d3oxtn1x3b8d7i.cloudfront.net 0.0.0.0 inno.bisrv.com 0.0.0.0 nsis.bisrv.com 0.0.0.0 cdn.file2desktop.com 0.0.0.0 cdn.goateastcach.us 0.0.0.0 cdn.guttastatdk.us 0.0.0.0 cdn.inskinmedia.com 0.0.0.0 cdn.insta.oibundles2.com 0.0.0.0 cdn.insta.playbryte.com 0.0.0.0 cdn.llogetfastcach.us 0.0.0.0 cdn.montiera.com 20 out of 35 HOSTS entries shown. Please review HOSTS file for further entries.
This is TDSSkiller. I think I bottched this log, and is from the 2nd time I ran it. The first time it found an unsigned file called CHROME.EXE, and I just deleted it using the software. My son had installed the Chromium browser, it's probably harmless but IDK so I just wanted to report.
Code:22:09:31.0297 0x1808 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31 22:09:31.0885 0x1808 ============================================================ 22:09:31.0885 0x1808 Current date / time: 2016/10/08 22:09:31.0885 22:09:31.0885 0x1808 SystemInfo: 22:09:31.0885 0x1808 22:09:31.0885 0x1808 OS Version: 10.0.14393 ServicePack: 0.0 22:09:31.0885 0x1808 Product type: Workstation 22:09:31.0885 0x1808 ComputerName: LUKE 22:09:31.0885 0x1808 UserName: Luke 22:09:31.0885 0x1808 Windows directory: C:\WINDOWS 22:09:31.0885 0x1808 System windows directory: C:\WINDOWS 22:09:31.0885 0x1808 Running under WOW64 22:09:31.0885 0x1808 Processor architecture: Intel x64 22:09:31.0885 0x1808 Number of processors: 8 22:09:31.0885 0x1808 Page size: 0x1000 22:09:31.0885 0x1808 Boot type: Normal boot 22:09:31.0885 0x1808 CodeIntegrityOptions = 0x00000001 22:09:31.0885 0x1808 ============================================================ 22:09:31.0886 0x1808 KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 14393.206, osProperties = 0x19 22:09:31.0886 0x1808 KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 14393.206, osProperties = 0x19 22:09:31.0886 0x1808 BG loaded 22:09:32.0417 0x1808 System UUID: {DA477E8C-D607-F511-46A6-3D2F11A19AE5} 22:09:32.0883 0x1808 Drive \Device\Harddisk0\DR0 - Size: 0x37E4896000 ( 223.57 Gb ), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:09:32.0896 0x1808 Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 22:09:33.0616 0x1808 Drive \Device\Harddisk2\DR2 - Size: 0x1D4E28000 ( 7.33 Gb ), SectorSize: 0x200, Cylinders: 0x3BC, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 22:09:33.0618 0x1808 ============================================================ 22:09:33.0618 0x1808 \Device\Harddisk0\DR0: 22:09:33.0619 0x1808 MBR partitions: 22:09:33.0619 0x1808 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000 22:09:33.0619 0x1808 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x1BD92800 22:09:33.0619 0x1808 \Device\Harddisk1\DR1: 22:09:33.0619 0x1808 MBR partitions: 22:09:33.0619 0x1808 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xE8E07800 22:09:33.0619 0x1808 \Device\Harddisk2\DR2: 22:09:33.0619 0x1808 MBR partitions: 22:09:33.0619 0x1808 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x1F80, BlocksNum 0xEA51C0 22:09:33.0619 0x1808 ============================================================ 22:09:33.0620 0x1808 C: <-> \Device\Harddisk0\DR0\Partition2 22:09:33.0631 0x1808 Z: <-> \Device\Harddisk1\DR1\Partition1 22:09:33.0631 0x1808 ============================================================ 22:09:33.0631 0x1808 Initialize success 22:09:33.0631 0x1808 ============================================================ 22:10:02.0525 0x11e4 ============================================================ 22:10:02.0525 0x11e4 Scan started 22:10:02.0525 0x11e4 Mode: Manual; SigCheck; TDLFS; 22:10:02.0525 0x11e4 ============================================================ 22:10:02.0525 0x11e4 KSN ping started 22:10:02.0656 0x11e4 KSN ping finished: true 22:10:03.0276 0x11e4 ================ Scan system memory ======================== 22:10:03.0276 0x11e4 System memory - ok 22:10:03.0276 0x11e4 ================ Scan services ============================= 22:10:03.0307 0x11e4 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 22:10:03.0364 0x11e4 1394ohci - ok 22:10:03.0371 0x11e4 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 22:10:03.0381 0x11e4 3ware - ok 22:10:03.0400 0x11e4 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 22:10:03.0420 0x11e4 ACPI - ok 22:10:03.0423 0x11e4 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\WINDOWS\System32\drivers\AcpiDev.sys 22:10:03.0433 0x11e4 AcpiDev - ok 22:10:03.0441 0x11e4 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 22:10:03.0450 0x11e4 acpiex - ok 22:10:03.0456 0x11e4 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 22:10:03.0466 0x11e4 acpipagr - ok 22:10:03.0468 0x11e4 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 22:10:03.0478 0x11e4 AcpiPmi - ok 22:10:03.0490 0x11e4 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 22:10:03.0498 0x11e4 acpitime - ok 22:10:03.0537 0x11e4 [ 8FC33A20D54FB5CC7FBBA814B4E42A22, 707F61F0CEB9467D9BD1782868403BD53DB46EAB0342772661F370E5174AAD8C ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe 22:10:03.0547 0x11e4 AdobeFlashPlayerUpdateSvc - ok 22:10:03.0567 0x11e4 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 22:10:03.0594 0x11e4 ADP80XX - ok 22:10:03.0606 0x11e4 [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD C:\WINDOWS\system32\drivers\afd.sys 22:10:03.0622 0x11e4 AFD - ok 22:10:03.0628 0x11e4 [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 22:10:03.0644 0x11e4 ahcache - ok 22:10:03.0647 0x11e4 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\WINDOWS\System32\AJRouter.dll 22:10:03.0657 0x11e4 AJRouter - ok 22:10:03.0661 0x11e4 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\WINDOWS\System32\alg.exe 22:10:03.0672 0x11e4 ALG - ok 22:10:03.0676 0x11e4 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 22:10:03.0688 0x11e4 AmdK8 - ok 22:10:03.0709 0x11e4 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 22:10:03.0719 0x11e4 AmdPPM - ok 22:10:03.0722 0x11e4 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 22:10:03.0731 0x11e4 amdsata - ok 22:10:03.0737 0x11e4 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 22:10:03.0749 0x11e4 amdsbs - ok 22:10:03.0752 0x11e4 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 22:10:03.0759 0x11e4 amdxata - ok 22:10:03.0764 0x11e4 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\WINDOWS\system32\drivers\appid.sys 22:10:03.0773 0x11e4 AppID - ok 22:10:03.0778 0x11e4 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 22:10:03.0792 0x11e4 AppIDSvc - ok 22:10:03.0797 0x11e4 [ 73FAA5517CCD1332F00192A303CF2026, 75636222BFF381A3EECA010752DF7DC1603A395B91FF7FBF92127B5CA8EFFEE5 ] Appinfo C:\WINDOWS\System32\appinfo.dll 22:10:03.0811 0x11e4 Appinfo - ok 22:10:03.0813 0x11e4 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\WINDOWS\system32\drivers\applockerfltr.sys 22:10:03.0828 0x11e4 applockerfltr - ok 22:10:03.0864 0x11e4 [ 21DC11DA29484AE026E536F2EA7E79E5, 6E17B679494CB293DE13DFA18F79A9DFAFEEBAAE41943F95B5E1AE0720A5CA26 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 22:10:03.0889 0x11e4 AppReadiness - ok 22:10:03.0924 0x11e4 [ 92397A07CDAD0CB73957A305F33DB634, 57EB4A105AFB6E020FA59E671F3441CF310764C8CCCBE28C870CE3EC033FE57A ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll 22:10:03.0985 0x11e4 AppXSvc - ok 22:10:03.0993 0x11e4 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 22:10:04.0002 0x11e4 arcsas - ok 22:10:04.0018 0x11e4 [ BBF8F831C7720DD5135D8C4C8325187A, 2630C68200D7BD49A5772830D6B369C0EC337C2558A9562DD564DF042249ECC0 ] asComSvc C:\Program Files (x86)\ASUS\AXSP\1.01.02\atkexComSvc.exe 22:10:04.0039 0x11e4 asComSvc - ok 22:10:04.0042 0x11e4 [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO C:\WINDOWS\syswow64\drivers\AsIO.sys 22:10:04.0046 0x11e4 AsIO - ok 22:10:04.0050 0x11e4 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\WINDOWS\System32\drivers\asyncmac.sys 22:10:04.0060 0x11e4 AsyncMac - ok 22:10:04.0091 0x11e4 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 22:10:04.0098 0x11e4 atapi - ok 22:10:04.0101 0x11e4 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\WINDOWS\system32\DRIVERS\btath_flt.sys 22:10:04.0107 0x11e4 AthBTPort - ok 22:10:04.0144 0x11e4 [ 8BCA409E11F511A527F373700F8B1765, BEA8FD936BE65B2064059E72099F9770CD80D59646BF82AC5ADC06DDAAD389D1 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe 22:10:04.0175 0x11e4 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 ) 22:10:04.0472 0x11e4 Detect skipped due to KSN trusted 22:10:04.0472 0x11e4 AtherosSvc - ok 22:10:04.0532 0x11e4 [ 835E2C1A3D32492E2B90BD4FE5527CB6, DE129E570C85EE8AAE8084B40F4E32766B4B789A2EED81E46311712B0826053D ] athr C:\WINDOWS\System32\drivers\athw8x.sys 22:10:04.0628 0x11e4 athr - ok 22:10:04.0638 0x11e4 [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll 22:10:04.0655 0x11e4 AudioEndpointBuilder - ok 22:10:04.0670 0x11e4 [ A0F7114A69A67316B9707F1809061F86, 3B501B6C9E48CD6DD38F2C9880BE9885E17D3477FFAD1207631CD9E31CD05B13 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 22:10:04.0701 0x11e4 Audiosrv - ok 22:10:04.0705 0x11e4 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 22:10:04.0717 0x11e4 AxInstSV - ok 22:10:04.0727 0x11e4 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 22:10:04.0743 0x11e4 b06bdrv - ok 22:10:04.0746 0x11e4 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys 22:10:04.0757 0x11e4 BasicDisplay - ok 22:10:04.0759 0x11e4 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 22:10:04.0768 0x11e4 BasicRender - ok 22:10:04.0772 0x11e4 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\WINDOWS\System32\drivers\bcmfn.sys 22:10:04.0780 0x11e4 bcmfn - ok 22:10:04.0782 0x11e4 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 22:10:04.0791 0x11e4 bcmfn2 - ok 22:10:04.0799 0x11e4 [ 2B4D3AEAAD02954F8C191BC2D67949AD, 8237C9AD556CFAF7442FF60F78608104BC17CE3134C89D986D49C38CC60B1518 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 22:10:04.0818 0x11e4 BDESVC - ok 22:10:04.0821 0x11e4 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\WINDOWS\system32\drivers\Beep.sys 22:10:04.0829 0x11e4 Beep - ok 22:10:04.0842 0x11e4 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\WINDOWS\System32\bfe.dll 22:10:04.0867 0x11e4 BFE - ok 22:10:04.0886 0x11e4 [ BFDCC935236AAEBA39CD3DE9BC2F73DA, C7511FAB014F20FBECA56A9BA5880DFD8F020B8A33A7A30B12DBE961640F3FC9 ] BITS C:\WINDOWS\System32\qmgr.dll 22:10:04.0925 0x11e4 BITS - ok 22:10:04.0935 0x11e4 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe 22:10:04.0946 0x11e4 Bonjour Service - ok 22:10:04.0950 0x11e4 [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 22:10:04.0960 0x11e4 bowser - ok 22:10:04.0973 0x11e4 [ BD33624B1F5C35F519E87B53DBC30B34, 3EFE680D7E9FCD89492DCF4E53980D01FC92DC1F63935DF16429B66DCA2AA865 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 22:10:05.0001 0x11e4 BrokerInfrastructure - ok 22:10:05.0006 0x11e4 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\WINDOWS\System32\browser.dll 22:10:05.0018 0x11e4 Browser - ok 22:10:05.0028 0x11e4 [ DF2AE7DE73DBBE108180342E1DB9DACD, 3B0393EEB95372602A5790F845E458B15CEC6A3446CB692E6A6D5411F58FF234 ] BstHdAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Service.exe 22:10:05.0053 0x11e4 BstHdAndroidSvc - ok 22:10:05.0057 0x11e4 [ 855D36E349031B829B91CE642B71AF7B, AAD3F753421E880297C879A29D004E0BDB320BF226577BD0CE5F6EC1BF8DC10B ] BstHdDrv C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys 22:10:05.0063 0x11e4 BstHdDrv - ok 22:10:05.0071 0x11e4 [ 3440E75ED7E9471A12B1121E155CB997, 58D0247A99A0E75E270BAFD644C9C89160AAAC16C06BF6245B75D16C60897B4A ] BstHdLogRotatorSvc C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe 22:10:05.0095 0x11e4 BstHdLogRotatorSvc - ok 22:10:05.0103 0x11e4 [ 37CB830E8A4966B9DBB910045E966841, 372065B75C4864347E460C66965E4980B3FB0AF02B8CF72ED63F0410FA1C0AD4 ] BstHdPlusAndroidSvc C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe 22:10:05.0128 0x11e4 BstHdPlusAndroidSvc - ok 22:10:05.0143 0x11e4 [ 6015629BDB5A96D8E6459BE714774739, 97C5FD8C20F252FD20E270587A9819756B87B7BC35E8EBBC9F8E7BE0C8CFF1D7 ] BstHdUpdaterSvc C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe 22:10:05.0182 0x11e4 BstHdUpdaterSvc - ok 22:10:05.0188 0x11e4 [ B6FC31F187DA42B7F3AB036030F82426, 0899A947589DD98B3169C54C3715E16731C2FF38CD159C55028C20741CB58E5E ] BstkDrv C:\Program Files (x86)\BlueStacks\BstkDrv.sys 22:10:05.0196 0x11e4 BstkDrv - ok 22:10:05.0203 0x11e4 [ BCDB654338FA6C4BEE20A8EA47092171, CE0408F126F23E8C51CE59F3A56B41C78AB8918512FB9866F055077E5428EA37 ] BTATH_A2DP C:\WINDOWS\system32\drivers\btath_a2dp.sys 22:10:05.0212 0x11e4 BTATH_A2DP - ok 22:10:05.0217 0x11e4 [ A71E33AEF3289BE2BA6CAD032BF9BFBA, A390F0BAC83143489F7191E4595973D8E1EA6CDF0937B4A441848CF7345C8808 ] btath_avdt C:\WINDOWS\system32\drivers\btath_avdt.sys 22:10:05.0222 0x11e4 btath_avdt - ok 22:10:05.0226 0x11e4 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\WINDOWS\System32\drivers\btath_bus.sys 22:10:05.0230 0x11e4 BTATH_BUS - ok 22:10:05.0235 0x11e4 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\WINDOWS\System32\drivers\btath_hcrp.sys 22:10:05.0241 0x11e4 BTATH_HCRP - ok 22:10:05.0245 0x11e4 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys 22:10:05.0249 0x11e4 BTATH_LWFLT - ok 22:10:05.0253 0x11e4 [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP C:\WINDOWS\System32\drivers\btath_rcp.sys 22:10:05.0259 0x11e4 BTATH_RCP - ok 22:10:05.0270 0x11e4 [ C8BF11D79B29BB23A461B65B58BA8593, 35AFAD5ED40304976287E6C982085DF7A91FF48F0320DAC32370FA039AA03C69 ] BtFilter C:\WINDOWS\system32\DRIVERS\btfilter.sys 22:10:05.0286 0x11e4 BtFilter - ok 22:10:05.0289 0x11e4 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 22:10:05.0298 0x11e4 BthAvrcpTg - ok 22:10:05.0303 0x11e4 [ 77630A51FAF6A07922FEE835F4DED8F6, E096A9DC12885FD19575346A9693A66D0DDFF96C3155AD2040F2BF4249D1D609 ] BthEnum C:\WINDOWS\system32\DRIVERS\BthEnum.sys 22:10:05.0322 0x11e4 BthEnum - ok 22:10:05.0325 0x11e4 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 22:10:05.0334 0x11e4 BthHFEnum - ok 22:10:05.0337 0x11e4 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 22:10:05.0345 0x11e4 bthhfhid - ok 22:10:05.0352 0x11e4 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\WINDOWS\System32\BthHFSrv.dll 22:10:05.0367 0x11e4 BthHFSrv - ok 22:10:05.0373 0x11e4 [ 0AB691736D4D4029444AF62DE59CFD37, C1C22EFBF67331B87AB261BBF9813009257437BA02F728EC2DFA1A49ECC5FABF ] BthLEEnum C:\WINDOWS\System32\drivers\BthLEEnum.sys 22:10:05.0392 0x11e4 BthLEEnum - ok 22:10:05.0396 0x11e4 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 22:10:05.0405 0x11e4 BTHMODEM - ok 22:10:05.0409 0x11e4 [ D2A121586B660311B09964D2A6DDF864, 539953D953D40014366918BB38FADD3F21417EF8ADA532E1ABD1824949B952D4 ] BthPan C:\WINDOWS\System32\drivers\bthpan.sys 22:10:05.0419 0x11e4 BthPan - ok 22:10:05.0435 0x11e4 [ 7A167521DC7A190B2FC37D6AB660CBF1, 627E41713C3A381525327EA42FFE2EFDD35A0FFDD3C44FE9DB45258B1474EB3B ] BTHPORT C:\WINDOWS\System32\drivers\BTHport.sys 22:10:05.0469 0x11e4 BTHPORT - ok 22:10:05.0475 0x11e4 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\WINDOWS\system32\bthserv.dll 22:10:05.0488 0x11e4 bthserv - ok 22:10:05.0491 0x11e4 [ DC5955E589C55E2313D69B64E1A183F3, 06D703246D0813DE53D62885C8B7381135783673FF4BDDD5CC38FEB54901BB76 ] BTHUSB C:\WINDOWS\System32\drivers\BTHUSB.sys 22:10:05.0507 0x11e4 BTHUSB - ok 22:10:05.0511 0x11e4 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\WINDOWS\System32\drivers\buttonconverter.sys 22:10:05.0521 0x11e4 buttonconverter - ok 22:10:05.0525 0x11e4 [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg C:\WINDOWS\System32\drivers\capimg.sys 22:10:05.0535 0x11e4 CapImg - ok 22:10:05.0539 0x11e4 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 22:10:05.0550 0x11e4 cdfs - ok 22:10:05.0558 0x11e4 [ 2439A82EC0BB421FA2B21E0A1C6C997F, 1B1DF0B628BE796E046DBC5597DB09681DA1785A148F2FBEC96F3AE45AA0ECB2 ] CDPSvc C:\WINDOWS\System32\CDPSvc.dll 22:10:05.0577 0x11e4 CDPSvc - ok 22:10:05.0585 0x11e4 [ 4279D54DD2273B06EEAD7006D6938813, 7DB1BC3424A72978375B9DE26103104213F3645DE0AD748EF431A2C858FAC1E1 ] CDPUserSvc C:\WINDOWS\System32\CDPUserSvc.dll 22:10:05.0601 0x11e4 CDPUserSvc - ok 22:10:05.0607 0x11e4 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 22:10:05.0618 0x11e4 cdrom - ok 22:10:05.0624 0x11e4 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 22:10:05.0637 0x11e4 CertPropSvc - ok 22:10:05.0644 0x11e4 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\WINDOWS\system32\drivers\cht4sx64.sys 22:10:05.0656 0x11e4 cht4iscsi - ok 22:10:05.0687 0x11e4 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\WINDOWS\System32\drivers\cht4vx64.sys 22:10:05.0730 0x11e4 cht4vbd - ok 22:10:05.0734 0x11e4 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 22:10:05.0743 0x11e4 circlass - ok 22:10:05.0750 0x11e4 [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 22:10:05.0764 0x11e4 CLFS - ok 22:10:05.0776 0x11e4 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\WINDOWS\System32\ClipSVC.dll 22:10:05.0796 0x11e4 ClipSVC - ok 22:10:05.0800 0x11e4 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\WINDOWS\System32\drivers\registry.sys 22:10:05.0810 0x11e4 clreg - ok 22:10:05.0816 0x11e4 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 22:10:05.0824 0x11e4 CmBatt - ok 22:10:05.0876 0x11e4 [ BC52C29F562125AE078B95A7C7158909, 5FFFAC73D38BAF94B6A8917D97373BD89BEAD89149E7F4ACD8EBB41DE2F47BD7 ] CMUSBDAC C:\WINDOWS\system32\DRIVERS\CMUSBDAC.sys 22:10:05.0956 0x11e4 CMUSBDAC - ok 22:10:05.0971 0x11e4 [ 3E502EB1701CF54CF237B6250FBE38EA, E63F6F45D3990ACBCA96003F67C83697BA5B74B89F972C5E9CC45F90D05519FF ] CNG C:\WINDOWS\system32\Drivers\cng.sys 22:10:05.0989 0x11e4 CNG - ok 22:10:05.0992 0x11e4 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys 22:10:05.0999 0x11e4 cnghwassist - ok 22:10:06.0009 0x11e4 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys 22:10:06.0018 0x11e4 CompositeBus - ok 22:10:06.0020 0x11e4 COMSysApp - ok 22:10:06.0023 0x11e4 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\WINDOWS\system32\drivers\condrv.sys 22:10:06.0030 0x11e4 condrv - ok 22:10:06.0043 0x11e4 [ 03DCC01047713690E312B013C60881AE, B98174222DDFDA2A31BAC4795D99FA07D1D03107ABDB27BF5069FAFBBF00D278 ] CoreMessagingRegistrar C:\WINDOWS\system32\coremessaging.dll 22:10:06.0062 0x11e4 CoreMessagingRegistrar - ok 22:10:06.0068 0x11e4 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 22:10:06.0080 0x11e4 CryptSvc - ok 22:10:06.0083 0x11e4 [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam C:\WINDOWS\system32\drivers\dam.sys 22:10:06.0090 0x11e4 dam - ok 22:10:06.0106 0x11e4 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 22:10:06.0133 0x11e4 DcomLaunch - ok 22:10:06.0138 0x11e4 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\WINDOWS\system32\dcpsvc.dll 22:10:06.0154 0x11e4 DcpSvc - ok 22:10:06.0163 0x11e4 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 22:10:06.0186 0x11e4 defragsvc - ok 22:10:06.0196 0x11e4 [ DD74F18227ACC837D9856E24282D446D, 6A760E44CD897952538CDFA8895FE11263D51AAA79CFF24C01F3862E919DA478 ] DeviceAssociationService C:\WINDOWS\system32\das.dll 22:10:06.0225 0x11e4 DeviceAssociationService - ok 22:10:06.0229 0x11e4 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 22:10:06.0243 0x11e4 DeviceInstall - ok 22:10:06.0247 0x11e4 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\WINDOWS\system32\DevQueryBroker.dll 22:10:06.0256 0x11e4 DevQueryBroker - ok 22:10:06.0261 0x11e4 [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 22:10:06.0272 0x11e4 Dfsc - ok 22:10:06.0276 0x11e4 [ 9593475FBC857A05D93BFF4FA7323C2B, D2A958AF5EFDC6136A6ABB7F8D5FE1F84C967E79BEA96C5BE3661A0145DEB907 ] dg_ssudbus C:\WINDOWS\system32\DRIVERS\ssudbus.sys 22:10:06.0283 0x11e4 dg_ssudbus - ok 22:10:06.0291 0x11e4 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 22:10:06.0307 0x11e4 Dhcp - ok 22:10:06.0312 0x11e4 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe 22:10:06.0322 0x11e4 diagnosticshub.standardcollector.service - ok 22:10:06.0351 0x11e4 [ E866C3B273EC6AD4F9EB493A8293BDF8, B1B1B609E4488C8A4CB874618A3554E60FA0B562B5040AA7E4A954181B4ACE98 ] DiagTrack C:\WINDOWS\system32\diagtrack.dll 22:10:06.0404 0x11e4 DiagTrack - ok 22:10:06.0411 0x11e4 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\WINDOWS\system32\drivers\disk.sys 22:10:06.0419 0x11e4 disk - ok 22:10:06.0428 0x11e4 [ 44A5CAF4E736BCD4360015BB3B841179, 8CD74620C3E163FF998CA8C09A999FED5C9EFDC88D07493192A57032D18CA973 ] DmEnrollmentSvc C:\WINDOWS\system32\Windows.Internal.Management.dll 22:10:06.0448 0x11e4 DmEnrollmentSvc - ok 22:10:06.0452 0x11e4 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 22:10:06.0479 0x11e4 dmvsc - ok 22:10:06.0483 0x11e4 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\WINDOWS\system32\dmwappushsvc.dll 22:10:06.0504 0x11e4 dmwappushservice - ok 22:10:06.0511 0x11e4 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 22:10:06.0532 0x11e4 Dnscache - ok 22:10:06.0540 0x11e4 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\WINDOWS\System32\dot3svc.dll 22:10:06.0557 0x11e4 dot3svc - ok 22:10:06.0562 0x11e4 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\WINDOWS\system32\dps.dll 22:10:06.0576 0x11e4 DPS - ok 22:10:06.0580 0x11e4 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\WINDOWS\system32\DRIVERS\drmkaud.sys 22:10:06.0586 0x11e4 drmkaud - ok 22:10:06.0593 0x11e4 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 22:10:06.0612 0x11e4 DsmSvc - ok 22:10:06.0617 0x11e4 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\WINDOWS\System32\DsSvc.dll 22:10:06.0631 0x11e4 DsSvc - ok 22:10:06.0638 0x11e4 [ 6688B6F74C360CBC366B7AF948D9084D, 9ED4BEEB5E53D1BA9095D1C3F680FCB9FD8389C4AD7BE388786AC3CECC7EC98A ] DTSAudioSvc C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe 22:10:06.0669 0x11e4 DTSAudioSvc - ok 22:10:06.0709 0x11e4 [ D2EC2AD9C2F514AEECD5EC2B46107228, 478B9119285730D41929E4C3773A67C4DC3C5FE598728509ADFB933C1E259C7A ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 22:10:06.0749 0x11e4 DXGKrnl - ok 22:10:06.0761 0x11e4 [ 83E4A14F851341C933C3235BFB882ECA, 152EDEF6B566D010FE519FE4B046050A5281069B48AFF8A2395D7D2BD0519701 ] e1iexpress C:\WINDOWS\System32\drivers\e1i63x64.sys 22:10:06.0781 0x11e4 e1iexpress - ok 22:10:06.0785 0x11e4 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\WINDOWS\System32\eapsvc.dll 22:10:06.0799 0x11e4 EapHost - ok 22:10:06.0846 0x11e4 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 22:10:06.0915 0x11e4 ebdrv - ok 22:10:06.0922 0x11e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] EFS C:\WINDOWS\System32\lsass.exe 22:10:06.0929 0x11e4 EFS - ok 22:10:06.0933 0x11e4 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 22:10:06.0941 0x11e4 EhStorClass - ok 22:10:06.0945 0x11e4 [ 2A9817B5A9260D8F60D52E36BEF10443, AC1A0203221AFAF584C71317FA07AA1B6E61BE619E918B3B1E4AD57CCED1CF03 ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys 22:10:06.0954 0x11e4 EhStorTcgDrv - ok 22:10:06.0958 0x11e4 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\WINDOWS\System32\embeddedmodesvc.dll 22:10:06.0971 0x11e4 embeddedmode - ok 22:10:06.0977 0x11e4 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll 22:10:06.0996 0x11e4 EntAppSvc - ok 22:10:06.0998 0x11e4 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 22:10:07.0007 0x11e4 ErrDev - ok 22:10:07.0017 0x11e4 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\WINDOWS\system32\es.dll 22:10:07.0035 0x11e4 EventSystem - ok 22:10:07.0042 0x11e4 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\WINDOWS\system32\drivers\exfat.sys 22:10:07.0058 0x11e4 exfat - ok 22:10:07.0066 0x11e4 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 22:10:07.0077 0x11e4 fastfat - ok 22:10:07.0090 0x11e4 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\WINDOWS\system32\fxssvc.exe 22:10:07.0113 0x11e4 Fax - ok 22:10:07.0116 0x11e4 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 22:10:07.0125 0x11e4 fdc - ok 22:10:07.0127 0x11e4 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\WINDOWS\system32\fdPHost.dll 22:10:07.0139 0x11e4 fdPHost - ok 22:10:07.0142 0x11e4 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\WINDOWS\system32\fdrespub.dll 22:10:07.0152 0x11e4 FDResPub - ok 22:10:07.0156 0x11e4 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\WINDOWS\system32\fhsvc.dll 22:10:07.0169 0x11e4 fhsvc - ok 22:10:07.0173 0x11e4 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\WINDOWS\system32\drivers\filecrypt.sys 22:10:07.0183 0x11e4 FileCrypt - ok 22:10:07.0187 0x11e4 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 22:10:07.0194 0x11e4 FileInfo - ok 22:10:07.0197 0x11e4 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 22:10:07.0208 0x11e4 Filetrace - ok 22:10:07.0211 0x11e4 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 22:10:07.0220 0x11e4 flpydisk - ok 22:10:07.0228 0x11e4 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 22:10:07.0240 0x11e4 FltMgr - ok 22:10:07.0268 0x11e4 [ 08B4B6F99095070EDAB121137C9E2D8B, 3A3ED4FC3B4F14C5666BB507AE7EE5539E2D8D00A0C2EB1AA04E224934DE9F4B ] FontCache C:\WINDOWS\system32\FntCache.dll 22:10:07.0318 0x11e4 FontCache - ok 22:10:07.0324 0x11e4 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe 22:10:07.0331 0x11e4 FontCache3.0.0.0 - ok 22:10:07.0344 0x11e4 [ 136D6E6AC155A8347E5DC9FE39D3735A, ABD488075EAE2D2B7974EA6441615A9EDFF25B6B6C96BFD64EE70A15510C67B4 ] FrameServer C:\WINDOWS\system32\FrameServer.dll 22:10:07.0371 0x11e4 FrameServer - ok 22:10:07.0375 0x11e4 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 22:10:07.0382 0x11e4 FsDepends - ok 22:10:07.0385 0x11e4 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 22:10:07.0392 0x11e4 Fs_Rec - ok 22:10:07.0403 0x11e4 [ 8EEC4925C03E375C4EC496E45C44139A, 06C5C7BCC28D3E435675F0759A09CAB726E971DF4BFC1DC3DCF503EABCDCCCC6 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 22:10:07.0420 0x11e4 fvevol - ok 22:10:07.0424 0x11e4 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys 22:10:07.0433 0x11e4 gencounter - ok 22:10:07.0435 0x11e4 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\WINDOWS\System32\drivers\genericusbfn.sys 22:10:07.0444 0x11e4 genericusbfn - ok 22:10:07.0462 0x11e4 [ C6E1E9A45C8BCFD073148B6A6B038C69, EB421C687BC3A3CF97685AA598EF0C671AA74DC801185D4E3C197C1B5B24EE02 ] GfExperienceService C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe 22:10:07.0482 0x11e4 GfExperienceService - ok 22:10:07.0488 0x11e4 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 22:10:07.0497 0x11e4 GPIOClx0101 - ok 22:10:07.0516 0x11e4 [ 713A176494CEC107E663CAD6C2B27F77, 76871D8CFBA8FCD8CFF96208AE84C658EBEC60270D978898B90EE9451AA1BCE1 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 22:10:07.0551 0x11e4 gpsvc - ok 22:10:07.0554 0x11e4 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\WINDOWS\system32\drivers\gpuenergydrv.sys 22:10:07.0563 0x11e4 GpuEnergyDrv - ok 22:10:07.0571 0x11e4 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\WINDOWS\system32\DRIVERS\HdAudio.sys 22:10:07.0597 0x11e4 HdAudAddService - ok 22:10:07.0600 0x11e4 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 22:10:07.0610 0x11e4 HDAudBus - ok 22:10:07.0613 0x11e4 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 22:10:07.0619 0x11e4 HidBatt - ok 22:10:07.0624 0x11e4 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 22:10:07.0634 0x11e4 HidBth - ok 22:10:07.0638 0x11e4 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 22:10:07.0645 0x11e4 hidi2c - ok 22:10:07.0648 0x11e4 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\WINDOWS\System32\drivers\hidinterrupt.sys 22:10:07.0655 0x11e4 hidinterrupt - ok 22:10:07.0658 0x11e4 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 22:10:07.0667 0x11e4 HidIr - ok 22:10:07.0671 0x11e4 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\WINDOWS\system32\hidserv.dll 22:10:07.0680 0x11e4 hidserv - ok 22:10:07.0683 0x11e4 [ D8536CB438CC4CCDAE047B768EED22B2, 4F666BFA3554F9ACA6B9D436BFA64474D5F30FB3E78F4E66068CCDF283D9867F ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 22:10:07.0701 0x11e4 HidUsb - ok 22:10:07.0708 0x11e4 [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 22:10:07.0723 0x11e4 HomeGroupListener - ok 22:10:07.0731 0x11e4 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 22:10:07.0749 0x11e4 HomeGroupProvider - ok 22:10:07.0752 0x11e4 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 22:10:07.0759 0x11e4 HpSAMD - ok 22:10:07.0776 0x11e4 [ BAFD8946905DF03E6ECDDB154A4BAA9C, FAD178FAFA5760132F3A9FC862C2726B337CA0CE1D66EA819CB5AFEB2D664618 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 22:10:07.0798 0x11e4 HTTP - ok 22:10:07.0802 0x11e4 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\WINDOWS\System32\hvhostsvc.dll 22:10:07.0812 0x11e4 HvHost - ok 22:10:07.0815 0x11e4 [ 74FC79C52395B10FFD0B55CF22CF88FC, 94D977DA2092EE8C2A598AC48758A84BB22CB6378BD114C2D3B4172A07A9CACC ] hvservice C:\WINDOWS\system32\drivers\hvservice.sys 22:10:07.0823 0x11e4 hvservice - ok 22:10:07.0826 0x11e4 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 22:10:07.0832 0x11e4 hwpolicy - ok 22:10:07.0834 0x11e4 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 22:10:07.0842 0x11e4 hyperkbd - ok 22:10:07.0847 0x11e4 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 22:10:07.0858 0x11e4 i8042prt - ok 22:10:07.0861 0x11e4 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\WINDOWS\System32\drivers\iagpio.sys 22:10:07.0868 0x11e4 iagpio - ok 22:10:07.0872 0x11e4 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\WINDOWS\System32\drivers\iai2c.sys 22:10:07.0881 0x11e4 iai2c - ok 22:10:07.0884 0x11e4 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys 22:10:07.0893 0x11e4 iaLPSS2i_GPIO2 - ok 22:10:07.0898 0x11e4 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys 22:10:07.0906 0x11e4 iaLPSS2i_I2C - ok 22:10:07.0909 0x11e4 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys 22:10:07.0914 0x11e4 iaLPSSi_GPIO - ok 22:10:07.0918 0x11e4 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 22:10:07.0928 0x11e4 iaLPSSi_I2C - ok 22:10:07.0940 0x11e4 [ FA4C48E36F0B24E7E33D3E7E1844B9C9, F61F448B8E305DEFDDA5D4A6FC4E57C798C11ED4DA0ACB885847DC8A9A7B4E98 ] iaStorA C:\WINDOWS\system32\drivers\iaStorA.sys 22:10:07.0953 0x11e4 iaStorA - ok 22:10:07.0965 0x11e4 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 22:10:07.0984 0x11e4 iaStorAV - ok 22:10:07.0987 0x11e4 [ D5854F77CEEAFC5A8405F8ECCBEC09DF, 06D94EAF55787F807FB40E95011E90B0A719AC1A1529C2C110C1EABC5BE02C5B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe 22:10:07.0991 0x11e4 IAStorDataMgrSvc - ok 22:10:07.0999 0x11e4 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 22:10:08.0013 0x11e4 iaStorV - ok 22:10:08.0023 0x11e4 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\WINDOWS\System32\drivers\ibbus.sys 22:10:08.0040 0x11e4 ibbus - ok 22:10:08.0044 0x11e4 [ C1010ADD3DDAE1196ED21057AF7B2AAE, 68196851855AD395008D7F29FCEB28BA4BEB1F062B1844A60813E7DD102ACB1C ] ICCWDT C:\WINDOWS\System32\drivers\ICCWDT.sys 22:10:08.0048 0x11e4 ICCWDT - ok 22:10:08.0053 0x11e4 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\WINDOWS\System32\tetheringservice.dll 22:10:08.0067 0x11e4 icssvc - ok 22:10:08.0082 0x11e4 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\WINDOWS\System32\ikeext.dll 22:10:08.0111 0x11e4 IKEEXT - ok 22:10:08.0114 0x11e4 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\WINDOWS\System32\drivers\IndirectKmd.sys 22:10:08.0123 0x11e4 IndirectKmd - ok 22:10:08.0193 0x11e4 [ 3A2D6740F51BE48C0FD01AD907329DEE, 4FD899CD6E3B3D5C9803E52CB72F002B6CFC144D524FAF6845CF6D115EC6E059 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys 22:10:08.0259 0x11e4 IntcAzAudAddService - ok 22:10:08.0277 0x11e4 [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe 22:10:08.0772 0x11e4 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 ) 22:10:08.0976 0x11e4 Detect skipped due to KSN trusted 22:10:08.0976 0x11e4 Intel(R) Capability Licensing Service Interface - ok 22:10:08.0991 0x11e4 [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe 22:10:09.0505 0x11e4 Intel(R) Capability Licensing Service TCP IP Interface - ok 22:10:09.0511 0x11e4 [ EA83415296F905D11651B9AF26FB7EBD, 0A37449E8EF0190A088720EE727EA46B7E8BE376801C4EBC8173A012B2A476FD ] Intel(R) PROSet Monitoring Service C:\Windows\system32\IProsetMonitor.exe 22:10:09.0518 0x11e4 Intel(R) PROSet Monitoring Service - ok 22:10:09.0521 0x11e4 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\WINDOWS\system32\drivers\intelide.sys 22:10:09.0527 0x11e4 intelide - ok 22:10:09.0530 0x11e4 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 22:10:09.0537 0x11e4 intelpep - ok 22:10:09.0541 0x11e4 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 22:10:09.0551 0x11e4 intelppm - ok 22:10:09.0554 0x11e4 [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate C:\WINDOWS\system32\drivers\iorate.sys 22:10:09.0561 0x11e4 iorate - ok 22:10:09.0565 0x11e4 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 22:10:09.0575 0x11e4 IpFilterDriver - ok 22:10:09.0591 0x11e4 [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 22:10:09.0619 0x11e4 iphlpsvc - ok 22:10:09.0624 0x11e4 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 22:10:09.0631 0x11e4 IPMIDRV - ok 22:10:09.0637 0x11e4 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 22:10:09.0649 0x11e4 IPNAT - ok 22:10:09.0653 0x11e4 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\WINDOWS\system32\drivers\irda.sys 22:10:09.0664 0x11e4 irda - ok 22:10:09.0667 0x11e4 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 22:10:09.0676 0x11e4 IRENUM - ok 22:10:09.0679 0x11e4 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\WINDOWS\System32\irmon.dll 22:10:09.0688 0x11e4 irmon - ok 22:10:09.0690 0x11e4 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 22:10:09.0697 0x11e4 isapnp - ok 22:10:09.0703 0x11e4 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 22:10:09.0714 0x11e4 iScsiPrt - ok 22:10:09.0720 0x11e4 [ BF5D3A2624177C413680DEF19A465AF8, B9909D3E6CB6F9971293116387865AD15CB9D47513C7FAA9C36BE4D2847A41EB ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe 22:10:09.0726 0x11e4 jhi_service - ok 22:10:09.0730 0x11e4 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 22:10:09.0737 0x11e4 kbdclass - ok 22:10:09.0740 0x11e4 [ 0B779E9FC426CA2268D28181FA6C222F, 83292023A688C3044D096F22242EB954B7F7511BE8341D45FF0AFBD9CB9BCB4E ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 22:10:09.0757 0x11e4 kbdhid - ok 22:10:09.0760 0x11e4 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\WINDOWS\System32\drivers\kdnic.sys 22:10:09.0769 0x11e4 kdnic - ok 22:10:09.0773 0x11e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] KeyIso C:\WINDOWS\system32\lsass.exe 22:10:09.0780 0x11e4 KeyIso - ok 22:10:09.0784 0x11e4 [ 705C0F8BCCEF6E7CB704CCB454192D7E, FC608C708E2C3BF7A66E57B95E19E71E5F5C87EF359D8BC1A817500B45DF9338 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 22:10:09.0794 0x11e4 KSecDD - ok 22:10:09.0799 0x11e4 [ 55AD13E2BAFC5AB53A10F8C271F5D242, 058BEF14DCB95574BCAB985F04737BA89483937E8D8A74F7B4CEAFB7400C2397 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 22:10:09.0808 0x11e4 KSecPkg - ok 22:10:09.0810 0x11e4 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 22:10:09.0822 0x11e4 ksthunk - ok 22:10:09.0830 0x11e4 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 22:10:09.0847 0x11e4 KtmRm - ok 22:10:09.0854 0x11e4 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 22:10:09.0869 0x11e4 LanmanServer - ok 22:10:09.0876 0x11e4 [ B581907FD94F1FF148BF695331F67612, 05D1FFA456557A291566D788B8DE2485552E361EC3C0F63EA1A710BE940A5398 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 22:10:09.0894 0x11e4 LanmanWorkstation - ok 22:10:09.0898 0x11e4 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\WINDOWS\System32\lfsvc.dll 22:10:09.0907 0x11e4 lfsvc - ok 22:10:09.0910 0x11e4 [ A6F294B38F3DFB67D6B6E1D1E60A402A, 11C51B35DB2A3510258F3B722C12326BF068360CFA1E81FF552BA0BD19DE38E8 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys 22:10:09.0915 0x11e4 LGBusEnum - ok 22:10:09.0918 0x11e4 [ 2D7F1C02B94D6F0F3E10107E5EA8E141, 93B266F38C3C3EAAB475D81597ABBD7CC07943035068BB6FD670DBBE15DE0131 ] LGCoreTemp C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys 22:10:09.0922 0x11e4 LGCoreTemp - ok 22:10:09.0925 0x11e4 [ 2A9F60E6531F42B31874618743037719, BFD61AD03ADEF69421ECB07820EDB79D425048EC01A65A0D1E8A4527699196DC ] LGJoyXlCore C:\WINDOWS\system32\drivers\LGJoyXlCore.sys 22:10:09.0930 0x11e4 LGJoyXlCore - ok 22:10:09.0934 0x11e4 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys 22:10:09.0938 0x11e4 LGSHidFilt - ok 22:10:09.0941 0x11e4 [ FA59A7421049F5852C1182345A4B8C4F, 6E7DFBF8382187E01CA0AE9CB7A175B563DA6807909A8A7E67779C045F290A06 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys 22:10:09.0946 0x11e4 LGVirHid - ok 22:10:09.0949 0x11e4 [ 5A23E4BE0CCF49663C4CF7EB74C20278, 9DF91014B13B7CED1C3D409F90858FD03EFC5C4347C98901B4DF0AFF2B77845D ] LicenseManager C:\WINDOWS\system32\LicenseManagerSvc.dll 22:10:09.0977 0x11e4 LicenseManager - ok 22:10:09.0980 0x11e4 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\WINDOWS\system32\drivers\lltdio.sys 22:10:09.0989 0x11e4 lltdio - ok 22:10:09.0996 0x11e4 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 22:10:10.0010 0x11e4 lltdsvc - ok 22:10:10.0013 0x11e4 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 22:10:10.0023 0x11e4 lmhosts - ok 22:10:10.0030 0x11e4 [ 3EA307C51069BC72DD74A4964F2A30A9, EB8F9C936AE43B7E31CB6C46F76FB918509D529E897C0E82B865A2854458996A ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe 22:10:10.0039 0x11e4 LMS - ok 22:10:10.0044 0x11e4 [ 102E0AA783836F31D44212D2F2BCC0AB, 95E948EDD4EBC5ABB42481FD3A98BBE9797AAB1753AF88EAD213FC6526BDC58A ] LogiRegistryService C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe 22:10:10.0051 0x11e4 LogiRegistryService - ok 22:10:10.0055 0x11e4 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 22:10:10.0064 0x11e4 LSI_SAS - ok 22:10:10.0068 0x11e4 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\WINDOWS\system32\drivers\lsi_sas2i.sys 22:10:10.0075 0x11e4 LSI_SAS2i - ok 22:10:10.0079 0x11e4 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\WINDOWS\system32\drivers\lsi_sas3i.sys 22:10:10.0087 0x11e4 LSI_SAS3i - ok 22:10:10.0091 0x11e4 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 22:10:10.0098 0x11e4 LSI_SSS - ok 22:10:10.0110 0x11e4 [ 06276381A0797FD417E7068C1210FA06, 204144E9792216F952CED869ECB6B26FB466BF730B8A73FA4799B1EBC1A630AB ] LSM C:\WINDOWS\System32\lsm.dll 22:10:10.0135 0x11e4 LSM - ok 22:10:10.0139 0x11e4 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 22:10:10.0151 0x11e4 luafv - ok 22:10:10.0158 0x11e4 [ A0A527569856B9814E8920F52EBB67F5, 4347277C84B47E4CC048850BDEFB258CFB3B476AA99FD503FD71FBB70FFF5ACF ] lvrs64 C:\WINDOWS\system32\DRIVERS\lvrs64.sys 22:10:10.0167 0x11e4 lvrs64 - ok 22:10:10.0243 0x11e4 [ 415E344294D1C0D04627B29146F68481, B4A1A05BDF07E8F226A98E51F62BE18BE2C046A084C495BD8A95CABC79FD0614 ] LVUVC64 C:\WINDOWS\system32\DRIVERS\lvuvc64.sys 22:10:10.0310 0x11e4 LVUVC64 - ok 22:10:10.0318 0x11e4 [ ED5B42D75F3DEE93040B3930DA9F3009, E919DA20E46FE1C81CB76090B799DD858DD4771DB0EBDE4545DB4681A0AFFE8E ] MapsBroker C:\WINDOWS\System32\moshost.dll 22:10:10.0338 0x11e4 MapsBroker - ok 22:10:10.0341 0x11e4 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\WINDOWS\system32\drivers\megasas.sys 22:10:10.0348 0x11e4 megasas - ok 22:10:10.0359 0x11e4 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\WINDOWS\system32\drivers\megasr.sys 22:10:10.0375 0x11e4 megasr - ok 22:10:10.0380 0x11e4 [ 84178491109A97D0A0CFF0840A644CD9, B822A9F7C9623764430435DBCE1380386D0A0D9784779DDD3A7A2E59FC29AFF6 ] MEIx64 C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys 22:10:10.0403 0x11e4 MEIx64 - ok 22:10:10.0424 0x11e4 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\WINDOWS\System32\MessagingService.dll 22:10:10.0433 0x11e4 MessagingService - ok 22:10:10.0448 0x11e4 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\WINDOWS\System32\drivers\mlx4_bus.sys 22:10:10.0471 0x11e4 mlx4_bus - ok 22:10:10.0476 0x11e4 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\WINDOWS\system32\drivers\mmcss.sys 22:10:10.0485 0x11e4 MMCSS - ok 22:10:10.0488 0x11e4 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\WINDOWS\system32\drivers\modem.sys 22:10:10.0496 0x11e4 Modem - ok 22:10:10.0499 0x11e4 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\WINDOWS\System32\drivers\monitor.sys 22:10:10.0508 0x11e4 monitor - ok 22:10:10.0511 0x11e4 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 22:10:10.0518 0x11e4 mouclass - ok 22:10:10.0522 0x11e4 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 22:10:10.0537 0x11e4 mouhid - ok 22:10:10.0541 0x11e4 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 22:10:10.0549 0x11e4 mountmgr - ok 22:10:10.0552 0x11e4 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 22:10:10.0562 0x11e4 mpsdrv - ok 22:10:10.0576 0x11e4 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 22:10:10.0604 0x11e4 MpsSvc - ok 22:10:10.0609 0x11e4 [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 22:10:10.0622 0x11e4 MRxDAV - ok 22:10:10.0631 0x11e4 [ E671EDAB0726E05ECEF4058B4CD73C4D, 9F4C50E635CE2204E3291C8D3D7F658A969E80722B8B6F0304228D9B434C20EA ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 22:10:10.0644 0x11e4 mrxsmb - ok 22:10:10.0650 0x11e4 [ 200E4A385F5F370D8866BAE25B0D9D32, 114AD45000A0C74EAE26C3075BBFEF80B9386C69D58CE4436CAFCF13613EAEFA ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 22:10:10.0674 0x11e4 mrxsmb10 - ok 22:10:10.0680 0x11e4 [ F7C22604CD8AFB9AF1C1E3CE39A5A09F, 3F7B39336F8A72525C667D45C9300CA6D017BDE17A6E23EF794BA59D2F3C78F3 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 22:10:10.0690 0x11e4 mrxsmb20 - ok 22:10:10.0694 0x11e4 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\WINDOWS\system32\drivers\bridge.sys 22:10:10.0705 0x11e4 MsBridge - ok 22:10:10.0710 0x11e4 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\WINDOWS\System32\msdtc.exe 22:10:10.0721 0x11e4 MSDTC - ok 22:10:10.0726 0x11e4 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 22:10:10.0735 0x11e4 Msfs - ok 22:10:10.0739 0x11e4 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 22:10:10.0746 0x11e4 msgpiowin32 - ok 22:10:10.0748 0x11e4 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 22:10:10.0757 0x11e4 mshidkmdf - ok 22:10:10.0759 0x11e4 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 22:10:10.0767 0x11e4 mshidumdf - ok 22:10:10.0769 0x11e4 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 22:10:10.0776 0x11e4 msisadrv - ok 22:10:10.0781 0x11e4 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 22:10:10.0792 0x11e4 MSiSCSI - ok 22:10:10.0795 0x11e4 msiserver - ok 22:10:10.0798 0x11e4 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\WINDOWS\system32\DRIVERS\MSKSSRV.sys 22:10:10.0810 0x11e4 MSKSSRV - ok 22:10:10.0813 0x11e4 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\WINDOWS\system32\drivers\mslldp.sys 22:10:10.0823 0x11e4 MsLldp - ok 22:10:10.0825 0x11e4 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\WINDOWS\system32\DRIVERS\MSPCLOCK.sys 22:10:10.0837 0x11e4 MSPCLOCK - ok 22:10:10.0839 0x11e4 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\WINDOWS\system32\DRIVERS\MSPQM.sys 22:10:10.0851 0x11e4 MSPQM - ok 22:10:10.0858 0x11e4 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 22:10:10.0870 0x11e4 MsRPC - ok 22:10:10.0875 0x11e4 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 22:10:10.0881 0x11e4 mssmbios - ok 22:10:10.0883 0x11e4 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\WINDOWS\system32\DRIVERS\MSTEE.sys 22:10:10.0895 0x11e4 MSTEE - ok 22:10:10.0898 0x11e4 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 22:10:10.0906 0x11e4 MTConfig - ok 22:10:10.0911 0x11e4 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\WINDOWS\system32\Drivers\mup.sys 22:10:10.0927 0x11e4 Mup - ok 22:10:10.0930 0x11e4 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 22:10:10.0937 0x11e4 mvumis - ok 22:10:10.0948 0x11e4 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 22:10:10.0971 0x11e4 NativeWifiP - ok 22:10:10.0975 0x11e4 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 22:10:10.0988 0x11e4 NcaSvc - ok 22:10:10.0995 0x11e4 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\WINDOWS\System32\ncbservice.dll 22:10:11.0011 0x11e4 NcbService - ok 22:10:11.0015 0x11e4 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 22:10:11.0033 0x11e4 NcdAutoSetup - ok 22:10:11.0037 0x11e4 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\WINDOWS\System32\drivers\ndfltr.sys 22:10:11.0045 0x11e4 ndfltr - ok 22:10:11.0063 0x11e4 [ C1294D97AAD475701EB35DF8422D6E15, 5183C051D01D090CCA73BF0C0D40CC2F1A0E0CE58ED6C2F7C3B826808F6822E0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 22:10:11.0090 0x11e4 NDIS - ok 22:10:11.0094 0x11e4 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\WINDOWS\system32\drivers\ndiscap.sys 22:10:11.0103 0x11e4 NdisCap - ok 22:10:11.0108 0x11e4 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\WINDOWS\system32\drivers\NdisImPlatform.sys 22:10:11.0121 0x11e4 NdisImPlatform - ok 22:10:11.0124 0x11e4 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 22:10:11.0135 0x11e4 NdisTapi - ok 22:10:11.0138 0x11e4 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\WINDOWS\system32\drivers\ndisuio.sys 22:10:11.0147 0x11e4 Ndisuio - ok 22:10:11.0150 0x11e4 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys 22:10:11.0158 0x11e4 NdisVirtualBus - ok 22:10:11.0163 0x11e4 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\WINDOWS\System32\drivers\ndiswan.sys 22:10:11.0179 0x11e4 NdisWan - ok 22:10:11.0183 0x11e4 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 22:10:11.0198 0x11e4 ndiswanlegacy - ok 22:10:11.0201 0x11e4 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\WINDOWS\system32\DRIVERS\NDProxy.sys 22:10:11.0214 0x11e4 ndproxy - ok 22:10:11.0217 0x11e4 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 22:10:11.0231 0x11e4 Ndu - ok 22:10:11.0235 0x11e4 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\WINDOWS\system32\drivers\NetAdapterCx.sys 22:10:11.0245 0x11e4 NetAdapterCx - ok 22:10:11.0248 0x11e4 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\WINDOWS\system32\drivers\netbios.sys 22:10:11.0255 0x11e4 NetBIOS - ok 22:10:11.0262 0x11e4 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 22:10:11.0276 0x11e4 NetBT - ok 22:10:11.0279 0x11e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] Netlogon C:\WINDOWS\system32\lsass.exe 22:10:11.0287 0x11e4 Netlogon - ok 22:10:11.0294 0x11e4 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\WINDOWS\System32\netman.dll 22:10:11.0309 0x11e4 Netman - ok 22:10:11.0318 0x11e4 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 22:10:11.0338 0x11e4 netprofm - ok 22:10:11.0345 0x11e4 [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc C:\WINDOWS\System32\NetSetupSvc.dll 22:10:11.0358 0x11e4 NetSetupSvc - ok 22:10:11.0364 0x11e4 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe 22:10:11.0373 0x11e4 NetTcpPortSharing - ok 22:10:11.0381 0x11e4 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\WINDOWS\System32\NgcCtnrSvc.dll 22:10:11.0398 0x11e4 NgcCtnrSvc - ok 22:10:11.0413 0x11e4 [ A5A60483329D5A48A795DD614DE67585, 6C9CF49D4C38D458A17F314146C721B7896C5FF0A0FF9599A59606D1CC723194 ] NgcSvc C:\WINDOWS\system32\ngcsvc.dll 22:10:11.0445 0x11e4 NgcSvc - ok 22:10:11.0453 0x11e4 [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 22:10:11.0471 0x11e4 NlaSvc - ok 22:10:11.0475 0x11e4 [ 9265FFCA085272EE0D30D2D4A3C1AF6F, 47DABD13409F96AA0201EACB573EA59F8E0366EB4494ADF25722980D92D0E8A6 ] nldrv C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys 22:10:11.0493 0x11e4 nldrv - ok 22:10:11.0499 0x11e4 [ 0455298B81CB7F10AFB5D372F3BDA3C7, 9B1C400C2C85FAFA3C20B6111AC9D1B224BEA09CA6F888F8C8B12AA9620A4AB2 ] nlsvc C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe 22:10:11.0524 0x11e4 nlsvc - ok 22:10:11.0528 0x11e4 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 22:10:11.0536 0x11e4 Npfs - ok 22:10:11.0539 0x11e4 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 22:10:11.0548 0x11e4 npsvctrig - ok 22:10:11.0551 0x11e4 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\WINDOWS\system32\nsisvc.dll 22:10:11.0560 0x11e4 nsi - ok 22:10:11.0563 0x11e4 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 22:10:11.0571 0x11e4 nsiproxy - ok 22:10:11.0604 0x11e4 [ 5DD8CB01C0394F8D052763D2E3C6E684, BF58C1586A2402576B91D7F862861974F7BDB38704E88F4974FF3F1D1B481386 ] NTFS C:\WINDOWS\system32\drivers\NTFS.sys 22:10:11.0649 0x11e4 NTFS - ok 22:10:11.0653 0x11e4 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\WINDOWS\system32\drivers\Null.sys 22:10:11.0661 0x11e4 Null - ok 22:10:11.0663 0x11e4 NVHDA - ok 22:10:11.0861 0x11e4 [ E65D6A80252ED289A1E381FE10C8CE3B, 9A71250A42ACE14A0E14F27A519A09114F9061AC05F57A732EED1CE8A7E196DC ] nvlddmkm C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_b07608b795ac4102\nvlddmkm.sys 22:10:12.0054 0x11e4 nvlddmkm - ok 22:10:12.0094 0x11e4 [ A6102293847A7A2DF01E7BF7AC1C1F12, 14E4E75711C00DA826136FB531E9AD53787502F441103386C5CD37EEFCE27AFC ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe 22:10:12.0123 0x11e4 NvNetworkService - ok 22:10:12.0130 0x11e4 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 22:10:12.0139 0x11e4 nvraid - ok 22:10:12.0144 0x11e4 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 22:10:12.0154 0x11e4 nvstor - ok 22:10:12.0157 0x11e4 [ 99D42078C9596A20A7B3419159265A25, E9F5380E6597C79B26B2CBAAC534F31C5027F32AAA0FD5876CF7E9BB6658F30C ] NvStreamKms C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys 22:10:12.0162 0x11e4 NvStreamKms - ok 22:10:12.0211 0x11e4 [ E6A64322EB213AEACBB61584AA6FB032, FA91C89B81DD7F3EC22DF71FFC3A506AD40AE76EC91F1115CCAB6ED39431369D ] NvStreamNetworkSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe 22:10:12.0264 0x11e4 NvStreamNetworkSvc - ok 22:10:12.0304 0x11e4 [ A8213BF32D2E75ADD362E118AD164749, 6F35210ED11088FE64F13DD63053FFDA4628A5F6397DA33A345970962AB83499 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe 22:10:12.0342 0x11e4 NvStreamSvc - ok 22:10:12.0366 0x11e4 [ 1D97F4D3B6D1F64E6419317EF0DA5768, B06D07D5757BF0760EAC2F2DF6FA3E841FF20C25E21D28E76DFB16187A385A46 ] nvsvc C:\WINDOWS\system32\nvvsvc.exe 22:10:12.0391 0x11e4 nvsvc - ok 22:10:12.0395 0x11e4 [ F37FE6B15A987AEEC08EEF531F2FAED7, CC768E7DE80C7A8CB2392F9BC528212B8A3A35A30A222ED0B0B959051E6F8065 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys 22:10:12.0400 0x11e4 nvvad_WaveExtensible - ok 22:10:12.0407 0x11e4 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\WINDOWS\System32\APHostService.dll 22:10:12.0424 0x11e4 OneSyncSvc - ok 22:10:12.0459 0x11e4 [ 94F4247BB74CE835705EE4013118181A, 7412CFEBFAD1EBB39B91F2C42E4DD560EDF0B1CE0FA05D9506B16BE7CDD51BD2 ] OverwolfUpdater C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe 22:10:12.0483 0x11e4 OverwolfUpdater - ok 22:10:12.0491 0x11e4 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 22:10:12.0508 0x11e4 p2pimsvc - ok 22:10:12.0516 0x11e4 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\WINDOWS\system32\p2psvc.dll 22:10:12.0534 0x11e4 p2psvc - ok 22:10:12.0538 0x11e4 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\WINDOWS\System32\drivers\parport.sys 22:10:12.0549 0x11e4 Parport - ok 22:10:12.0554 0x11e4 [ 9DB326B54C03EF2892E7551D8B354036, 64CD77E8A4425E80CFB61DEE33C1A677A4044C6FC0614D74B20BDDD7C5D5334D ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 22:10:12.0562 0x11e4 partmgr - ok 22:10:12.0571 0x11e4 [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 22:10:12.0586 0x11e4 PcaSvc - ok 22:10:12.0593 0x11e4 [ D723D2C98598B0DF5832427740B2825D, C2B26A1F4FA2B43D842954403F134908D77892FF4BF7F320D692E685846D5C97 ] pci C:\WINDOWS\system32\drivers\pci.sys 22:10:12.0605 0x11e4 pci - ok 22:10:12.0608 0x11e4 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\WINDOWS\system32\drivers\pciide.sys 22:10:12.0614 0x11e4 pciide - ok 22:10:12.0618 0x11e4 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 22:10:12.0626 0x11e4 pcmcia - ok 22:10:12.0630 0x11e4 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 22:10:12.0636 0x11e4 pcw - ok 22:10:12.0641 0x11e4 [ 9EA203A07EFA6D74F07F32EF0DAB5CA6, D851F1CC748B4CD0E263931668FFF2FE20D5778267F4FF2237D565CFC171B5AF ] pdc C:\WINDOWS\system32\drivers\pdc.sys 22:10:12.0648 0x11e4 pdc - ok 22:10:12.0661 0x11e4 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 22:10:12.0688 0x11e4 PEAUTH - ok 22:10:12.0692 0x11e4 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\WINDOWS\system32\drivers\percsas2i.sys 22:10:12.0699 0x11e4 percsas2i - ok 22:10:12.0703 0x11e4 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\WINDOWS\system32\drivers\percsas3i.sys 22:10:12.0710 0x11e4 percsas3i - ok 22:10:12.0723 0x11e4 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 22:10:12.0737 0x11e4 PerfHost - ok 22:10:12.0753 0x11e4 [ D0D57322ABC7473E54472D8374169CC5, BD14A13D6908C8669E56EF9401FD8A3D7C618E8B6556B36E634864E733BCA4B2 ] PhoneSvc C:\WINDOWS\System32\PhoneService.dll 22:10:12.0790 0x11e4 PhoneSvc - ok 22:10:12.0796 0x11e4 [ B4AB2C0177715FFAED88A1223212043A, 1920792ADC78DD51EF98B6A9634D686EAED0848FB7EF74A0DCD3AEBA5AF41EC6 ] PimIndexMaintenanceSvc C:\WINDOWS\System32\PimIndexMaintenance.dll 22:10:12.0812 0x11e4 PimIndexMaintenanceSvc - ok 22:10:12.0835 0x11e4 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\WINDOWS\system32\pla.dll 22:10:12.0877 0x11e4 pla - ok 22:10:12.0883 0x11e4 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 22:10:12.0897 0x11e4 PlugPlay - ok 22:10:12.0900 0x11e4 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 22:10:12.0909 0x11e4 PNRPAutoReg - ok 22:10:12.0917 0x11e4 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 22:10:12.0932 0x11e4 PNRPsvc - ok 22:10:12.0940 0x11e4 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 22:10:12.0957 0x11e4 PolicyAgent - ok 22:10:12.0962 0x11e4 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\WINDOWS\system32\umpo.dll 22:10:12.0973 0x11e4 Power - ok 22:10:12.0977 0x11e4 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\WINDOWS\System32\drivers\raspptp.sys 22:10:12.0992 0x11e4 PptpMiniport - ok 22:10:13.0040 0x11e4 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll 22:10:13.0127 0x11e4 PrintNotify - ok 22:10:13.0133 0x11e4 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\WINDOWS\System32\drivers\processr.sys 22:10:13.0144 0x11e4 Processor - ok 22:10:13.0151 0x11e4 [ 1F115AF75EFBAC28479B4F94A3F8D4A3, BE8D8C50D985F6AF9DDC0F13BDBE2D55D600E1F5E344982536538B14EC484AA6 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 22:10:13.0171 0x11e4 ProfSvc - ok 22:10:13.0176 0x11e4 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\WINDOWS\system32\drivers\pacer.sys 22:10:13.0184 0x11e4 Psched - ok 22:10:13.0191 0x11e4 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\WINDOWS\system32\qwave.dll 22:10:13.0206 0x11e4 QWAVE - ok 22:10:13.0209 0x11e4 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 22:10:13.0218 0x11e4 QWAVEdrv - ok 22:10:13.0220 0x11e4 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 22:10:13.0228 0x11e4 RasAcd - ok 22:10:13.0232 0x11e4 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\WINDOWS\System32\drivers\AgileVpn.sys 22:10:13.0245 0x11e4 RasAgileVpn - ok 22:10:13.0249 0x11e4 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\WINDOWS\System32\rasauto.dll 22:10:13.0260 0x11e4 RasAuto - ok 22:10:13.0264 0x11e4 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\WINDOWS\System32\drivers\rasl2tp.sys 22:10:13.0279 0x11e4 Rasl2tp - ok 22:10:13.0290 0x11e4 [ 3C0A10FFC3CB95D249CA64D62BC912EF, 8A75398EF3FF4BBE822031B3D1C63BFC75ABE11AB35BC0451DFF3B1D56477D97 ] RasMan C:\WINDOWS\System32\rasmans.dll 22:10:13.0316 0x11e4 RasMan - ok 22:10:13.0320 0x11e4 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 22:10:13.0330 0x11e4 RasPppoe - ok 22:10:13.0333 0x11e4 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\WINDOWS\System32\drivers\rassstp.sys 22:10:13.0346 0x11e4 RasSstp - ok 22:10:13.0354 0x11e4 [ EDAF0E161BE98CCC4FC9671481600745, 50DB73C341086E346F6EF57E40A7C3A8F6279E5EBB53A67F9B71B7877EB75734 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 22:10:13.0367 0x11e4 rdbss - ok 22:10:13.0376 0x11e4 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 22:10:13.0436 0x11e4 rdpbus - ok 22:10:13.0441 0x11e4 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 22:10:13.0453 0x11e4 RDPDR - ok 22:10:13.0458 0x11e4 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys 22:10:13.0465 0x11e4 RdpVideoMiniport - ok 22:10:13.0471 0x11e4 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 22:10:13.0483 0x11e4 rdyboost - ok 22:10:13.0499 0x11e4 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\WINDOWS\system32\drivers\ReFSv1.sys 22:10:13.0521 0x11e4 ReFSv1 - ok 22:10:13.0531 0x11e4 [ 13F6B64235C60167052364BF7D99E4CA, BC12EE00775F7456FB922FBD684BF3F0CFABA5BEBB6E162C23B41DED5C20A978 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 22:10:13.0553 0x11e4 RemoteAccess - ok 22:10:13.0558 0x11e4 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 22:10:13.0573 0x11e4 RemoteRegistry - ok 22:10:13.0584 0x11e4 [ FA62C4E1D753B489832DD0A7033665EE, BB0B59ABC79CEFA949632179239D711944C29E93EBCE60E629DE75AF2C3268B2 ] RetailDemo C:\WINDOWS\system32\RDXService.dll 22:10:13.0610 0x11e4 RetailDemo - ok 22:10:13.0615 0x11e4 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\WINDOWS\System32\drivers\rfcomm.sys 22:10:13.0627 0x11e4 RFCOMM - ok 22:10:13.0632 0x11e4 [ 5DAA644F17780FC4E3F4820A46D38FEC, 32C27FFA0A4608B164F4E709CD0D998AB73CA9713BE3E47F9DBC7B3D1B6C7453 ] RmSvc C:\WINDOWS\System32\RMapi.dll 22:10:13.0643 0x11e4 RmSvc - ok 22:10:13.0647 0x11e4 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 22:10:13.0657 0x11e4 RpcEptMapper - ok 22:10:13.0660 0x11e4 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\WINDOWS\system32\locator.exe 22:10:13.0667 0x11e4 RpcLocator - ok 22:10:13.0682 0x11e4 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\WINDOWS\system32\rpcss.dll 22:10:13.0710 0x11e4 RpcSs - ok 22:10:13.0714 0x11e4 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\WINDOWS\system32\drivers\rspndr.sys 22:10:13.0724 0x11e4 rspndr - ok 22:10:13.0726 0x11e4 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 22:10:13.0733 0x11e4 s3cap - ok 22:10:13.0737 0x11e4 [ 6F8E95716C1A27FF2FE96D30B147F1C1, 9403E9FE8B13EE294CFBBD96649BBD54CF723CF5872E3E03DA4380379D677983 ] SamSs C:\WINDOWS\system32\lsass.exe 22:10:13.0744 0x11e4 SamSs - ok 22:10:13.0748 0x11e4 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 22:10:13.0756 0x11e4 sbp2port - ok 22:10:13.0762 0x11e4 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 22:10:13.0776 0x11e4 SCardSvr - ok 22:10:13.0782 0x11e4 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 22:10:13.0796 0x11e4 ScDeviceEnum - ok 22:10:13.0799 0x11e4 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 22:10:13.0809 0x11e4 scfilter - ok 22:10:13.0824 0x11e4 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\WINDOWS\system32\schedsvc.dll 22:10:13.0854 0x11e4 Schedule - ok 22:10:13.0858 0x11e4 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\WINDOWS\system32\drivers\scmbus.sys 22:10:13.0866 0x11e4 scmbus - ok 22:10:13.0870 0x11e4 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\WINDOWS\System32\drivers\scmdisk0101.sys 22:10:13.0881 0x11e4 scmdisk0101 - ok 22:10:13.0886 0x11e4 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 22:10:13.0898 0x11e4 SCPolicySvc - ok 22:10:13.0905 0x11e4 [ 2A8832563C2826665517B91195085476, 1472BDF9ACACA105F9A67662131DC5A18BDBFE4656C33F6900E791C51A62DD90 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 22:10:13.0915 0x11e4 sdbus - ok 22:10:13.0920 0x11e4 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\WINDOWS\System32\SDRSVC.dll 22:10:13.0933 0x11e4 SDRSVC - ok 22:10:13.0937 0x11e4 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 22:10:13.0945 0x11e4 sdstor - ok 22:10:13.0948 0x11e4 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\WINDOWS\system32\seclogon.dll 22:10:13.0958 0x11e4 seclogon - ok 22:10:13.0961 0x11e4 [ F48535714BED7DD784853889B4594B26, 9B4AB7E7293E79A8F6CC46C84F23E62AD3BD6E958FCE078CDBB125A69FAC7E50 ] SENS C:\WINDOWS\System32\sens.dll 22:10:13.0974 0x11e4 SENS - ok 22:10:13.0994 0x11e4 [ 2B4E090D06C60853C5C00CF255F9E02A, 4D4DBA7B04519622612BD4A4F28318CA2F5646C84CAFF8C5ACC9BF4C6031894E ] SensorDataService C:\WINDOWS\System32\SensorDataService.exe 22:10:14.0044 0x11e4 SensorDataService - ok 22:10:14.0053 0x11e4 [ C09A42163878A082C3F0D0A3DFE95714, 8033DC38D0EDED3758DA6BF8C1955BE5FFE48863C079C589660B37D0E461300F ] SensorService C:\WINDOWS\system32\SensorService.dll 22:10:14.0074 0x11e4 SensorService - ok 22:10:14.0079 0x11e4 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 22:10:14.0092 0x11e4 SensrSvc - ok 22:10:14.0096 0x11e4 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 22:10:14.0103 0x11e4 SerCx - ok 22:10:14.0107 0x11e4 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 22:10:14.0116 0x11e4 SerCx2 - ok 22:10:14.0119 0x11e4 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 22:10:14.0127 0x11e4 Serenum - ok 22:10:14.0130 0x11e4 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\WINDOWS\System32\drivers\serial.sys 22:10:14.0139 0x11e4 Serial - ok 22:10:14.0142 0x11e4 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 22:10:14.0150 0x11e4 sermouse - ok 22:10:14.0161 0x11e4 [ 82CF273F0E8F243789683DEB40757569, 5433D93A41C4BF04494E6158931C6AC3154888F7CD3A417253EC02FF7EA6D00E ] SessionEnv C:\WINDOWS\system32\sessenv.dll 22:10:14.0180 0x11e4 SessionEnv - ok 22:10:14.0183 0x11e4 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 22:10:14.0191 0x11e4 sfloppy - ok 22:10:14.0201 0x11e4 [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 22:10:14.0225 0x11e4 SharedAccess - ok 22:10:14.0237 0x11e4 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 22:10:14.0261 0x11e4 ShellHWDetection - ok 22:10:14.0267 0x11e4 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\WINDOWS\system32\Windows.SharedPC.AccountManager.dll 22:10:14.0280 0x11e4 shpamsvc - ok 22:10:14.0283 0x11e4 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 22:10:14.0290 0x11e4 SiSRaid2 - ok 22:10:14.0293 0x11e4 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 22:10:14.0300 0x11e4 SiSRaid4 - ok 22:10:14.0308 0x11e4 [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe 22:10:14.0318 0x11e4 SkypeUpdate - ok 22:10:14.0321 0x11e4 [ A8C6A350A6B9C60E1EA53B6D4A4A01A6, 048CEE39BC1BDD8C4CBAE0AB7785787D033005B10F34626679F76165609B196C ] SmbDrvI C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys 22:10:14.0326 0x11e4 SmbDrvI - ok 22:10:14.0329 0x11e4 [ D233EAE2A9D48485321816486ED635EF, 03AB49BE9CF15EB7EDC50C400E673B4DF0E5BFDA9A7811E157F2AF2F3CF38D49 ] smphost C:\WINDOWS\System32\smphost.dll 22:10:14.0341 0x11e4 smphost - ok 22:10:14.0351 0x11e4 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\WINDOWS\system32\SmsRouterSvc.dll 22:10:14.0375 0x11e4 SmsRouter - ok 22:10:14.0380 0x11e4 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 22:10:14.0388 0x11e4 SNMPTRAP - ok 22:10:14.0399 0x11e4 [ 43AC4C5CC233BCE9D7C46DA0E7EC0676, DC41B118A43A5B8401FA4848DD113976077A32147944FD948AA61AFDF6639E5B ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 22:10:14.0414 0x11e4 spaceport - ok 22:10:14.0418 0x11e4 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 22:10:14.0426 0x11e4 SpbCx - ok 22:10:14.0439 0x11e4 [ 63F12E1361F06E5395EDABB587CE093A, BE66550AD4273D2F7118F06084C947628C99BD58F53ACF4FAA50849801B1B11C ] Spooler C:\WINDOWS\System32\spoolsv.exe 22:10:14.0467 0x11e4 Spooler - ok 22:10:14.0549 0x11e4 [ 3DFC1881AEE1C606333E9E82B4343C79, FBC6A6DEE8333D908A944E56877B2E8B007D745EFECB03EA714589C8DB67B26B ] sppsvc C:\WINDOWS\system32\sppsvc.exe 22:10:14.0657 0x11e4 sppsvc - ok 22:10:14.0670 0x11e4 [ E83830BB74AE8CBECEA0ECD94DE436F9, 4A34569A34260324EBD629039E1BF45A3527FC75B22D9A3DB6360A6EB365483A ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 22:10:14.0693 0x11e4 srv - ok 22:10:14.0706 0x11e4 [ 1312896CAE6AF0D4557DB7B37283C116, 9E3701DBBF0F45368A217549A7DFDA2543C4AB3AC9CCF65A73E1FE27CC4A278E ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 22:10:14.0732 0x11e4 srv2 - ok 22:10:14.0739 0x11e4 [ F13EE0DB1FB1D6946AC3228D7EFCFC8F, 109A809F0338FAB0F4045FA5EE33C6F0A994A9F586B2FBD8920A6AABA0E0EF66 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 22:10:14.0760 0x11e4 srvnet - ok 22:10:14.0766 0x11e4 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 22:10:14.0779 0x11e4 SSDPSRV - ok 22:10:14.0784 0x11e4 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 22:10:14.0798 0x11e4 SstpSvc - ok 22:10:14.0803 0x11e4 [ 592FF34A2FD6C6351B8A3AA76B2C0A9E, 152B7472DE531AC45492F562DD470B2CE33F1EEF13BC78F26046AE5ABF54E32F ] ssudmdm C:\WINDOWS\system32\DRIVERS\ssudmdm.sys 22:10:14.0810 0x11e4 ssudmdm - ok 22:10:14.0866 0x11e4 [ 503E713F77489EBA9B5DF7073B3D39E6, B89CCE2613782C89A0B363AF5C499FF037862C6B64F5C0833540F625D3706531 ] StateRepository C:\WINDOWS\system32\windows.staterepository.dll 22:10:14.0962 0x11e4 StateRepository - ok 22:10:14.0987 0x11e4 [ E06AA279D85877268E34E9A9BC41F560, 6EFE7E3850CD19B919053293B6D8CB61CC638D3B1626BB62594C681625132689 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe 22:10:15.0014 0x11e4 Steam Client Service - ok 22:10:15.0018 0x11e4 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 22:10:15.0025 0x11e4 stexstor - ok 22:10:15.0036 0x11e4 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\WINDOWS\System32\wiaservc.dll 22:10:15.0059 0x11e4 stisvc - ok 22:10:15.0064 0x11e4 [ 53EB8CE34B55A1EE63424C8DB7388BFC, 5AB59117BA8A2844EB8693CCC19B217AE039B28C87519F96E1C845FE9BF456C2 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 22:10:15.0072 0x11e4 storahci - ok 22:10:15.0075 0x11e4 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\WINDOWS\system32\drivers\vmstorfl.sys 22:10:15.0082 0x11e4 storflt - ok 22:10:15.0086 0x11e4 [ B66D8C75C9BC59D637177AB3B1C569A6, 76252A631F03EEBF5FDC7693F6B0A5E73838CDBE3157114CC96B8BBE88B476BF ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 22:10:15.0094 0x11e4 stornvme - ok 22:10:15.0097 0x11e4 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\WINDOWS\system32\drivers\storqosflt.sys 22:10:15.0107 0x11e4 storqosflt - ok 22:10:15.0116 0x11e4 [ 6C982BC7E4DB161530A0D831718D7113, B0FAEACC91023031E53A161ECEFCF62764C96B8705E9089B4A7B4F7A2F3B6BAA ] StorSvc C:\WINDOWS\system32\storsvc.dll 22:10:15.0173 0x11e4 StorSvc - ok 22:10:15.0177 0x11e4 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\WINDOWS\system32\drivers\storufs.sys 22:10:15.0184 0x11e4 storufs - ok 22:10:15.0187 0x11e4 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 22:10:15.0193 0x11e4 storvsc - ok 22:10:15.0196 0x11e4 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\WINDOWS\system32\svsvc.dll 22:10:15.0207 0x11e4 svsvc - ok 22:10:15.0209 0x11e4 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\WINDOWS\System32\drivers\swenum.sys 22:10:15.0216 0x11e4 swenum - ok 22:10:15.0225 0x11e4 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\WINDOWS\System32\swprv.dll 22:10:15.0246 0x11e4 swprv - ok 22:10:15.0250 0x11e4 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\WINDOWS\System32\drivers\Synth3dVsc.sys 22:10:15.0259 0x11e4 Synth3dVsc - ok 22:10:15.0274 0x11e4 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\WINDOWS\system32\sysmain.dll 22:10:15.0304 0x11e4 SysMain - ok 22:10:15.0313 0x11e4 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll 22:10:15.0330 0x11e4 SystemEventsBroker - ok 22:10:15.0334 0x11e4 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 22:10:15.0347 0x11e4 TabletInputService - ok 22:10:15.0353 0x11e4 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 22:10:15.0369 0x11e4 TapiSrv - ok 22:10:15.0405 0x11e4 [ B705D8E3011268160833518FBD80FBCE, 28EE5D3D49CC2C88BEEC4A4AF76EC58ED707D6AD353A7700CE92D61AF1264507 ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 22:10:15.0455 0x11e4 Tcpip - ok 22:10:15.0492 0x11e4 [ B705D8E3011268160833518FBD80FBCE, 28EE5D3D49CC2C88BEEC4A4AF76EC58ED707D6AD353A7700CE92D61AF1264507 ] Tcpip6 C:\WINDOWS\system32\drivers\tcpip.sys 22:10:15.0538 0x11e4 Tcpip6 - ok 22:10:15.0545 0x11e4 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 22:10:15.0555 0x11e4 tcpipreg - ok 22:10:15.0560 0x11e4 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 22:10:15.0568 0x11e4 tdx - ok 22:10:15.0571 0x11e4 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 22:10:15.0578 0x11e4 terminpt - ok 22:10:15.0593 0x11e4 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\WINDOWS\System32\termsrv.dll 22:10:15.0628 0x11e4 TermService - ok 22:10:15.0632 0x11e4 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\WINDOWS\system32\themeservice.dll 22:10:15.0646 0x11e4 Themes - ok 22:10:15.0658 0x11e4 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\WINDOWS\system32\TieringEngineService.exe 22:10:15.0675 0x11e4 TieringEngineService - ok
These is the AdwCleaner log that came up after reboot;
Code:# AdwCleaner v6.021 - Logfile created 08/10/2016 at 21:44:54 # Updated on 06/10/2016 by ToolsLib # Database : 2016-10-07.1 [Server] # Operating System : Windows 10 Home (X64) # Username : Luke - LUKE # Running from : Z:\FIREFOX DOWNLOADS\ANTI-MALWARE ETC\adwcleaner_6.021.exe # Mode: Clean # Support : https://toolslib.net/forum ***** [ Services ] ***** [-] Service deleted: rtop ***** [ Folders ] ***** [-] Folder deleted: C:\Program Files\ByteFence [-] Folder deleted: C:\ProgramData\ByteFence [#] Folder deleted on reboot: C:\ProgramData\Application Data\ByteFence ***** [ Files ] ***** [-] File deleted: C:\END ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [-] Key deleted: HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\Software\ByteFence [#] Key deleted on reboot: HKCU\Software\ByteFence [-] Key deleted: HKLM\SOFTWARE\ByteFence [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ByteFence [#] Key deleted on reboot: [x64] HKCU\Software\ByteFence [-] Key deleted: [x64] HKLM\SOFTWARE\ByteFence [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com ***** [ Web browsers ] ***** [-] Chrome preferences cleaned: "browser.search.defaultenginename" - "Yahoo! Powered" [-] Chrome preferences cleaned: "browser.search.selectedEngine" - "Yahoo! Powered" ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3012 Bytes] - [19/09/2016 22:10:49] C:\AdwCleaner\AdwCleaner[C2].txt - [1206 Bytes] - [23/09/2016 20:37:33] C:\AdwCleaner\AdwCleaner[C3].txt - [2823 Bytes] - [25/09/2016 22:23:03] C:\AdwCleaner\AdwCleaner[C4].txt - [2107 Bytes] - [08/10/2016 21:44:54] C:\AdwCleaner\AdwCleaner[S0].txt - [3946 Bytes] - [19/09/2016 18:11:45] C:\AdwCleaner\AdwCleaner[S1].txt - [2894 Bytes] - [19/09/2016 22:09:18] C:\AdwCleaner\AdwCleaner[S2].txt - [1342 Bytes] - [23/09/2016 20:37:20] C:\AdwCleaner\AdwCleaner[S3].txt - [2493 Bytes] - [25/09/2016 22:22:02] C:\AdwCleaner\AdwCleaner[S4].txt - [1649 Bytes] - [01/10/2016 00:24:26] C:\AdwCleaner\AdwCleaner[S5].txt - [1722 Bytes] - [01/10/2016 00:25:48] C:\AdwCleaner\AdwCleaner[S6].txt - [2815 Bytes] - [08/10/2016 21:42:23] ########## EOF - C:\AdwCleaner\AdwCleaner[C4].txt - [2691 Bytes] ########
OK, now Anti-Malware Bytes. I ran this 2x (because I ran the cleaners out of order the first time and wanted to ensure it cleaned correctly. Seems like it was a good plan because if found stuff both times.
1st RUN
Code:Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/8/2016 Scan Time: 6:24 PM Logfile: MAL-ANTIMAL.txt Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.10.08.07 Rootkit Database: v2016.09.26.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Luke Scan Type: Threat Scan Result: Completed Objects Scanned: 314277 Time Elapsed: 7 min, 3 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 1 Trojan.Dropper, C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe, 2852, , [12b5494da5f5d75f796b1ad024e0d828] Modules: 0 (No malicious items detected) Registry Keys: 8 Trojan.Dropper, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\rtop, , [12b5494da5f5d75f796b1ad024e0d828], PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [0cbb0096f7a3d16576eaf1d8897933cd], PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [36916036a1f981b54b1592379c66bb45], PUP.Optional.InstallCore, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\csastats, , [3e893b5b693104323947d1293dc67f81], PUP.Optional.WinYahoo, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472F-A0FF-E1416B8B2E3A}, , [ecdbf1a51b7f0f271f4049802ad86898], PUP.Optional.ProductSetup, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\PRODUCTSETUP, , [7c4b12844d4de551b00dc5eb27dc6f91], PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\winsearch, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Chromium, , [ac1bc4d27822a0968dc17924af552dd3], Registry Values: 7 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[f3d4d0c6afebd462aeebdede19eb24dc]D1%26b[f3d4d0c6afebd462aeebdede19eb24dc]DIE%26cc[f3d4d0c6afebd462aeebdede19eb24dc]Dca%26pa[f3d4d0c6afebd462aeebdede19eb24dc]Dwincy%26cd[f3d4d0c6afebd462aeebdede19eb24dc]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[f3d4d0c6afebd462aeebdede19eb24dc]D1897231198%26a[f3d4d0c6afebd462aeebdede19eb24dc]Dwbf_lvrms_16_40%26os_ver[f3d4d0c6afebd462aeebdede19eb24dc]D10.0%26os[f3d4d0c6afebd462aeebdede19eb24dc]DWindowsB10BHome, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[0cbb0096f7a3d16576eaf1d8897933cd]D4%26b[0cbb0096f7a3d16576eaf1d8897933cd]DIE%26cc[0cbb0096f7a3d16576eaf1d8897933cd]Dca%26pa[0cbb0096f7a3d16576eaf1d8897933cd]Dwincy%26cd[0cbb0096f7a3d16576eaf1d8897933cd]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[0cbb0096f7a3d16576eaf1d8897933cd]D1897231198%26a[0cbb0096f7a3d16576eaf1d8897933cd]Dwbf_lvrms_16_40%26os_ver[0cbb0096f7a3d16576eaf1d8897933cd]D10.0%26os[0cbb0096f7a3d16576eaf1d8897933cd]DWindowsB10BHome&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[289f4f47f8a2cf6708913c8036ce5ba5]D1%26b[289f4f47f8a2cf6708913c8036ce5ba5]DIE%26cc[289f4f47f8a2cf6708913c8036ce5ba5]Dca%26pa[289f4f47f8a2cf6708913c8036ce5ba5]Dwincy%26cd[289f4f47f8a2cf6708913c8036ce5ba5]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[289f4f47f8a2cf6708913c8036ce5ba5]D1897231198%26a[289f4f47f8a2cf6708913c8036ce5ba5]Dwbf_lvrms_16_40%26os_ver[289f4f47f8a2cf6708913c8036ce5ba5]D10.0%26os[289f4f47f8a2cf6708913c8036ce5ba5]DWindowsB10BHome, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[36916036a1f981b54b1592379c66bb45]D4%26b[36916036a1f981b54b1592379c66bb45]DIE%26cc[36916036a1f981b54b1592379c66bb45]Dca%26pa[36916036a1f981b54b1592379c66bb45]Dwincy%26cd[36916036a1f981b54b1592379c66bb45]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[36916036a1f981b54b1592379c66bb45]D1897231198%26a[36916036a1f981b54b1592379c66bb45]Dwbf_lvrms_16_40%26os_ver[36916036a1f981b54b1592379c66bb45]D10.0%26os[36916036a1f981b54b1592379c66bb45]DWindowsB10BHome&p={searchTerms}, %4, %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[a6213a5cfb9f73c351492b916d9759a7]D1%26b[a6213a5cfb9f73c351492b916d9759a7]DIE%26cc[a6213a5cfb9f73c351492b916d9759a7]Dca%26pa[a6213a5cfb9f73c351492b916d9759a7]Dwincy%26cd[a6213a5cfb9f73c351492b916d9759a7]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[a6213a5cfb9f73c351492b916d9759a7]D1897231198%26a[a6213a5cfb9f73c351492b916d9759a7]Dwbf_lvrms_16_40%26os_ver[a6213a5cfb9f73c351492b916d9759a7]D10.0%26os[a6213a5cfb9f73c351492b916d9759a7]DWindowsB10BHome, %4, %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}|URL, https://ca.search.yahoo.com/yhs/search?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f[ecdbf1a51b7f0f271f4049802ad86898]D4%26b[ecdbf1a51b7f0f271f4049802ad86898]DIE%26cc[ecdbf1a51b7f0f271f4049802ad86898]Dca%26pa[ecdbf1a51b7f0f271f4049802ad86898]Dwincy%26cd[ecdbf1a51b7f0f271f4049802ad86898]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr[ecdbf1a51b7f0f271f4049802ad86898]D1897231198%26a[ecdbf1a51b7f0f271f4049802ad86898]Dwbf_lvrms_16_40%26os_ver[ecdbf1a51b7f0f271f4049802ad86898]D10.0%26os[ecdbf1a51b7f0f271f4049802ad86898]DWindowsB10BHome&p={searchTerms}, %4, %5 PUP.Optional.ProductSetup, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\PRODUCTSETUP|tb, 0G2O2W1R0C1R1H, , [7c4b12844d4de551b00dc5eb27dc6f91] Registry Data: 3 PUP.Optional.WinYahoo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=fBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]D1%26bBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]DIE%26ccBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]Dca%26paBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]Dwincy%26cdBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26crBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]D1897231198%26aBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]Dwbf_lvrms_16_40%26os_verBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]D10.0%26osBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[11b64353dac0f541112918619a6ac937]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5 PUP.Optional.WinYahoo, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=fBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]D1%26bBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]DIE%26ccBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]Dca%26paBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]Dwincy%26cdBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26crBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]D1897231198%26aBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]Dwbf_lvrms_16_40%26os_verBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]D10.0%26osBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[24a3b7df52488babd06ab3c67193d828]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5 PUP.Optional.WinYahoo, HKU\S-1-5-21-4232256137-3942767270-2832098513-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=fBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]D1%26bBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]DIE%26ccBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]Dca%26paBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]Dwincy%26cdBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26crBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]D1897231198%26aBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]Dwbf_lvrms_16_40%26os_verBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]D10.0%26osBad: (https://ca.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_lvrms_16_40¶m1=1¶m2=f%3D1%26b%3DIE%26cc%3Dca%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutByEtD0AyCyEtC0CzytCyD0CtAyDzy0DtN0D0Tzu0StCyBtAzztN1L2XzutAtFtByEtFyCtFyDtBtN1L1Czu1ByEtN1L1G1B1V1N2Y1L1Qzu2SyE0C0CtAzytCyDyEtGtB0EtA0BtG0E0E0B0DtGyBtC0DzztGyEtCyD0DtAyD0D0D0B0E0DyC2QtN1M1F1B2Z1V1N2Y1L1Qzu2StBtC0EyDyBtC0A0EtG0AyD0BzztGyE0AyE0CtG0A0BtBtCtG0BtAyC0EyDyByC0D0ByBtA0A2QtN0A0LzuyE%26cr%3D1897231198%26a%3Dwbf_lvrms_16_40%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome),,[a32471250b8ff04622166118c44018e8]DWindowsGood: (www.google.com)B10Good: (www.google.com)BHome, %4, %5 Folders: 2 PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}, , [ac1bc4d27822a0968dc17924af552dd3], Files: 29 Trojan.Dropper, C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe, , [12b5494da5f5d75f796b1ad024e0d828], PUP.Optional.DownLoadAdmin, C:\$Recycle.Bin\S-1-5-21-4232256137-3942767270-2832098513-1001\$RPYGLZR.exe, , [b90edfb7e7b33006362dd22940c48a76], PUP.Optional.WinYahoo, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HowToRemove.html.lnk, , [cdfaa1f5e8b2d85ebeee667a53b03cc4], PUP.Optional.WinYahoo, C:\Windows\Tasks\Yahoo! Powered fisad.job, , [8d3a940298025ed84cc9c2f224e00000], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\HowToRemove.html, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\chromium-min.jpg, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\control panel-min-min.JPG, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\down.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\ff menu.JPG, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\ff search engine-min.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\hp-min ff.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\hp-min ie.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\search engine.gif, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\setup pages.gif, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\sp-min.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\start-min.jpg, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\HowToRemove\up.png, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\bapi_ff.dat, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\bapi_ie.dat, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\cete, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\install.log, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\mifa, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\sace, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\sara.dat, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\Sqlite3.dll, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\tane.cfg, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\uninst.dat, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Local\{6B375D6B-4F9F-31D3-2207-143B066FE8A3}\uninst.exe, , [ac1bc4d27822a0968dc17924af552dd3], PUP.Optional.WinYahoo, C:\Users\Luke Berger\AppData\Roaming\Mozilla\Firefox\Profiles\5i3ghlif.default\searchplugins\yahoo! powered.xml, , [bc0b1581f8a2a39316416c3157ad6898], Physical Sectors: 0 (No malicious items detected) (end)
2nd Run
Ran the rest, and everything was clean. finished up with CC Cleaner. Should I now proceed with the next step? Sorry to have to go back to this again, what a nightmare.Code:Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 10/8/2016 Scan Time: 10:19 PM Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2016.10.09.02 Rootkit Database: v2016.09.26.02 License: Free Malware Protection: Disabled Malicious Website Protection: Disabled Self-protection: Disabled OS: Windows 10 CPU: x64 File System: NTFS User: Luke Scan Type: Custom Scan Result: Completed Objects Scanned: 548382 Time Elapsed: 51 min, 10 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 2 Trojan.Dropper, C:\AdwCleaner\quarantine\files\xaygjlobjwhsjguhkeodugixgwxmzheg\rtop\bin\rtop_svc.exe, , [bf670790e6b4be784b99cd1d8a7af808], PUP.Optional.DownLoadAdmin, Z:\FIREFOX DOWNLOADS\Paper Mario-176058345.exe, , [9b8bb2e5aceed4626ff4b04b3fc5966a], Physical Sectors: 0 (No malicious items detected) (end)
Last edited by LAPS; 09 Oct 2016 at 00:52.