Jump to content

Possible Trojan: Rovnix.genA and C


Recommended Posts

Hello all,

 

I have a malware infection that's been very stubborn and difficult to kill. I would appreciate any assistance.

 

I suspect that what I have is the rovnix trojan. A phishing email claiming to be from the postal service is the most likely source, dating back to April 2014. Microsoft Security Essentials repeatedly identifies and 'cleans' rovnix over and over, while Malwarebytes premium trial doesn't detect anything.

 

However, the real time protection repeatedly blocks consistent outgoing website requests over and over and over and over again. I've attached a FRST scan, a protection log from Malwarebytes that demonstrates the repeated outbound queries, and the first Malwarebytes scan we ran that identifies items other than Rovnix. Please let me know if there's any other useful information I can provide.

Addition.txt

FRST.txt

mbam-log-2014-06-24 (15-43-29).xml

protection-log-2014-07-05.xml

Link to post
Share on other sites

Download attached fixlist.txt file and save it to the Desktop, or the folder you saved FRST into.

 

NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

 

Run FRST and press the Fix button just once and wait.

 

The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

 

Next,

 

Download TDSSKiller and save it to your Desktop.

 

Make sure TDSSKiller.exe  is on the Desktop itself, not within a folder on the desktop.

 

Go to Start > Run (Or you can hold down your Windows key and press R) and copy and paste the following into the text field. (make sure you include the quote marks) Then press OK.

 

"%userprofile%\Desktop\TDSSKiller.exe" -l C:\TDSSKiller.txt

 

If it says "Hidden service detected" DO NOT type anything in. Just press Enter on your keyboard to not do anything to the file.

If Malicious objects are found, do NOT select Delete or Cure. Change the action to Skip, When it is done, a log file should be created on your C: drive called "TDSSKiller.txt" please copy and paste the contents of that file here.

 

Kevin..

 

 

 

 

fixlist.txt

Link to post
Share on other sites

The logfile is enormous. I'm going to have to split it into chunks.
 
15:58:44.0989 0x166c  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
15:58:50.0042 0x166c  ============================================================
15:58:50.0042 0x166c  Current date / time: 2014/07/05 15:58:50.0042
15:58:50.0042 0x166c  SystemInfo:
15:58:50.0042 0x166c  
15:58:50.0042 0x166c  OS Version: 6.1.7601 ServicePack: 1.0
15:58:50.0042 0x166c  Product type: Workstation
15:58:50.0042 0x166c  ComputerName: MOMPC2
15:58:50.0042 0x166c  UserName: Globe3
15:58:50.0042 0x166c  Windows directory: C:\Windows
15:58:50.0042 0x166c  System windows directory: C:\Windows
15:58:50.0042 0x166c  Running under WOW64
15:58:50.0042 0x166c  Processor architecture: Intel x64
15:58:50.0042 0x166c  Number of processors: 4
15:58:50.0042 0x166c  Page size: 0x1000
15:58:50.0042 0x166c  Boot type: Normal boot
15:58:50.0042 0x166c  ============================================================
15:58:51.0959 0x166c  KLMD registered as C:\Windows\system32\drivers\12567912.sys
15:58:52.0297 0x166c  System UUID: {9994F604-BBB4-DD0B-E803-57194CE0B45C}
15:58:52.0887 0x166c  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
15:58:52.0896 0x166c  ============================================================
15:58:52.0896 0x166c  \Device\Harddisk0\DR0:
15:58:52.0896 0x166c  MBR partitions:
15:58:52.0896 0x166c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:58:52.0896 0x166c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
15:58:52.0896 0x166c  ============================================================
15:58:52.0913 0x166c  C: <-> \Device\Harddisk0\DR0\Partition2
15:58:52.0913 0x166c  ============================================================
15:58:52.0913 0x166c  Initialize success
15:58:52.0914 0x166c  ============================================================
15:59:00.0698 0x1a48  ============================================================
15:59:00.0698 0x1a48  Scan started
15:59:00.0698 0x1a48  Mode: Manual; 
15:59:00.0698 0x1a48  ============================================================
15:59:00.0698 0x1a48  KSN ping started
15:59:05.0592 0x1a48  KSN ping finished: true
15:59:06.0183 0x1a48  ================ Scan system memory ========================
15:59:06.0184 0x1a48  System memory - ok
15:59:06.0184 0x1a48  ================ Scan services =============================
15:59:06.0328 0x1a48  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
15:59:06.0339 0x1a48  1394ohci - ok
15:59:06.0398 0x1a48  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
15:59:06.0408 0x1a48  ACPI - ok
15:59:06.0432 0x1a48  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
15:59:06.0433 0x1a48  AcpiPmi - ok
15:59:06.0507 0x1a48  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:59:06.0510 0x1a48  AdobeARMservice - ok
15:59:06.0560 0x1a48  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
15:59:06.0586 0x1a48  adp94xx - ok
15:59:06.0608 0x1a48  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
15:59:06.0623 0x1a48  adpahci - ok
15:59:06.0640 0x1a48  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
15:59:06.0645 0x1a48  adpu320 - ok
15:59:06.0667 0x1a48  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
15:59:06.0669 0x1a48  AeLookupSvc - ok
15:59:06.0729 0x1a48  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD             C:\Windows\system32\drivers\afd.sys
15:59:06.0752 0x1a48  AFD - ok
15:59:06.0789 0x1a48  [ 8492D198CA7B91202816A23F7230D11B, 439CB84B41A4087FD52BD206051412485F590684C71CA3A373FFEB2616060FAE ] Agent           C:\Windows\VPDAgent_x64.exe
15:59:06.0793 0x1a48  Agent - ok
15:59:06.0821 0x1a48  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
15:59:06.0823 0x1a48  agp440 - ok
15:59:06.0835 0x1a48  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
15:59:06.0837 0x1a48  ALG - ok
15:59:06.0856 0x1a48  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
15:59:06.0857 0x1a48  aliide - ok
15:59:06.0884 0x1a48  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
15:59:06.0885 0x1a48  amdide - ok
15:59:06.0897 0x1a48  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
15:59:06.0899 0x1a48  AmdK8 - ok
15:59:06.0911 0x1a48  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
15:59:06.0913 0x1a48  AmdPPM - ok
15:59:06.0921 0x1a48  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
15:59:06.0924 0x1a48  amdsata - ok
15:59:06.0941 0x1a48  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
15:59:06.0946 0x1a48  amdsbs - ok
15:59:06.0960 0x1a48  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
15:59:06.0961 0x1a48  amdxata - ok
15:59:06.0991 0x1a48  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
15:59:06.0994 0x1a48  AppID - ok
15:59:07.0007 0x1a48  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
15:59:07.0010 0x1a48  AppIDSvc - ok
15:59:07.0042 0x1a48  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\Windows\System32\appinfo.dll
15:59:07.0046 0x1a48  Appinfo - ok
15:59:07.0115 0x1a48  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
15:59:07.0118 0x1a48  Apple Mobile Device - ok
15:59:07.0149 0x1a48  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
15:59:07.0158 0x1a48  AppMgmt - ok
15:59:07.0170 0x1a48  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
15:59:07.0173 0x1a48  arc - ok
15:59:07.0188 0x1a48  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
15:59:07.0192 0x1a48  arcsas - ok
15:59:07.0253 0x1a48  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
15:59:07.0272 0x1a48  aspnet_state - ok
15:59:07.0292 0x1a48  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
15:59:07.0294 0x1a48  AsyncMac - ok
15:59:07.0319 0x1a48  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
15:59:07.0320 0x1a48  atapi - ok
15:59:07.0374 0x1a48  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:59:07.0394 0x1a48  AudioEndpointBuilder - ok
15:59:07.0411 0x1a48  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
15:59:07.0421 0x1a48  AudioSrv - ok
15:59:07.0452 0x1a48  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
15:59:07.0455 0x1a48  AxInstSV - ok
15:59:07.0478 0x1a48  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
15:59:07.0487 0x1a48  b06bdrv - ok
15:59:07.0556 0x1a48  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
15:59:07.0580 0x1a48  b57nd60a - ok
15:59:07.0618 0x1a48  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
15:59:07.0623 0x1a48  BDESVC - ok
15:59:07.0644 0x1a48  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
15:59:07.0645 0x1a48  Beep - ok
15:59:07.0709 0x1a48  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
15:59:07.0757 0x1a48  BFE - ok
15:59:07.0813 0x1a48  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
15:59:07.0832 0x1a48  BITS - ok
15:59:07.0843 0x1a48  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
15:59:07.0845 0x1a48  blbdrive - ok
15:59:07.0887 0x1a48  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
15:59:07.0894 0x1a48  Bonjour Service - ok
15:59:07.0912 0x1a48  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
15:59:07.0914 0x1a48  bowser - ok
15:59:07.0924 0x1a48  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:59:07.0925 0x1a48  BrFiltLo - ok
15:59:07.0933 0x1a48  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:59:07.0933 0x1a48  BrFiltUp - ok
15:59:07.0953 0x1a48  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
15:59:07.0955 0x1a48  Browser - ok
15:59:07.0968 0x1a48  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
15:59:07.0974 0x1a48  Brserid - ok
15:59:07.0989 0x1a48  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
15:59:07.0990 0x1a48  BrSerWdm - ok
15:59:07.0993 0x1a48  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
15:59:07.0994 0x1a48  BrUsbMdm - ok
15:59:07.0996 0x1a48  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
15:59:07.0997 0x1a48  BrUsbSer - ok
15:59:08.0004 0x1a48  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
15:59:08.0006 0x1a48  BTHMODEM - ok
15:59:08.0021 0x1a48  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
15:59:08.0023 0x1a48  bthserv - ok
15:59:08.0031 0x1a48  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
15:59:08.0033 0x1a48  cdfs - ok
15:59:08.0054 0x1a48  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
15:59:08.0056 0x1a48  cdrom - ok
15:59:08.0075 0x1a48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
15:59:08.0077 0x1a48  CertPropSvc - ok
15:59:08.0085 0x1a48  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
15:59:08.0087 0x1a48  circlass - ok
15:59:08.0096 0x1a48  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
15:59:08.0104 0x1a48  CLFS - ok
15:59:08.0135 0x1a48  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:59:08.0149 0x1a48  clr_optimization_v2.0.50727_32 - ok
15:59:08.0187 0x1a48  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
15:59:08.0191 0x1a48  clr_optimization_v2.0.50727_64 - ok
15:59:08.0242 0x1a48  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:59:08.0269 0x1a48  clr_optimization_v4.0.30319_32 - ok
15:59:08.0286 0x1a48  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:59:08.0306 0x1a48  clr_optimization_v4.0.30319_64 - ok
15:59:08.0324 0x1a48  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
15:59:08.0326 0x1a48  CmBatt - ok
15:59:08.0356 0x1a48  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
15:59:08.0358 0x1a48  cmdide - ok
15:59:08.0404 0x1a48  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG             C:\Windows\system32\Drivers\cng.sys
15:59:08.0430 0x1a48  CNG - ok
15:59:08.0443 0x1a48  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
15:59:08.0445 0x1a48  Compbatt - ok
15:59:08.0460 0x1a48  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
15:59:08.0462 0x1a48  CompositeBus - ok
15:59:08.0467 0x1a48  COMSysApp - ok
15:59:08.0475 0x1a48  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
15:59:08.0477 0x1a48  crcdisk - ok
15:59:08.0522 0x1a48  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
15:59:08.0531 0x1a48  CryptSvc - ok
15:59:08.0580 0x1a48  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
15:59:08.0595 0x1a48  CSC - ok
15:59:08.0638 0x1a48  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
15:59:08.0655 0x1a48  CscService - ok
15:59:08.0701 0x1a48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
15:59:08.0712 0x1a48  DcomLaunch - ok
15:59:08.0738 0x1a48  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
15:59:08.0745 0x1a48  defragsvc - ok
15:59:08.0773 0x1a48  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
15:59:08.0776 0x1a48  DfsC - ok
15:59:08.0807 0x1a48  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
15:59:08.0815 0x1a48  Dhcp - ok
15:59:08.0825 0x1a48  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
15:59:08.0826 0x1a48  discache - ok
15:59:08.0838 0x1a48  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
15:59:08.0841 0x1a48  Disk - ok
15:59:08.0870 0x1a48  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
15:59:08.0875 0x1a48  Dnscache - ok
15:59:08.0896 0x1a48  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
15:59:08.0902 0x1a48  dot3svc - ok
15:59:08.0934 0x1a48  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
15:59:08.0938 0x1a48  Dot4 - ok
15:59:08.0965 0x1a48  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
15:59:08.0966 0x1a48  Dot4Print - ok
15:59:08.0975 0x1a48  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
15:59:08.0977 0x1a48  dot4usb - ok
15:59:09.0001 0x1a48  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
15:59:09.0005 0x1a48  DPS - ok
15:59:09.0027 0x1a48  drdkclnk - ok
15:59:09.0068 0x1a48  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
15:59:09.0070 0x1a48  drmkaud - ok
15:59:09.0136 0x1a48  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
15:59:09.0174 0x1a48  DXGKrnl - ok
15:59:09.0187 0x1a48  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
15:59:09.0191 0x1a48  EapHost - ok
15:59:09.0292 0x1a48  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
15:59:09.0392 0x1a48  ebdrv - ok
15:59:09.0418 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS             C:\Windows\System32\lsass.exe
15:59:09.0419 0x1a48  EFS - ok
15:59:09.0481 0x1a48  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
15:59:09.0503 0x1a48  ehRecvr - ok
15:59:09.0510 0x1a48  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
15:59:09.0513 0x1a48  ehSched - ok
15:59:09.0538 0x1a48  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
15:59:09.0549 0x1a48  elxstor - ok
15:59:09.0570 0x1a48  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
15:59:09.0571 0x1a48  ErrDev - ok
15:59:09.0593 0x1a48  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
15:59:09.0599 0x1a48  EventSystem - ok
15:59:09.0616 0x1a48  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
15:59:09.0620 0x1a48  exfat - ok
15:59:09.0626 0x1a48  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
15:59:09.0630 0x1a48  fastfat - ok
15:59:09.0665 0x1a48  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
15:59:09.0678 0x1a48  Fax - ok
15:59:09.0705 0x1a48  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
15:59:09.0707 0x1a48  fdc - ok
15:59:09.0724 0x1a48  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
15:59:09.0726 0x1a48  fdPHost - ok
15:59:09.0732 0x1a48  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
15:59:09.0735 0x1a48  FDResPub - ok
15:59:09.0751 0x1a48  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
15:59:09.0755 0x1a48  FileInfo - ok
15:59:09.0764 0x1a48  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
15:59:09.0767 0x1a48  Filetrace - ok
15:59:09.0773 0x1a48  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
15:59:09.0774 0x1a48  flpydisk - ok
15:59:09.0799 0x1a48  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
15:59:09.0806 0x1a48  FltMgr - ok
15:59:09.0859 0x1a48  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\Windows\system32\FntCache.dll
15:59:09.0886 0x1a48  FontCache - ok
15:59:09.0912 0x1a48  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
15:59:09.0914 0x1a48  FontCache3.0.0.0 - ok
15:59:09.0948 0x1a48  [ 9513B437B7ADB1E6065B7F0D83D11ECF, 3CC583C10D177635AD7BBB308AD90232651244EC66D8E93258316C35956C3D50 ] FreeAgentGoNext Service C:\Program Files (x86)\Seagate\SeagateManager\Sync\FreeAgentService.exe
15:59:09.0952 0x1a48  FreeAgentGoNext Service - ok
15:59:09.0964 0x1a48  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
15:59:09.0966 0x1a48  FsDepends - ok
15:59:09.0984 0x1a48  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
15:59:09.0985 0x1a48  Fs_Rec - ok
15:59:10.0012 0x1a48  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
15:59:10.0016 0x1a48  fvevol - ok
15:59:10.0027 0x1a48  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
15:59:10.0029 0x1a48  gagp30kx - ok
15:59:10.0052 0x1a48  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
15:59:10.0054 0x1a48  GEARAspiWDM - ok
15:59:10.0105 0x1a48  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
15:59:10.0130 0x1a48  gpsvc - ok
15:59:10.0185 0x1a48  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
15:59:10.0192 0x1a48  gusvc - ok
15:59:10.0211 0x1a48  gxipitpt - ok
15:59:10.0219 0x1a48  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
15:59:10.0221 0x1a48  hcw85cir - ok
15:59:10.0246 0x1a48  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:59:10.0253 0x1a48  HdAudAddService - ok
15:59:10.0269 0x1a48  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
15:59:10.0272 0x1a48  HDAudBus - ok
15:59:10.0282 0x1a48  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
15:59:10.0283 0x1a48  HidBatt - ok
15:59:10.0297 0x1a48  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
15:59:10.0300 0x1a48  HidBth - ok
15:59:10.0309 0x1a48  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
15:59:10.0310 0x1a48  HidIr - ok
15:59:10.0317 0x1a48  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
15:59:10.0319 0x1a48  hidserv - ok
15:59:10.0360 0x1a48  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
15:59:10.0361 0x1a48  HidUsb - ok
15:59:10.0387 0x1a48  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
15:59:10.0393 0x1a48  hkmsvc - ok
15:59:10.0427 0x1a48  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:59:10.0438 0x1a48  HomeGroupListener - ok
15:59:10.0456 0x1a48  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:59:10.0462 0x1a48  HomeGroupProvider - ok
15:59:10.0505 0x1a48  [ D1E9CB573A9EDF7BE12E9C57F32E97F7, E7E75401F52154EB6328B2064FBCFEA2853D0F7DE0C95F0BDE7071A8FF92E8D8 ] HP LaserJet Service C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
15:59:10.0511 0x1a48  HP LaserJet Service - ok
15:59:10.0535 0x1a48  [ E325F85012E793CEE74B73C4F22AE311, B427ACF55E9FFCC6275B1EA2A6120E8D7B5B589CBBE0D114BB1376CB988B8FFC ] HPFXBULKLEDM    C:\Windows\system32\drivers\hppdbulkio.sys
15:59:10.0537 0x1a48  HPFXBULKLEDM - ok
15:59:10.0560 0x1a48  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
15:59:10.0564 0x1a48  HpSAMD - ok
15:59:10.0592 0x1a48  [ DB7E01D70AE64403D1D32B8DB8F008CA, 3BAA41C1B3880A5BC0393C31BF2F1932271BE995C634A25A111ECBDAEAB76CE2 ] HPSIService     C:\Windows\system32\HPSIsvc.exe
15:59:10.0598 0x1a48  HPSIService - ok
15:59:10.0769 0x1a48  [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC        C:\Users\Globe3\AppData\Local\Temp\7zS6C02\hpslpsvc64.dll
15:59:10.0785 0x1a48  HPSLPSVC - ok
15:59:10.0870 0x1a48  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
15:59:10.0904 0x1a48  HTTP - ok
15:59:10.0929 0x1a48  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
15:59:10.0929 0x1a48  hwpolicy - ok
15:59:10.0955 0x1a48  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
15:59:10.0957 0x1a48  i8042prt - ok
15:59:10.0974 0x1a48  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
15:59:10.0982 0x1a48  iaStorV - ok
15:59:11.0031 0x1a48  [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
15:59:11.0035 0x1a48  IDriverT - ok
15:59:11.0109 0x1a48  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
15:59:11.0141 0x1a48  idsvc - ok
15:59:11.0156 0x1a48  IEEtwCollectorService - ok
15:59:11.0460 0x1a48  [ F4F91789C7C7A159CE8215C1F69F2A85, E60155402FB647B55EAD6B090204A1AA497294D473A7CCF850BB21C0DCCCB49C ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
15:59:11.0746 0x1a48  igfx - ok
15:59:11.0766 0x1a48  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
15:59:11.0767 0x1a48  iirsp - ok
15:59:11.0812 0x1a48  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
15:59:11.0837 0x1a48  IKEEXT - ok
15:59:11.0909 0x1a48  [ A0EAB13A78CC5FB960EC76E3D6408DA3, F536B151EB1F284E8F352A7D8C9C0EBBC2E852E5EB6F0F6C6C313F272CE617FE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
15:59:11.0967 0x1a48  IntcAzAudAddService - ok
15:59:12.0002 0x1a48  [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
15:59:12.0013 0x1a48  IntcDAud - ok
15:59:12.0035 0x1a48  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
15:59:12.0037 0x1a48  intelide - ok
15:59:12.0056 0x1a48  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
15:59:12.0059 0x1a48  intelppm - ok
15:59:12.0094 0x1a48  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
15:59:12.0099 0x1a48  IPBusEnum - ok
15:59:12.0127 0x1a48  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:59:12.0131 0x1a48  IpFilterDriver - ok
15:59:12.0178 0x1a48  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
15:59:12.0205 0x1a48  iphlpsvc - ok
15:59:12.0218 0x1a48  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
15:59:12.0221 0x1a48  IPMIDRV - ok
15:59:12.0233 0x1a48  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
15:59:12.0236 0x1a48  IPNAT - ok
15:59:12.0301 0x1a48  [ 835FC2EA0631B734BB06C12B0665F01D, B8A8B0148C6C3AFC40835B44E3D6508CB9EEE8AC430A7904711C8B51C2116A8D ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
15:59:12.0311 0x1a48  iPod Service - ok
15:59:12.0318 0x1a48  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
15:59:12.0319 0x1a48  IRENUM - ok
15:59:12.0342 0x1a48  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
15:59:12.0343 0x1a48  isapnp - ok
15:59:12.0370 0x1a48  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
15:59:12.0381 0x1a48  iScsiPrt - ok
15:59:12.0403 0x1a48  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
15:59:12.0404 0x1a48  kbdclass - ok
15:59:12.0428 0x1a48  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
15:59:12.0430 0x1a48  kbdhid - ok
15:59:12.0452 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso          C:\Windows\system32\lsass.exe
15:59:12.0455 0x1a48  KeyIso - ok
15:59:12.0464 0x1a48  [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
15:59:12.0469 0x1a48  KSecDD - ok
15:59:12.0485 0x1a48  [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
15:59:12.0489 0x1a48  KSecPkg - ok
15:59:12.0496 0x1a48  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
15:59:12.0497 0x1a48  ksthunk - ok
15:59:12.0513 0x1a48  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
15:59:12.0522 0x1a48  KtmRm - ok
15:59:12.0560 0x1a48  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
15:59:12.0566 0x1a48  LanmanServer - ok
15:59:12.0597 0x1a48  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:59:12.0601 0x1a48  LanmanWorkstation - ok
15:59:12.0616 0x1a48  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
15:59:12.0618 0x1a48  lltdio - ok
15:59:12.0640 0x1a48  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
15:59:12.0648 0x1a48  lltdsvc - ok
15:59:12.0658 0x1a48  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
15:59:12.0660 0x1a48  lmhosts - ok
15:59:12.0673 0x1a48  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
15:59:12.0676 0x1a48  LSI_FC - ok
15:59:12.0686 0x1a48  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
15:59:12.0689 0x1a48  LSI_SAS - ok
15:59:12.0697 0x1a48  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:59:12.0699 0x1a48  LSI_SAS2 - ok
15:59:12.0712 0x1a48  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:59:12.0715 0x1a48  LSI_SCSI - ok
15:59:12.0734 0x1a48  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
15:59:12.0737 0x1a48  luafv - ok
15:59:12.0767 0x1a48  [ F92B0E478C0FAA6D6661E6E977247E60, 8B26B57C2C60C98CD6273ACA126B2CD0356ADB13A59FEC12882357A6B973123C ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
15:59:12.0768 0x1a48  MBAMProtector - ok
15:59:12.0855 0x1a48  [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
15:59:12.0905 0x1a48  MBAMScheduler - ok
15:59:12.0937 0x1a48  [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService     C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
15:59:12.0959 0x1a48  MBAMService - ok
15:59:12.0979 0x1a48  [ 8A50D5304E6AE48664CF5838EC32F647, C76943FABEE1B5E1B641AA610668CCD4227E2C4B191DD30B79D3AB31A9E8B5BE ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
15:59:12.0981 0x1a48  MBAMSwissArmy - ok
15:59:12.0994 0x1a48  [ 15E8ABC06843672955CE26A009533BAD, E7221B7DE9DB45447C68E79C6BFD064713C5974F7E79925BD7DEEF71F73F3E83 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:59:12.0996 0x1a48  MBAMWebAccessControl - ok
15:59:13.0047 0x1a48  [ 1704A8189EE5580AB147CFD25C5C8770, DFA076FD36B5CC844D4BE3B865E9A1F809E14CCB1D78D82A2D8D8EE38210E6EB ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe
15:59:13.0053 0x1a48  McComponentHostService - ok
15:59:13.0069 0x1a48  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
15:59:13.0072 0x1a48  Mcx2Svc - ok
15:59:13.0080 0x1a48  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
15:59:13.0082 0x1a48  megasas - ok
15:59:13.0096 0x1a48  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
15:59:13.0102 0x1a48  MegaSR - ok
15:59:13.0106 0x1a48  mghxsmyw - ok
15:59:13.0109 0x1a48  mjkpwgih - ok
15:59:13.0134 0x1a48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
15:59:13.0136 0x1a48  MMCSS - ok
15:59:13.0142 0x1a48  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
15:59:13.0143 0x1a48  Modem - ok
15:59:13.0150 0x1a48  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
15:59:13.0151 0x1a48  monitor - ok
15:59:13.0161 0x1a48  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
15:59:13.0163 0x1a48  mouclass - ok
15:59:13.0172 0x1a48  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
15:59:13.0173 0x1a48  mouhid - ok
15:59:13.0199 0x1a48  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
15:59:13.0201 0x1a48  mountmgr - ok
15:59:13.0252 0x1a48  [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
15:59:13.0254 0x1a48  MozillaMaintenance - ok
15:59:13.0302 0x1a48  [ 9EB89625A82AC961F25E7C865947BF9A, 91DB9530CDE883DC60BE621AC4210ACD069631D9466E37411D9D6AEE587098D9 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
15:59:13.0314 0x1a48  MpFilter - ok
15:59:13.0343 0x1a48  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
15:59:13.0347 0x1a48  mpio - ok
15:59:13.0372 0x1a48  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
15:59:13.0374 0x1a48  mpsdrv - ok
15:59:13.0414 0x1a48  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
15:59:13.0440 0x1a48  MpsSvc - ok
15:59:13.0468 0x1a48  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
15:59:13.0471 0x1a48  MRxDAV - ok
15:59:13.0507 0x1a48  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
15:59:13.0515 0x1a48  mrxsmb - ok
15:59:13.0545 0x1a48  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:59:13.0552 0x1a48  mrxsmb10 - ok
15:59:13.0566 0x1a48  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:59:13.0569 0x1a48  mrxsmb20 - ok
15:59:13.0599 0x1a48  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
15:59:13.0600 0x1a48  msahci - ok
15:59:13.0625 0x1a48  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
15:59:13.0628 0x1a48  msdsm - ok
15:59:13.0640 0x1a48  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
15:59:13.0643 0x1a48  MSDTC - ok
15:59:13.0656 0x1a48  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
15:59:13.0658 0x1a48  Msfs - ok
15:59:13.0669 0x1a48  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
15:59:13.0670 0x1a48  mshidkmdf - ok
15:59:13.0694 0x1a48  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
15:59:13.0695 0x1a48  msisadrv - ok
15:59:13.0707 0x1a48  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
15:59:13.0711 0x1a48  MSiSCSI - ok
15:59:13.0714 0x1a48  msiserver - ok
15:59:13.0722 0x1a48  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
15:59:13.0723 0x1a48  MSKSSRV - ok
15:59:13.0769 0x1a48  [ 89F2AEDC2788696702141AB82C3E7866, E166CBD8D3C708737C37172221945D8E56C25C2CC750889C3CE14AA2DE750F33 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
15:59:13.0769 0x1a48  MsMpSvc - ok
15:59:13.0777 0x1a48  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
15:59:13.0779 0x1a48  MSPCLOCK - ok
15:59:13.0791 0x1a48  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
15:59:13.0792 0x1a48  MSPQM - ok
15:59:13.0827 0x1a48  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
15:59:13.0838 0x1a48  MsRPC - ok
15:59:13.0860 0x1a48  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
15:59:13.0862 0x1a48  mssmbios - ok
15:59:13.0865 0x1a48  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
15:59:13.0866 0x1a48  MSTEE - ok
15:59:13.0878 0x1a48  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
15:59:13.0879 0x1a48  MTConfig - ok
15:59:13.0884 0x1a48  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
15:59:13.0887 0x1a48  Mup - ok
15:59:13.0907 0x1a48  [ F1B096BF8C2A7A5A1E42DC5A13E35952, C454D475966FFBE75D57BF9F2E1442D7F2C97CF904823C6F9D5BB55EAED9752E ] mvusbews        C:\Windows\system32\Drivers\mvusbews.sys
15:59:13.0908 0x1a48  mvusbews - ok
15:59:13.0947 0x1a48  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
15:59:13.0966 0x1a48  napagent - ok
15:59:13.0992 0x1a48  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
15:59:14.0000 0x1a48  NativeWifiP - ok
15:59:14.0053 0x1a48  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
15:59:14.0087 0x1a48  NDIS - ok
15:59:14.0098 0x1a48  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
15:59:14.0100 0x1a48  NdisCap - ok
15:59:14.0107 0x1a48  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
15:59:14.0108 0x1a48  NdisTapi - ok
15:59:14.0131 0x1a48  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
15:59:14.0133 0x1a48  Ndisuio - ok
15:59:14.0158 0x1a48  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
15:59:14.0163 0x1a48  NdisWan - ok
15:59:14.0176 0x1a48  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
15:59:14.0178 0x1a48  NDProxy - ok
15:59:14.0231 0x1a48  [ 96B7E07030A61614054A76AD1EBAFF08, 78D8238ECC1955DCA3DDF8752934AB72367EEBC8939E05E8982152FD44D83A82 ] Neat Startup Service C:\Program Files (x86)\Neat\exec\NeatStartupService.exe
15:59:14.0232 0x1a48  Neat Startup Service - ok
15:59:14.0292 0x1a48  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
15:59:14.0297 0x1a48  Net Driver HPZ12 - ok
15:59:14.0306 0x1a48  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
15:59:14.0309 0x1a48  NetBIOS - ok
15:59:14.0342 0x1a48  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
15:59:14.0350 0x1a48  NetBT - ok
15:59:14.0360 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon        C:\Windows\system32\lsass.exe
15:59:14.0362 0x1a48  Netlogon - ok
15:59:14.0382 0x1a48  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
15:59:14.0394 0x1a48  Netman - ok
15:59:14.0446 0x1a48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:14.0454 0x1a48  NetMsmqActivator - ok
15:59:14.0472 0x1a48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
15:59:14.0478 0x1a48  NetPipeActivator - ok
15:59:14.0496 0x1a48  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
15:59:14.0509 0x1a48  netprofm - ok

 

Link to post
Share on other sites

And the second part:

 

15:59:14.0515 0x1a48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:59:14.0518 0x1a48  NetTcpActivator - ok

15:59:14.0523 0x1a48  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

15:59:14.0525 0x1a48  NetTcpPortSharing - ok

15:59:14.0544 0x1a48  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys

15:59:14.0546 0x1a48  nfrd960 - ok

15:59:14.0572 0x1a48  [ C3E0696C3B42F694C5822776AA6FFFDF, 80C3DEC2C48500F96C9E677450EFC1ADA9FE9FBB70F4CC2D7D9244B1A515418B ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys

15:59:14.0575 0x1a48  NisDrv - ok

15:59:14.0616 0x1a48  [ DCEE3592299B2229A0DB98CB415059A2, 709AAA095DF44DDCB6159CE1635AB05EC666D845445790E569F56B297DC64AC3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe

15:59:14.0629 0x1a48  NisSrv - ok

15:59:14.0652 0x1a48  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll

15:59:14.0659 0x1a48  NlaSvc - ok

15:59:14.0663 0x1a48  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys

15:59:14.0664 0x1a48  Npfs - ok

15:59:14.0673 0x1a48  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll

15:59:14.0675 0x1a48  nsi - ok

15:59:14.0684 0x1a48  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys

15:59:14.0685 0x1a48  nsiproxy - ok

15:59:14.0749 0x1a48  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys

15:59:14.0789 0x1a48  Ntfs - ok

15:59:14.0793 0x1a48  ntlbvnii - ok

15:59:14.0796 0x1a48  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys

15:59:14.0797 0x1a48  Null - ok

15:59:14.0815 0x1a48  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys

15:59:14.0818 0x1a48  nvraid - ok

15:59:14.0848 0x1a48  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys

15:59:14.0856 0x1a48  nvstor - ok

15:59:14.0882 0x1a48  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys

15:59:14.0887 0x1a48  nv_agp - ok

15:59:14.0961 0x1a48  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

15:59:14.0980 0x1a48  odserv - ok

15:59:15.0006 0x1a48  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys

15:59:15.0009 0x1a48  ohci1394 - ok

15:59:15.0032 0x1a48  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

15:59:15.0037 0x1a48  ose - ok

15:59:15.0056 0x1a48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll

15:59:15.0064 0x1a48  p2pimsvc - ok

15:59:15.0084 0x1a48  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll

15:59:15.0093 0x1a48  p2psvc - ok

15:59:15.0101 0x1a48  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys

15:59:15.0103 0x1a48  Parport - ok

15:59:15.0129 0x1a48  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys

15:59:15.0131 0x1a48  partmgr - ok

15:59:15.0141 0x1a48  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll

15:59:15.0145 0x1a48  PcaSvc - ok

15:59:15.0157 0x1a48  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys

15:59:15.0161 0x1a48  pci - ok

15:59:15.0186 0x1a48  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys

15:59:15.0187 0x1a48  pciide - ok

15:59:15.0198 0x1a48  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys

15:59:15.0203 0x1a48  pcmcia - ok

15:59:15.0210 0x1a48  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys

15:59:15.0212 0x1a48  pcw - ok

15:59:15.0263 0x1a48  [ 9622B23612A8912B95AB0D4D5B01461F, 362AE5CC2AC90C60E49CDB4B0AB6313106DF26ACD8ADF13EAF25779B023719C0 ] Peachtree SmartPosting 2011 C:\Program Files (x86)\Sage\Peachtree\SmartPostingService2011.exe

15:59:15.0297 0x1a48  Peachtree SmartPosting 2011 - ok

15:59:15.0341 0x1a48  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys

15:59:15.0368 0x1a48  PEAUTH - ok

15:59:15.0429 0x1a48  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll

15:59:15.0471 0x1a48  PeerDistSvc - ok

15:59:15.0526 0x1a48  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe

15:59:15.0529 0x1a48  PerfHost - ok

15:59:15.0601 0x1a48  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll

15:59:15.0647 0x1a48  pla - ok

15:59:15.0689 0x1a48  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll

15:59:15.0697 0x1a48  PlugPlay - ok

15:59:15.0729 0x1a48  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

15:59:15.0731 0x1a48  Pml Driver HPZ12 - ok

15:59:15.0742 0x1a48  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll

15:59:15.0744 0x1a48  PNRPAutoReg - ok

15:59:15.0762 0x1a48  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll

15:59:15.0767 0x1a48  PNRPsvc - ok

15:59:15.0790 0x1a48  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll

15:59:15.0800 0x1a48  PolicyAgent - ok

15:59:15.0816 0x1a48  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll

15:59:15.0821 0x1a48  Power - ok

15:59:15.0841 0x1a48  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys

15:59:15.0844 0x1a48  PptpMiniport - ok

15:59:15.0858 0x1a48  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys

15:59:15.0859 0x1a48  Processor - ok

15:59:15.0881 0x1a48  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc         C:\Windows\system32\profsvc.dll

15:59:15.0886 0x1a48  ProfSvc - ok

15:59:15.0893 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe

15:59:15.0895 0x1a48  ProtectedStorage - ok

15:59:15.0925 0x1a48  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys

15:59:15.0928 0x1a48  Psched - ok

15:59:15.0982 0x1a48  [ 2BBFA874B938A9435B82A538DDACB546, D1F32BC3032AD9CCE81DF9826ADAE1014343188EE060814F7410557CCBAA56C0 ] psqlWGE         C:\Program Files (x86)\Pervasive Software\PSQL\bin\w3dbsmgr.exe

15:59:15.0991 0x1a48  psqlWGE - ok

15:59:16.0038 0x1a48  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys

15:59:16.0080 0x1a48  ql2300 - ok

15:59:16.0096 0x1a48  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys

15:59:16.0099 0x1a48  ql40xx - ok

15:59:16.0109 0x1a48  qsruapze - ok

15:59:16.0122 0x1a48  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll

15:59:16.0128 0x1a48  QWAVE - ok

15:59:16.0140 0x1a48  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys

15:59:16.0142 0x1a48  QWAVEdrv - ok

15:59:16.0152 0x1a48  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys

15:59:16.0153 0x1a48  RasAcd - ok

15:59:16.0167 0x1a48  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys

15:59:16.0169 0x1a48  RasAgileVpn - ok

15:59:16.0182 0x1a48  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll

15:59:16.0185 0x1a48  RasAuto - ok

15:59:16.0210 0x1a48  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys

15:59:16.0213 0x1a48  Rasl2tp - ok

15:59:16.0237 0x1a48  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll

15:59:16.0245 0x1a48  RasMan - ok

15:59:16.0255 0x1a48  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys

15:59:16.0257 0x1a48  RasPppoe - ok

15:59:16.0271 0x1a48  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys

15:59:16.0273 0x1a48  RasSstp - ok

15:59:16.0285 0x1a48  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys

15:59:16.0291 0x1a48  rdbss - ok

15:59:16.0302 0x1a48  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys

15:59:16.0303 0x1a48  rdpbus - ok

15:59:16.0319 0x1a48  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys

15:59:16.0319 0x1a48  RDPCDD - ok

15:59:16.0349 0x1a48  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys

15:59:16.0353 0x1a48  RDPDR - ok

15:59:16.0358 0x1a48  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys

15:59:16.0359 0x1a48  RDPENCDD - ok

15:59:16.0366 0x1a48  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys

15:59:16.0367 0x1a48  RDPREFMP - ok

15:59:16.0389 0x1a48  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

15:59:16.0390 0x1a48  RdpVideoMiniport - ok

15:59:16.0417 0x1a48  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys

15:59:16.0425 0x1a48  RDPWD - ok

15:59:16.0459 0x1a48  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys

15:59:16.0475 0x1a48  rdyboost - ok

15:59:16.0490 0x1a48  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll

15:59:16.0494 0x1a48  RemoteAccess - ok

15:59:16.0508 0x1a48  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll

15:59:16.0514 0x1a48  RemoteRegistry - ok

15:59:16.0525 0x1a48  RimUsb - ok

15:59:16.0553 0x1a48  [ C903D49655B4AAE46673F0AAA6BE0F58, 0F861775323CC1792A4A4B43D6375532D982FBC9FCC03184B55101A2A579A832 ] RimVSerPort     C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys

15:59:16.0555 0x1a48  RimVSerPort - ok

15:59:16.0570 0x1a48  [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM       C:\Windows\system32\Drivers\RootMdm.sys

15:59:16.0572 0x1a48  ROOTMODEM - ok

15:59:16.0576 0x1a48  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll

15:59:16.0579 0x1a48  RpcEptMapper - ok

15:59:16.0609 0x1a48  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe

15:59:16.0610 0x1a48  RpcLocator - ok

15:59:16.0653 0x1a48  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll

15:59:16.0678 0x1a48  RpcSs - ok

15:59:16.0695 0x1a48  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys

15:59:16.0697 0x1a48  rspndr - ok

15:59:16.0733 0x1a48  [ 66F9F7161D147B6486A22FEB9425930D, A628BEEE900A3B75104FD73F0BF4728A121A90580340538C9654FEF3B2CC9929 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys

15:59:16.0740 0x1a48  RTL8167 - ok

15:59:16.0752 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs           C:\Windows\system32\lsass.exe

15:59:16.0753 0x1a48  SamSs - ok

15:59:16.0775 0x1a48  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys

15:59:16.0778 0x1a48  sbp2port - ok

15:59:16.0837 0x1a48  [ 794D4B48DFB6E999537C7C3947863463, 93DA8AA20D6B02A3360E7F56150F126E75266E9372E6409D42B89DA588EF49C3 ] SBSDWSCService  C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe

15:59:16.0871 0x1a48  SBSDWSCService - ok

15:59:16.0889 0x1a48  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll

15:59:16.0894 0x1a48  SCardSvr - ok

15:59:16.0917 0x1a48  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys

15:59:16.0918 0x1a48  scfilter - ok

15:59:16.0986 0x1a48  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll

15:59:17.0017 0x1a48  Schedule - ok

15:59:17.0042 0x1a48  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll

15:59:17.0044 0x1a48  SCPolicySvc - ok

15:59:17.0073 0x1a48  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll

15:59:17.0081 0x1a48  SDRSVC - ok

15:59:17.0093 0x1a48  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys

15:59:17.0095 0x1a48  secdrv - ok

15:59:17.0115 0x1a48  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll

15:59:17.0117 0x1a48  seclogon - ok

15:59:17.0132 0x1a48  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll

15:59:17.0135 0x1a48  SENS - ok

15:59:17.0147 0x1a48  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll

15:59:17.0149 0x1a48  SensrSvc - ok

15:59:17.0153 0x1a48  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys

15:59:17.0154 0x1a48  Serenum - ok

15:59:17.0159 0x1a48  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys

15:59:17.0162 0x1a48  Serial - ok

15:59:17.0184 0x1a48  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys

15:59:17.0185 0x1a48  sermouse - ok

15:59:17.0219 0x1a48  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll

15:59:17.0223 0x1a48  SessionEnv - ok

15:59:17.0239 0x1a48  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys

15:59:17.0240 0x1a48  sffdisk - ok

15:59:17.0246 0x1a48  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys

15:59:17.0247 0x1a48  sffp_mmc - ok

15:59:17.0250 0x1a48  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys

15:59:17.0252 0x1a48  sffp_sd - ok

15:59:17.0265 0x1a48  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys

15:59:17.0266 0x1a48  sfloppy - ok

15:59:17.0289 0x1a48  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll

15:59:17.0298 0x1a48  SharedAccess - ok

15:59:17.0326 0x1a48  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

15:59:17.0334 0x1a48  ShellHWDetection - ok

15:59:17.0350 0x1a48  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys

15:59:17.0351 0x1a48  SiSRaid2 - ok

15:59:17.0361 0x1a48  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys

15:59:17.0363 0x1a48  SiSRaid4 - ok

15:59:17.0383 0x1a48  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys

15:59:17.0386 0x1a48  Smb - ok

15:59:17.0391 0x1a48  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe

15:59:17.0393 0x1a48  SNMPTRAP - ok

15:59:17.0408 0x1a48  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys

15:59:17.0410 0x1a48  spldr - ok

15:59:17.0456 0x1a48  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe

15:59:17.0480 0x1a48  Spooler - ok

15:59:17.0603 0x1a48  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe

15:59:17.0708 0x1a48  sppsvc - ok

15:59:17.0715 0x1a48  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll

15:59:17.0717 0x1a48  sppuinotify - ok

15:59:17.0741 0x1a48  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys

15:59:17.0750 0x1a48  srv - ok

15:59:17.0774 0x1a48  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys

15:59:17.0782 0x1a48  srv2 - ok

15:59:17.0797 0x1a48  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys

15:59:17.0801 0x1a48  srvnet - ok

15:59:17.0812 0x1a48  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll

15:59:17.0817 0x1a48  SSDPSRV - ok

15:59:17.0824 0x1a48  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll

15:59:17.0827 0x1a48  SstpSvc - ok

15:59:17.0844 0x1a48  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys

15:59:17.0846 0x1a48  stexstor - ok

15:59:17.0883 0x1a48  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\drivers\serscan.sys

15:59:17.0885 0x1a48  StillCam - ok

15:59:17.0934 0x1a48  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll

15:59:17.0957 0x1a48  stisvc - ok

15:59:17.0981 0x1a48  [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc         C:\Windows\system32\storsvc.dll

15:59:17.0984 0x1a48  StorSvc - ok

15:59:18.0013 0x1a48  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys

15:59:18.0015 0x1a48  swenum - ok

15:59:18.0032 0x1a48  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll

15:59:18.0048 0x1a48  swprv - ok

15:59:18.0109 0x1a48  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll

15:59:18.0151 0x1a48  SysMain - ok

15:59:18.0178 0x1a48  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

15:59:18.0181 0x1a48  TabletInputService - ok

15:59:18.0208 0x1a48  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll

15:59:18.0215 0x1a48  TapiSrv - ok

15:59:18.0221 0x1a48  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll

15:59:18.0224 0x1a48  TBS - ok

15:59:18.0288 0x1a48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys

15:59:18.0339 0x1a48  Tcpip - ok

15:59:18.0379 0x1a48  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys

15:59:18.0410 0x1a48  TCPIP6 - ok

15:59:18.0437 0x1a48  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys

15:59:18.0438 0x1a48  tcpipreg - ok

15:59:18.0444 0x1a48  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys

15:59:18.0445 0x1a48  TDPIPE - ok

15:59:18.0466 0x1a48  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys

15:59:18.0467 0x1a48  TDTCP - ok

15:59:18.0496 0x1a48  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys

15:59:18.0502 0x1a48  tdx - ok

15:59:18.0514 0x1a48  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys

15:59:18.0518 0x1a48  TermDD - ok

15:59:18.0572 0x1a48  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll

15:59:18.0585 0x1a48  TermService - ok

15:59:18.0595 0x1a48  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll

15:59:18.0598 0x1a48  Themes - ok

15:59:18.0611 0x1a48  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll

15:59:18.0613 0x1a48  THREADORDER - ok

15:59:18.0628 0x1a48  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll

15:59:18.0631 0x1a48  TrkWks - ok

15:59:18.0679 0x1a48  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

15:59:18.0688 0x1a48  TrustedInstaller - ok

15:59:18.0712 0x1a48  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys

15:59:18.0714 0x1a48  tssecsrv - ok

15:59:18.0740 0x1a48  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys

15:59:18.0742 0x1a48  TsUsbFlt - ok

15:59:18.0776 0x1a48  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys

15:59:18.0780 0x1a48  tunnel - ok

15:59:18.0790 0x1a48  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys

15:59:18.0792 0x1a48  uagp35 - ok

15:59:18.0810 0x1a48  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys

15:59:18.0820 0x1a48  udfs - ok

15:59:18.0835 0x1a48  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe

15:59:18.0839 0x1a48  UI0Detect - ok

15:59:18.0848 0x1a48  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys

15:59:18.0850 0x1a48  uliagpkx - ok

15:59:18.0874 0x1a48  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys

15:59:18.0876 0x1a48  umbus - ok

15:59:18.0886 0x1a48  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys

15:59:18.0886 0x1a48  UmPass - ok

15:59:18.0893 0x1a48  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll

15:59:18.0899 0x1a48  UmRdpService - ok

15:59:18.0919 0x1a48  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll

15:59:18.0927 0x1a48  upnphost - ok

15:59:18.0947 0x1a48  [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys

15:59:18.0948 0x1a48  USBAAPL64 - ok

15:59:18.0966 0x1a48  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys

15:59:18.0969 0x1a48  usbccgp - ok

15:59:18.0997 0x1a48  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys

15:59:19.0000 0x1a48  usbcir - ok

15:59:19.0026 0x1a48  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\drivers\usbehci.sys

15:59:19.0027 0x1a48  usbehci - ok

15:59:19.0051 0x1a48  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys

15:59:19.0058 0x1a48  usbhub - ok

15:59:19.0079 0x1a48  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys

15:59:19.0080 0x1a48  usbohci - ok

15:59:19.0098 0x1a48  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys

15:59:19.0099 0x1a48  usbprint - ok

15:59:19.0128 0x1a48  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\drivers\usbscan.sys

15:59:19.0129 0x1a48  usbscan - ok

15:59:19.0146 0x1a48  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS

15:59:19.0151 0x1a48  USBSTOR - ok

15:59:19.0181 0x1a48  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys

15:59:19.0182 0x1a48  usbuhci - ok

15:59:19.0193 0x1a48  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll

15:59:19.0195 0x1a48  UxSms - ok

15:59:19.0201 0x1a48  [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc        C:\Windows\system32\lsass.exe

15:59:19.0203 0x1a48  VaultSvc - ok

15:59:19.0207 0x1a48  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys

15:59:19.0208 0x1a48  vdrvroot - ok

15:59:19.0233 0x1a48  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe

15:59:19.0246 0x1a48  vds - ok

15:59:19.0265 0x1a48  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys

15:59:19.0266 0x1a48  vga - ok

15:59:19.0275 0x1a48  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys

15:59:19.0276 0x1a48  VgaSave - ok

15:59:19.0309 0x1a48  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys

15:59:19.0314 0x1a48  vhdmp - ok

15:59:19.0334 0x1a48  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys

15:59:19.0335 0x1a48  viaide - ok

15:59:19.0346 0x1a48  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys

15:59:19.0348 0x1a48  volmgr - ok

15:59:19.0382 0x1a48  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys

15:59:19.0397 0x1a48  volmgrx - ok

15:59:19.0413 0x1a48  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys

15:59:19.0421 0x1a48  volsnap - ok

15:59:19.0436 0x1a48  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys

15:59:19.0440 0x1a48  vsmraid - ok

15:59:19.0531 0x1a48  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe

15:59:19.0579 0x1a48  VSS - ok

15:59:19.0613 0x1a48  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys

15:59:19.0614 0x1a48  vwifibus - ok

15:59:19.0639 0x1a48  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll

15:59:19.0664 0x1a48  W32Time - ok

15:59:19.0681 0x1a48  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys

15:59:19.0683 0x1a48  WacomPen - ok

15:59:19.0712 0x1a48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys

15:59:19.0716 0x1a48  WANARP - ok

15:59:19.0721 0x1a48  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys

15:59:19.0723 0x1a48  Wanarpv6 - ok

15:59:19.0792 0x1a48  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe

15:59:19.0834 0x1a48  WatAdminSvc - ok

15:59:19.0903 0x1a48  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe

15:59:19.0952 0x1a48  wbengine - ok

15:59:19.0963 0x1a48  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll

15:59:19.0968 0x1a48  WbioSrvc - ok

15:59:20.0005 0x1a48  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll

15:59:20.0013 0x1a48  wcncsvc - ok

15:59:20.0025 0x1a48  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

15:59:20.0027 0x1a48  WcsPlugInService - ok

15:59:20.0037 0x1a48  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys

15:59:20.0038 0x1a48  Wd - ok

15:59:20.0087 0x1a48  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys

15:59:20.0109 0x1a48  Wdf01000 - ok

15:59:20.0138 0x1a48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll

15:59:20.0141 0x1a48  WdiServiceHost - ok

15:59:20.0147 0x1a48  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll

15:59:20.0150 0x1a48  WdiSystemHost - ok

15:59:20.0184 0x1a48  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll

15:59:20.0190 0x1a48  WebClient - ok

15:59:20.0209 0x1a48  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll

15:59:20.0214 0x1a48  Wecsvc - ok

15:59:20.0219 0x1a48  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll

15:59:20.0221 0x1a48  wercplsupport - ok

15:59:20.0240 0x1a48  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll

15:59:20.0243 0x1a48  WerSvc - ok

15:59:20.0253 0x1a48  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys

15:59:20.0254 0x1a48  WfpLwf - ok

15:59:20.0266 0x1a48  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys

15:59:20.0267 0x1a48  WIMMount - ok

15:59:20.0289 0x1a48  WinDefend - ok

15:59:20.0296 0x1a48  WinHttpAutoProxySvc - ok

15:59:20.0331 0x1a48  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll

15:59:20.0336 0x1a48  Winmgmt - ok

15:59:20.0392 0x1a48  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll

15:59:20.0442 0x1a48  WinRM - ok

15:59:20.0480 0x1a48  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys

15:59:20.0482 0x1a48  WinUsb - ok

15:59:20.0509 0x1a48  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll

15:59:20.0535 0x1a48  Wlansvc - ok

15:59:20.0562 0x1a48  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys

15:59:20.0563 0x1a48  WmiAcpi - ok

15:59:20.0576 0x1a48  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe

15:59:20.0580 0x1a48  wmiApSrv - ok

15:59:20.0593 0x1a48  WMPNetworkSvc - ok

15:59:20.0658 0x1a48  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files\Zune\WMZuneComm.exe

15:59:20.0669 0x1a48  WMZuneComm - ok

15:59:20.0677 0x1a48  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll

15:59:20.0679 0x1a48  WPCSvc - ok

15:59:20.0691 0x1a48  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll

15:59:20.0696 0x1a48  WPDBusEnum - ok

15:59:20.0708 0x1a48  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys

15:59:20.0709 0x1a48  ws2ifsl - ok

15:59:20.0731 0x1a48  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll

15:59:20.0734 0x1a48  wscsvc - ok

15:59:20.0763 0x1a48  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys

15:59:20.0764 0x1a48  WSDPrintDevice - ok

15:59:20.0766 0x1a48  WSearch - ok

15:59:20.0846 0x1a48  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll

15:59:20.0906 0x1a48  wuauserv - ok

15:59:20.0931 0x1a48  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys

15:59:20.0934 0x1a48  WudfPf - ok

15:59:20.0947 0x1a48  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys

15:59:20.0952 0x1a48  WUDFRd - ok

15:59:20.0976 0x1a48  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll

15:59:20.0979 0x1a48  wudfsvc - ok

15:59:21.0006 0x1a48  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll

15:59:21.0012 0x1a48  WwanSvc - ok

15:59:21.0245 0x1a48  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files\Zune\ZuneNss.exe

15:59:21.0454 0x1a48  ZuneNetworkSvc - ok

15:59:21.0496 0x1a48  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files\Zune\ZuneWlanCfgSvc.exe

15:59:21.0505 0x1a48  ZuneWlanCfgSvc - ok

15:59:21.0513 0x1a48  ================ Scan global ===============================

15:59:21.0530 0x1a48  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

15:59:21.0553 0x1a48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:59:21.0575 0x1a48  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

15:59:21.0594 0x1a48  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

15:59:21.0607 0x1a48  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

15:59:21.0614 0x1a48  [ Global ] - ok

15:59:21.0614 0x1a48  ================ Scan MBR ==================================

15:59:21.0629 0x1a48  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0

15:59:21.0830 0x1a48  \Device\Harddisk0\DR0 - ok

15:59:21.0831 0x1a48  ================ Scan VBR ==================================

15:59:21.0834 0x1a48  [ B976EE8D93D0A80CD574228CA879E636 ] \Device\Harddisk0\DR0\Partition1

15:59:21.0872 0x1a48  \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )

15:59:21.0872 0x1a48  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected

15:59:25.0481 0x1a48  [ E2F82B000F1989B09FFC5FF8EBBA3CAC ] \Device\Harddisk0\DR0\Partition2

15:59:25.0520 0x1a48  \Device\Harddisk0\DR0\Partition2 - ok

15:59:25.0520 0x1a48  ================ Scan generic autorun ======================

15:59:25.0813 0x1a48  [ 73E7DAFAA77FC23F8139F87BA96D7FC5, 6C6A1D81A87D475819901E213753E84DE0E5C5AB37DE5FF200A0C753015E091B ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

15:59:26.0069 0x1a48  RtHDVCpl - ok

15:59:26.0106 0x1a48  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files\Zune\ZuneLauncher.exe

15:59:26.0109 0x1a48  Zune Launcher - ok

15:59:26.0131 0x1a48  [ 810A5F70CEB063CEC85360394BEC2C56, FCC289B23B2347AD7C34B48E6EFB1914B5ED8D9DD397B0816D94747B168DFD64 ] C:\Windows\system32\igfxtray.exe

15:59:26.0134 0x1a48  IgfxTray - ok

15:59:26.0150 0x1a48  [ 2FE8F6A30802B69A3F501607F346DEEA, CD603DB6055861E9EAD397234120FBE0D3CACEFADB0D6001099CF0DA9DF1CC34 ] C:\Windows\system32\hkcmd.exe

15:59:26.0156 0x1a48  HotKeysCmds - ok

15:59:26.0175 0x1a48  [ CA1941B93BA45B7EA4D7D9F451B25C84, B0648762862931CB12004C92CD7A7EF8E3B1C14DD33C980A490D8AA56F7AA723 ] C:\Windows\system32\igfxpers.exe

15:59:26.0183 0x1a48  Persistence - ok

15:59:26.0260 0x1a48  [ 569AC1376B12D4083FC66CC7A304F234, DD209F09573F10A77D710E30EF3D0461D2E8F4E5F18106B18EFB587C88393460 ] c:\Program Files\Microsoft Security Client\msseces.exe

15:59:26.0284 0x1a48  MSC - ok

15:59:26.0294 0x1a48  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe

15:59:26.0296 0x1a48  Logitech Download Assistant - ok

15:59:26.0298 0x1a48  AutorunReload - ok

15:59:26.0321 0x1a48  [ 473E323057CF9893D7E8C1E2D0CCED23, 30181735805B6F61DE0BD004DB53235F560FC21C7BEE7913B6AA56D2AA2ECBB6 ] C:\Program Files (x86)\Seagate\SeagateManager\FreeAgent Status\StxMenuMgr.exe

15:59:26.0325 0x1a48  MaxMenuMgr - ok

15:59:26.0359 0x1a48  [ 3AE689BED298F7A53976C814806FC170, 5D5A1D3C4D9BD401FFC21099E345A9F70470C15B849BDCF19E7ED9DD792D9C11 ] C:\Windows\SSDriver\fi5110\SsWiaChecker.exe

15:59:26.0361 0x1a48  ScanSnap WIA Service Checker - ok

15:59:26.0400 0x1a48  [ 94A4D6915D4F572309DF6137E1846528, E46BDF83CAA6683AA655DBA3D2C8DC7AC06251E952466A20CFDA3A16B1840455 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe

15:59:26.0402 0x1a48  APSDaemon - ok

15:59:26.0459 0x1a48  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

15:59:26.0492 0x1a48  Adobe ARM - ok

15:59:26.0541 0x1a48  [ EFD12B98687D88C7651FCF678E882C8F, D5D63A70AAD4FC40B65049DB95F92AE4DCB9A7DB3751DA399DB0DF85956680B5 ] C:\Program Files (x86)\Sage\Peachtree\PeachtreePrefetcher.exe

15:59:26.0542 0x1a48  PeachtreePrefetcher.exe - ok

15:59:26.0578 0x1a48  [ 10923CB228E1E591AC238C3C437BDF75, 563F5AA3A974CEAAE9DBB77DB215722C77F9AB4D174A3F6BEF18676D6C1F8FC5 ] C:\Program Files (x86)\HP\ToolboxFX\bin\HPTLBXFX.exe

15:59:26.0580 0x1a48  ToolboxFX - ok

15:59:26.0644 0x1a48  [ 52D28AE9E168BA60F2DFA00EDD101B14, 641D10FB34721F955684459C764083A9E499BC48A58BCFB8BA65401E4424BB76 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe

15:59:26.0647 0x1a48  RIMBBLaunchAgent.exe - ok

15:59:26.0692 0x1a48  [ CE5C9977DA751DDC30952AC4DCBCA788, 295172C4681E9AC27121122CDD2BA6F2A62435917A083CC8490D584CA0164BE6 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe

15:59:26.0694 0x1a48  HP Software Update - ok

15:59:26.0731 0x1a48  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

15:59:26.0741 0x1a48  SunJavaUpdateSched - ok

15:59:26.0798 0x1a48  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe

15:59:26.0821 0x1a48  QuickTime Task - ok

15:59:26.0868 0x1a48  [ D2E3E6D94A9E1CFA1561D9C748136FD0, C8CD851F1872086D18A329B47C7DEFAD2CE2E3A8F4321411247D06D07B2DB1D3 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe

15:59:26.0874 0x1a48  iTunesHelper - ok

15:59:26.0891 0x1a48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:59:26.0896 0x1a48  mctadmin - ok

15:59:26.0973 0x1a48  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe

15:59:27.0005 0x1a48  Sidebar - ok

15:59:27.0010 0x1a48  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe

15:59:27.0012 0x1a48  mctadmin - ok

15:59:27.0069 0x1a48  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Users\Globe3\AppData\Local\Google\Update\GoogleUpdate.exe

15:59:27.0075 0x1a48  Google Update - ok

15:59:27.0213 0x1a48  [ BD13B6E4F250358DCE617047FF3512D4, C7D3291191B4D76738C291B582ECF97D538FFCAE1D23B5F594AA237022FD82E7 ] C:\Program Files\HP\HP ENVY 110 series\Bin\ScanToPCActivationApp.exe

15:59:27.0274 0x1a48  HP ENVY 110 series (NET) - ok

15:59:27.0351 0x1a48  [ 390679F7A217A5E73D756276C40AE887, 3EDFB645B2F58864E653C66516D6D48C4F9D691CFD51D91D4D88E316EE7B7177 ] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe

15:59:27.0400 0x1a48  SpybotSD TeaTimer - ok

15:59:27.0402 0x1a48  Waiting for KSN requests completion. In queue: 333

15:59:28.0403 0x1a48  Waiting for KSN requests completion. In queue: 24

15:59:29.0403 0x1a48  Waiting for KSN requests completion. In queue: 24

15:59:30.0403 0x1a48  Waiting for KSN requests completion. In queue: 24

15:59:31.0426 0x1a48  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )

15:59:31.0432 0x1a48  Win FW state via NFP2: enabled

15:59:34.0315 0x1a48  ============================================================

15:59:34.0315 0x1a48  Scan finished

15:59:34.0315 0x1a48  ============================================================

15:59:34.0327 0x14b4  Detected object count: 1

15:59:34.0327 0x14b4  Actual detected object count: 1

15:59:49.0733 0x14b4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user

15:59:49.0733 0x14b4  \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip 

15:59:53.0110 0x13ec  Deinitialize success
Link to post
Share on other sites

Run TDSSKiller again exactly as before, this time select "Cure" on the rootkit and follow the prompts, select continue then reboot to complete....

 

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

Next,

 

Open Malwarebytes 2.0, run a Threat Scan

 


On the Dashboard, click the 'Update Now >>' link
After the update completes, click the 'Scan Now >>' button.
Or, on the Dashboard, click the Scan Now >> button.
If an update is available, click the Update Now button.
A Threat Scan will begin.
When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
In most cases, a restart will be required.
Wait for the prompt to restart the computer to appear, then click on Yes.

 

Post log:

 


After the restart once you are back at your desktop, open MBAM once more.
Click on the History tab > Application Logs.
Double click on the scan log which shows the Date and time of the scan just performed.
Click 'Copy to Clipboard'
Paste the contents of the clipboard into your reply.

 

Let me see both logs, give an update any remaining issues or concerns...

 

Kevin

Link to post
Share on other sites

TDS Killer log, didn't return any positives:

 

16:53:03.0926 0x0d20  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
16:53:04.0332 0x0d20  ============================================================
16:53:04.0332 0x0d20  Current date / time: 2014/07/05 16:53:04.0332
16:53:04.0332 0x0d20  SystemInfo:
16:53:04.0332 0x0d20  
16:53:04.0332 0x0d20  OS Version: 6.1.7601 ServicePack: 1.0
16:53:04.0332 0x0d20  Product type: Workstation
16:53:04.0332 0x0d20  ComputerName: MOMPC2
16:53:04.0332 0x0d20  UserName: Globe3
16:53:04.0332 0x0d20  Windows directory: C:\Windows
16:53:04.0332 0x0d20  System windows directory: C:\Windows
16:53:04.0332 0x0d20  Running under WOW64
16:53:04.0332 0x0d20  Processor architecture: Intel x64
16:53:04.0332 0x0d20  Number of processors: 4
16:53:04.0332 0x0d20  Page size: 0x1000
16:53:04.0332 0x0d20  Boot type: Normal boot
16:53:04.0332 0x0d20  ============================================================
16:53:04.0332 0x0d20  BG loaded
16:53:05.0305 0x0d20  System UUID: {9994F604-BBB4-DD0B-E803-57194CE0B45C}
16:53:06.0742 0x0d20  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:53:06.0757 0x0d20  ============================================================
16:53:06.0757 0x0d20  \Device\Harddisk0\DR0:
16:53:06.0757 0x0d20  MBR partitions:
16:53:06.0757 0x0d20  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:53:06.0757 0x0d20  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x746D3800
16:53:06.0757 0x0d20  ============================================================
16:53:06.0773 0x0d20  C: <-> \Device\Harddisk0\DR0\Partition2
16:53:06.0773 0x0d20  ============================================================
16:53:06.0773 0x0d20  Initialize success
16:53:06.0773 0x0d20  ============================================================
16:53:44.0838 0x0ef0  Deinitialize success
 
And the Malwarebytes Log:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 7/5/2014
Scan Time: 5:01:30 PM
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.07.05.10
Rootkit Database: v2014.07.03.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Globe3
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 295130
Time Elapsed: 9 min, 28 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
Looks like I'm in the clear. Thank you for the help!
Link to post
Share on other sites

That is very strange, we see a definite rootkit from the initial run.... One other point, did you also run the FRST fix as listed in reply #2? if so can you post that log, will be saved here C:\FRST\Logs

 

We need to run an online AV scan to ensure there are no remnants of any infection left on your system that may have been missed. This scan is very thorough and well worth running, it can take several hours please be patient and let it complete:

 

Run Eset Online Scanner

 

**Note** You will need to use Internet explorer for this scan - Vista and Windows 7/8 right click on IE shortcut and run as admin

 

Go to Eset web page http://www.eset.com/us/online-scanner/ to run an online scan from ESET.

 


Turn off the real time scanner of any existing antivirus program while performing the online scan
click on the Run ESET Online Scanner button
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the add/on to be installed
Click Start
Make sure that the option "Remove found threats"  is UNticked
Click on Advanced Settings, ensure the options
Scan for potentially unwanted applications, Scan for potentially unsafe applications, and Enable Anti-Stealth Technology are ticked.
Click Scan
wait for the virus definitions to be downloaded
Wait for the scan to finish

 

When the scan is complete

 


If no threats were found
put a checkmark in "Uninstall application on close"
close program
report to me that nothing was found

 

If threats were found

 


click on "list of threats found"
click on "export to text file" and save it as ESET SCAN and save to the desktop
Click on back
put a checkmark in "Uninstall application on close"
click on finish

 

close program

 

Copy and paste the report in next reply.

 

Next,

 

Download Security Check by screen317 from either of the following:

http://screen317.spywareinfoforum.org/SecurityCheck.exe or http://screen317.changelog.fr/SecurityCheck.exe

Save it to your Desktop. (If your security alerts either accept the alert, or turn the security off while Secuirity Check runs)

Double click SecurityCheck.exe (Vista or Windows 7/8 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.

A Notepad document should open automatically called checkup.txt; please post the contents of that document.

If Security Check will not run or you get an alert saying it is not supported, Re-boot your PC then try again...

 

Let me see those logs...

 

Kevin

Link to post
Share on other sites

  • 2 weeks later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.