Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with ZeroAccess can't update windows, can't change firewall help


  • This topic is locked This topic is locked
24 replies to this topic

#1 agarrison23

agarrison23

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 30 October 2013 - 12:23 AM

I also can't down load any exe files. DDS Logs attached

Attached Files



BC AdBot (Login to Remove)

 


#2 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 30 October 2013 - 05:59 PM

Hi agarrison23 and Welcome to Bleeping Computer !

I am currently looking though your logs and will advice you on what to do in my next reply.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#3 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 31 October 2013 - 03:26 AM

Hello agarrison23

I'm Seedy21 and I will be helping you with your issues.

Please note the following information about the malware forum:
  • From this point on, please do not make any more changes to your computer; such as install/uninstall programs, use special fix tools, delete files, edit the registry, etc. - unless advised by me
  • Please do not ask for help elsewhere (in this site or other sites). Doing so can result in system changes, which may not show up in the logs you post.
  • Please reply within 48 hours, if you are going to be away for longer please let us know or the topic will be closed for been inactive
  • If you are using Cracked or Illegal software your thread will be closed
  • Lastly, keep in mind that we are volunteers, so you do not have to pay for malware removal. Persist in this topic until its close.

    Step 1

    For x32 (x86) bit systems:
    From a clean computer, download Farbar Recovery Scan Tool 32-Bit and save it to a flash drive.

    Plug the flashdrive into the infected PC.

    Enter System Recovery Options.

    To enter System Recovery Options from the Advanced Boot Options:
  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.
    To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc.
    If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Select US as the keyboard language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.
    On the System Recovery Options menu you will get the following options:

    Startup Repair
    System Restore
    Windows Complete PC Restore
    Windows Memory Diagnostic Tool
    Command Prompt
  • Select Command Prompt
  • In the command window type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
    Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#4 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 31 October 2013 - 10:08 PM

Log file attachedAttached File  FRST.txt   13.93KB   5 downloads



#5 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 01 November 2013 - 11:12 AM

Hi Agarrison23

Warning Rootkit Detected


One or more of the identified infections is a Zeroaccess rootkit.

This allows hackers to remotely control your computer, steal critical system information, and download and execute files.

I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.


We can attempt to clean this machine but I can't guarantee that it will be 100% secure afterwards.

I suggest a reformat of the system, but the decision is entirely up to you. If you would like to continue please follow the steps below.

Step 1

Open notepad. Please copy the contents of the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it on the flashdrive as fixlist.txt
 
S2 *etadpug; "C:\Program Files\Google\Desktop\Install\{539a94d0-d42b-2e9c-5e34-28394036137a}\   \...\???\{539a94d0-d42b-2e9c-5e34-28394036137a}\GoogleUpdate.exe" < <==== ATTENTION (ZeroAccess)
HKU\dorthy\...\Run: [Google Update] - 
C:\ProgramData\Google
C:\Users\dorthy\AppData\Local\Google
C:\Windows\assembly\GAC\Desktop.ini
C:\Users\dorthy\AppData\Local\Google\Desktop\Install
C:\Program Files\Google\Desktop\Install
C:\Users\dorthy\AppData\Local\Temp\FP_AX_MSI_INSTALLER.exe
C:\Users\dorthy\AppData\Local\Temp\ose00000.exe
C:\Users\dorthy\AppData\Local\Temp\setup.exe

DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


On Vista or Windows 7: Now please enter System Recovery Options.
On Windows XP: Now please boot into the BartPE CD.
Run FRST64 and press the Fix button just once and wait.
The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

Step 2


Please read carefully and follow these steps.
  • Download TDSSKiller and save it to your Desktop.
  • Extract its contents to your desktop.
  • Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.


    TDSSKillermain.png
  • If an infected file is detected, the default action will be Cure, click on Continue.


    TDSSKillerMal-1.png
  • If a suspicious file is detected, the default action will be Skip, click on Continue.


    TDSSKillerSuspicious-1.png
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.


    TDSSKillerCompleted.png
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#6 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 01 November 2013 - 12:05 PM

I am gonna see if I have all of the programs and keys available to reload if I were to reformat.

 

Is it recommended to use an eraser like Darik's Boot and Nuke before I reformat?

 

I will let you know if I am going to reformat.



#7 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 01 November 2013 - 05:01 PM

I am gonna try to removal the trojan first. I don't have a recovery disk for MS Office



#8 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 01 November 2013 - 05:20 PM

Fixlog

Attached Files



#9 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 03 November 2013 - 11:30 AM

Attached log from TDSSKiller

Attached Files



#10 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 03 November 2013 - 01:42 PM

Hi agarrison23

Step 1

Please Re-run TDSSKiller.

Follow the post about TDSSKiller i have post earlier, but this time :-

When a suspicious file is detected, the default action will be Skip, This time change this to Quarantine click on Continue.

A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.


Step 2

Download 51a612a8b27e2-Zoek.pngzoek.exe from here: http://hijackthis.nl/smeenk/ and save it to your Desktop.
  • Close/disable all anti virus and anti malware programs so they do not interfere with the download or execution of Zoek.exe
    You can find instructions how to disable your security applications >>Here<< or >>Here<<
  • Unzip the folder (Right Click > Extract all > Next > Next > Make sure Show Extracted Files is tick and Click Finish ).
  • Double click zoek.exe to start the program.
  • Copy and paste the following script in the code box:
  • Note: This script is written for usage on this users computer, do not use it on another computer even if the problems are similar :!:
    autoclean;
    silentrunners;
    standardsearch;
    
    
  • Close any open browsers.
  • Click the "Run script" button and wait patiently.
  • When finished the logfile will be opened in notepad.
  • If a reboot is needed the logfile will be opened after reboot.
  • The zoek-results.log can also be found on your systemdrive (normally C:\).
  • Please post the logfile for further review in your next reply

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#11 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 03 November 2013 - 11:39 PM

21:52:55.0873 0x09fc  TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
21:52:59.0742 0x09fc  ============================================================
21:52:59.0742 0x09fc  Current date / time: 2013/11/03 21:52:59.0742
21:52:59.0742 0x09fc  SystemInfo:
21:52:59.0742 0x09fc  
21:52:59.0742 0x09fc  OS Version: 6.1.7601 ServicePack: 1.0
21:52:59.0742 0x09fc  Product type: Workstation
21:52:59.0742 0x09fc  ComputerName: DORTHY-PC
21:52:59.0742 0x09fc  UserName: dorthy
21:52:59.0742 0x09fc  Windows directory: C:\Windows
21:52:59.0742 0x09fc  System windows directory: C:\Windows
21:52:59.0742 0x09fc  Processor architecture: Intel x86
21:52:59.0742 0x09fc  Number of processors: 2
21:52:59.0742 0x09fc  Page size: 0x1000
21:52:59.0742 0x09fc  Boot type: Normal boot
21:52:59.0742 0x09fc  ============================================================
21:53:02.0206 0x09fc  System UUID: {9F70331E-B687-1BA4-B5E7-CE4C3EC1FDFA}
21:53:02.0721 0x09fc  Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 (149.05 Gb), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
21:53:02.0721 0x09fc  Drive \Device\Harddisk1\DR3 - Size: 0x75A00000 (1.84 Gb), SectorSize: 0x200, Cylinders: 0xEF, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
21:53:02.0721 0x09fc  ============================================================
21:53:02.0721 0x09fc  \Device\Harddisk0\DR0:
21:53:02.0721 0x09fc  MBR partitions:
21:53:02.0721 0x09fc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x1D4C000
21:53:02.0721 0x09fc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1D60000, BlocksNum 0x10CB96B0
21:53:02.0721 0x09fc  \Device\Harddisk1\DR3:
21:53:02.0721 0x09fc  MBR partitions:
21:53:02.0721 0x09fc  \Device\Harddisk1\DR3\Partition1: MBR, Type 0xE, StartLBA 0x20, BlocksNum 0x3ACFE0
21:53:02.0721 0x09fc  ============================================================
21:53:02.0752 0x09fc  C: <-> \Device\Harddisk0\DR0\Partition2
21:53:02.0784 0x09fc  D: <-> \Device\Harddisk0\DR0\Partition1
21:53:02.0784 0x09fc  ============================================================
21:53:02.0784 0x09fc  Initialize success
21:53:02.0784 0x09fc  ============================================================
21:53:06.0855 0x05cc  ============================================================
21:53:06.0855 0x05cc  Scan started
21:53:06.0855 0x05cc  Mode: Manual;
21:53:06.0855 0x05cc  ============================================================
21:53:06.0855 0x05cc  KSN ping started
21:53:06.0933 0x05cc  KSN ping finished: false
21:53:07.0417 0x05cc  ================ Scan system memory ========================
21:53:07.0417 0x05cc  System memory - ok
21:53:07.0417 0x05cc  ================ Scan services =============================
21:53:07.0635 0x05cc  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:53:07.0635 0x05cc  1394ohci - ok
21:53:07.0729 0x05cc  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:53:07.0729 0x05cc  ACPI - ok
21:53:07.0776 0x05cc  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:53:07.0776 0x05cc  AcpiPmi - ok
21:53:07.0978 0x05cc  [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:53:07.0994 0x05cc  AdobeARMservice - ok
21:53:08.0088 0x05cc  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
21:53:08.0103 0x05cc  adp94xx - ok
21:53:08.0119 0x05cc  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
21:53:08.0134 0x05cc  adpahci - ok
21:53:08.0150 0x05cc  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
21:53:08.0150 0x05cc  adpu320 - ok
21:53:08.0181 0x05cc  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:53:08.0181 0x05cc  AeLookupSvc - ok
21:53:08.0244 0x05cc  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
21:53:08.0259 0x05cc  AFD - ok
21:53:08.0322 0x05cc  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:53:08.0322 0x05cc  agp440 - ok
21:53:08.0353 0x05cc  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
21:53:08.0353 0x05cc  aic78xx - ok
21:53:08.0384 0x05cc  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:53:08.0384 0x05cc  ALG - ok
21:53:08.0431 0x05cc  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:53:08.0431 0x05cc  aliide - ok
21:53:08.0462 0x05cc  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:53:08.0462 0x05cc  amdagp - ok
21:53:08.0478 0x05cc  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:53:08.0478 0x05cc  amdide - ok
21:53:08.0509 0x05cc  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
21:53:08.0524 0x05cc  AmdK8 - ok
21:53:08.0524 0x05cc  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:53:08.0540 0x05cc  AmdPPM - ok
21:53:08.0587 0x05cc  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:53:08.0587 0x05cc  amdsata - ok
21:53:08.0634 0x05cc  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
21:53:08.0634 0x05cc  amdsbs - ok
21:53:08.0680 0x05cc  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:53:08.0680 0x05cc  amdxata - ok
21:53:08.0727 0x05cc  [ D7723A101C5CB4C0FA979E4DDA732EC0, 9CCF59C30972805A111F1557E178CBAF6BB7ADC8CA015A2B380A0C940FD14632 ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
21:53:08.0727 0x05cc  ApfiltrService - ok
21:53:08.0790 0x05cc  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
21:53:08.0790 0x05cc  AppID - ok
21:53:08.0836 0x05cc  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:53:08.0836 0x05cc  AppIDSvc - ok
21:53:08.0868 0x05cc  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:53:08.0868 0x05cc  Appinfo - ok
21:53:08.0899 0x05cc  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
21:53:08.0899 0x05cc  arc - ok
21:53:08.0914 0x05cc  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
21:53:08.0914 0x05cc  arcsas - ok
21:53:08.0946 0x05cc  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:53:08.0946 0x05cc  AsyncMac - ok
21:53:08.0992 0x05cc  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:53:08.0992 0x05cc  atapi - ok
21:53:09.0055 0x05cc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:53:09.0055 0x05cc  AudioEndpointBuilder - ok
21:53:09.0148 0x05cc  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:53:09.0164 0x05cc  Audiosrv - ok
21:53:09.0226 0x05cc  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:53:09.0242 0x05cc  AxInstSV - ok
21:53:09.0289 0x05cc  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
21:53:09.0304 0x05cc  b06bdrv - ok
21:53:09.0351 0x05cc  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:53:09.0351 0x05cc  b57nd60x - ok
21:53:09.0445 0x05cc  [ EB7C2DADF52F50F69F198C14C3556DC1, ABA6964B443B7A041C18E09376AC7F7C87122738BA71328F02510CD1D76ACBB0 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl6.sys
21:53:09.0460 0x05cc  BCM43XX - ok
21:53:09.0663 0x05cc  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:53:09.0679 0x05cc  BDESVC - ok
21:53:09.0726 0x05cc  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:53:09.0726 0x05cc  Beep - ok
21:53:09.0741 0x05cc  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:53:09.0741 0x05cc  blbdrive - ok
21:53:09.0804 0x05cc  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:53:09.0804 0x05cc  bowser - ok
21:53:09.0819 0x05cc  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
21:53:09.0819 0x05cc  BrFiltLo - ok
21:53:09.0835 0x05cc  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
21:53:09.0835 0x05cc  BrFiltUp - ok
21:53:09.0897 0x05cc  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:53:09.0897 0x05cc  Browser - ok
21:53:09.0975 0x05cc  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:53:09.0991 0x05cc  Brserid - ok
21:53:10.0038 0x05cc  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:53:10.0053 0x05cc  BrSerWdm - ok
21:53:10.0100 0x05cc  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:53:10.0100 0x05cc  BrUsbMdm - ok
21:53:10.0100 0x05cc  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:53:10.0100 0x05cc  BrUsbSer - ok
21:53:10.0116 0x05cc  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
21:53:10.0116 0x05cc  BTHMODEM - ok
21:53:10.0162 0x05cc  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:53:10.0162 0x05cc  bthserv - ok
21:53:10.0194 0x05cc  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:53:10.0194 0x05cc  cdfs - ok
21:53:10.0256 0x05cc  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
21:53:10.0272 0x05cc  cdrom - ok
21:53:10.0318 0x05cc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:53:10.0318 0x05cc  CertPropSvc - ok
21:53:10.0350 0x05cc  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
21:53:10.0350 0x05cc  circlass - ok
21:53:10.0490 0x05cc  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:53:10.0506 0x05cc  CLFS - ok
21:53:10.0630 0x05cc  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:53:10.0630 0x05cc  clr_optimization_v2.0.50727_32 - ok
21:53:10.0802 0x05cc  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:53:10.0802 0x05cc  clr_optimization_v4.0.30319_32 - ok
21:53:10.0833 0x05cc  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:53:10.0833 0x05cc  CmBatt - ok
21:53:10.0864 0x05cc  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:53:10.0880 0x05cc  cmdide - ok
21:53:10.0942 0x05cc  [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG             C:\Windows\system32\Drivers\cng.sys
21:53:10.0958 0x05cc  CNG - ok
21:53:11.0005 0x05cc  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:53:11.0005 0x05cc  Compbatt - ok
21:53:11.0036 0x05cc  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
21:53:11.0036 0x05cc  CompositeBus - ok
21:53:11.0052 0x05cc  COMSysApp - ok
21:53:11.0083 0x05cc  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
21:53:11.0083 0x05cc  crcdisk - ok
21:53:11.0145 0x05cc  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:53:11.0145 0x05cc  CryptSvc - ok
21:53:11.0208 0x05cc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:53:11.0208 0x05cc  DcomLaunch - ok
21:53:11.0286 0x05cc  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:53:11.0301 0x05cc  defragsvc - ok
21:53:11.0348 0x05cc  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:53:11.0364 0x05cc  DfsC - ok
21:53:11.0442 0x05cc  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:53:11.0457 0x05cc  Dhcp - ok
21:53:11.0504 0x05cc  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:53:11.0504 0x05cc  discache - ok
21:53:11.0566 0x05cc  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
21:53:11.0582 0x05cc  Disk - ok
21:53:11.0613 0x05cc  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:53:11.0613 0x05cc  Dnscache - ok
21:53:11.0691 0x05cc  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:53:11.0691 0x05cc  dot3svc - ok
21:53:11.0738 0x05cc  [ B5E479EB83707DD698F66953E922042C, 82891A4699F180A20EB25A0EC49A7E008B007A374BAA3279483AC1C95D125FE8 ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
21:53:11.0754 0x05cc  Dot4 - ok
21:53:11.0816 0x05cc  [ CAEFD09B6A6249C53A67D55A9A9FCABF, A76C951EA8A830E5BA22D8D393A946BBAEEDB76478539F647E58199B383F786B ] Dot4Print       C:\Windows\system32\drivers\Dot4Prt.sys
21:53:11.0816 0x05cc  Dot4Print - ok
21:53:11.0847 0x05cc  [ CF491FF38D62143203C065260567E2F7, 4315FD8FC88CF627EBE469A2DF0F280B17C95D3004FC7A93D6F8E47F0D91A037 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
21:53:11.0847 0x05cc  dot4usb - ok
21:53:11.0925 0x05cc  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:53:11.0941 0x05cc  DPS - ok
21:53:11.0988 0x05cc  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:53:11.0988 0x05cc  drmkaud - ok
21:53:12.0050 0x05cc  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:53:12.0081 0x05cc  DXGKrnl - ok
21:53:12.0128 0x05cc  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:53:12.0128 0x05cc  EapHost - ok
21:53:12.0284 0x05cc  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
21:53:12.0393 0x05cc  ebdrv - ok
21:53:12.0487 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS             C:\Windows\System32\lsass.exe
21:53:12.0487 0x05cc  EFS - ok
21:53:12.0674 0x05cc  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:53:12.0721 0x05cc  ehRecvr - ok
21:53:12.0752 0x05cc  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:53:12.0752 0x05cc  ehSched - ok
21:53:12.0814 0x05cc  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
21:53:12.0846 0x05cc  elxstor - ok
21:53:12.0877 0x05cc  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:53:12.0877 0x05cc  ErrDev - ok
21:53:12.0939 0x05cc  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:53:12.0986 0x05cc  EventSystem - ok
21:53:13.0017 0x05cc  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:53:13.0017 0x05cc  exfat - ok
21:53:13.0048 0x05cc  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:53:13.0048 0x05cc  fastfat - ok
21:53:13.0111 0x05cc  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:53:13.0158 0x05cc  Fax - ok
21:53:13.0173 0x05cc  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
21:53:13.0173 0x05cc  fdc - ok
21:53:13.0189 0x05cc  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:53:13.0189 0x05cc  fdPHost - ok
21:53:13.0220 0x05cc  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:53:13.0220 0x05cc  FDResPub - ok
21:53:13.0251 0x05cc  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:53:13.0251 0x05cc  FileInfo - ok
21:53:13.0267 0x05cc  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:53:13.0267 0x05cc  Filetrace - ok
21:53:13.0298 0x05cc  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
21:53:13.0298 0x05cc  flpydisk - ok
21:53:13.0329 0x05cc  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:53:13.0329 0x05cc  FltMgr - ok
21:53:13.0423 0x05cc  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
21:53:13.0454 0x05cc  FontCache - ok
21:53:13.0594 0x05cc  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:53:13.0594 0x05cc  FontCache3.0.0.0 - ok
21:53:13.0610 0x05cc  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:53:13.0610 0x05cc  FsDepends - ok
21:53:13.0641 0x05cc  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:53:13.0641 0x05cc  Fs_Rec - ok
21:53:13.0704 0x05cc  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:53:13.0704 0x05cc  fvevol - ok
21:53:13.0766 0x05cc  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
21:53:13.0766 0x05cc  gagp30kx - ok
21:53:13.0844 0x05cc  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:53:13.0875 0x05cc  gpsvc - ok
21:53:13.0891 0x05cc  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:53:13.0891 0x05cc  hcw85cir - ok
21:53:13.0953 0x05cc  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:53:13.0969 0x05cc  HdAudAddService - ok
21:53:14.0000 0x05cc  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
21:53:14.0000 0x05cc  HDAudBus - ok
21:53:14.0016 0x05cc  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
21:53:14.0031 0x05cc  HidBatt - ok
21:53:14.0047 0x05cc  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
21:53:14.0047 0x05cc  HidBth - ok
21:53:14.0062 0x05cc  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
21:53:14.0078 0x05cc  HidIr - ok
21:53:14.0094 0x05cc  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
21:53:14.0109 0x05cc  hidserv - ok
21:53:14.0172 0x05cc  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
21:53:14.0172 0x05cc  HidUsb - ok
21:53:14.0203 0x05cc  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:53:14.0218 0x05cc  hkmsvc - ok
21:53:14.0296 0x05cc  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:53:14.0296 0x05cc  HomeGroupListener - ok
21:53:14.0421 0x05cc  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:53:14.0437 0x05cc  HomeGroupProvider - ok
21:53:14.0608 0x05cc  [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05, 7B3F117C1D606DDA7623BEC0BFBC362C33A12213E899F049AC56A55826984134 ] hpqcxs08        C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
21:53:14.0608 0x05cc  hpqcxs08 - ok
21:53:14.0655 0x05cc  [ F3F72A2A86C22610BCA5439FA789DD52, DA5A8F09DCC512AA1558863AD4FAC12F72DD83CA8FB4D8D9831E4AFBB6B3C616 ] hpqddsvc        C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
21:53:14.0655 0x05cc  hpqddsvc - ok
21:53:14.0733 0x05cc  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:53:14.0733 0x05cc  HpSAMD - ok
21:53:14.0811 0x05cc  [ 568E44F6DCFA173F3670172B69379891, D619B908770E308BE3978DD619CA0ADC229685971FC99379AA5620BE5F7C5F1C ] HPSLPSVC        C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
21:53:14.0842 0x05cc  HPSLPSVC - ok
21:53:14.0905 0x05cc  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:53:14.0936 0x05cc  HTTP - ok
21:53:15.0170 0x05cc  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:53:15.0170 0x05cc  hwpolicy - ok
21:53:15.0248 0x05cc  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
21:53:15.0248 0x05cc  i8042prt - ok
21:53:15.0357 0x05cc  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:53:15.0373 0x05cc  iaStorV - ok
21:53:15.0513 0x05cc  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:53:15.0560 0x05cc  idsvc - ok
21:53:15.0981 0x05cc  [ 8266AE06DF974E5BA047B3E9E9E70B3F, 44E5A8EED802A1DDF3CCDB478A88A3AB3CF009F449FB11E0F94A28498342B4E2 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
21:53:16.0262 0x05cc  igfx - ok
21:53:16.0340 0x05cc  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
21:53:16.0340 0x05cc  iirsp - ok
21:53:16.0418 0x05cc  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:53:16.0465 0x05cc  IKEEXT - ok
21:53:16.0512 0x05cc  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:53:16.0512 0x05cc  intelide - ok
21:53:16.0543 0x05cc  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
21:53:16.0543 0x05cc  intelppm - ok
21:53:16.0574 0x05cc  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:53:16.0574 0x05cc  IPBusEnum - ok
21:53:16.0605 0x05cc  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:53:16.0605 0x05cc  IpFilterDriver - ok
21:53:16.0636 0x05cc  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:53:16.0652 0x05cc  IPMIDRV - ok
21:53:16.0668 0x05cc  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:53:16.0683 0x05cc  IPNAT - ok
21:53:16.0699 0x05cc  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:53:16.0699 0x05cc  IRENUM - ok
21:53:16.0714 0x05cc  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:53:16.0714 0x05cc  isapnp - ok
21:53:16.0761 0x05cc  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:53:16.0792 0x05cc  iScsiPrt - ok
21:53:16.0824 0x05cc  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
21:53:16.0824 0x05cc  kbdclass - ok
21:53:16.0870 0x05cc  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:53:16.0870 0x05cc  kbdhid - ok
21:53:16.0886 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso          C:\Windows\system32\lsass.exe
21:53:16.0886 0x05cc  KeyIso - ok
21:53:16.0917 0x05cc  [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:53:16.0917 0x05cc  KSecDD - ok
21:53:16.0980 0x05cc  [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:53:16.0980 0x05cc  KSecPkg - ok
21:53:17.0042 0x05cc  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:53:17.0058 0x05cc  KtmRm - ok
21:53:17.0089 0x05cc  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
21:53:17.0089 0x05cc  LanmanServer - ok
21:53:17.0120 0x05cc  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:53:17.0120 0x05cc  LanmanWorkstation - ok
21:53:17.0182 0x05cc  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:53:17.0182 0x05cc  lltdio - ok
21:53:17.0276 0x05cc  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:53:17.0276 0x05cc  lltdsvc - ok
21:53:17.0323 0x05cc  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:53:17.0323 0x05cc  lmhosts - ok
21:53:17.0760 0x05cc  [ D508ED922DA3054547B1D21B8D345DF3, 2978ADC232A260087394AB148ED87F5A05B0524663440434FA38D8693B8D383A ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
21:53:17.0775 0x05cc  LMIGuardianSvc - ok
21:53:17.0853 0x05cc  [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049, CFB86B860FF4F856DA75EB132E06B77C71DC5D994799C08EDC01F2CA8B47AB44 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
21:53:17.0853 0x05cc  LMIInfo - ok
21:53:17.0916 0x05cc  [ BF58FD94B9DD9B64C5E597A46DC120A8, 1DEB7B8871D3C9BAE0A6C3D4B1EF2E9A29CD9BB3254374758EBEED4D3A57007B ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
21:53:17.0931 0x05cc  LMIMaint - ok
21:53:17.0978 0x05cc  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
21:53:17.0978 0x05cc  lmimirr - ok
21:53:17.0994 0x05cc  LMIRfsClientNP - ok
21:53:18.0025 0x05cc  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
21:53:18.0025 0x05cc  LMIRfsDriver - ok
21:53:18.0087 0x05cc  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
21:53:18.0103 0x05cc  LogMeIn - ok
21:53:18.0134 0x05cc  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
21:53:18.0134 0x05cc  LSI_FC - ok
21:53:18.0165 0x05cc  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
21:53:18.0165 0x05cc  LSI_SAS - ok
21:53:18.0181 0x05cc  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
21:53:18.0181 0x05cc  LSI_SAS2 - ok
21:53:18.0196 0x05cc  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
21:53:18.0212 0x05cc  LSI_SCSI - ok
21:53:18.0228 0x05cc  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:53:18.0228 0x05cc  luafv - ok
21:53:18.0290 0x05cc  [ 819B7E43C612A6E49705D1BB156F6991, E5BE1BDAEC8FD119517E3E56A3E23E48DB8858D7A8471E476E680CC8EBE1DE66 ] mbamchameleon   C:\Windows\system32\drivers\mbamchameleon.sys
21:53:18.0290 0x05cc  mbamchameleon - ok
21:53:18.0337 0x05cc  [ 5C47D60938E77822A2C8D25102C63CE2, CF0E7ED02D783F06B9AA82B4DDA593245D65D399268F11A7AF432B260602EA02 ] MBAMSwissArmy   C:\Windows\system32\drivers\MBAMSwissArmy.sys
21:53:18.0352 0x05cc  MBAMSwissArmy - ok
21:53:18.0384 0x05cc  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:53:18.0399 0x05cc  Mcx2Svc - ok
21:53:18.0430 0x05cc  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
21:53:18.0430 0x05cc  megasas - ok
21:53:18.0493 0x05cc  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
21:53:18.0508 0x05cc  MegaSR - ok
21:53:18.0540 0x05cc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:53:18.0540 0x05cc  MMCSS - ok
21:53:18.0555 0x05cc  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:53:18.0555 0x05cc  Modem - ok
21:53:18.0571 0x05cc  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:53:18.0571 0x05cc  monitor - ok
21:53:18.0602 0x05cc  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\drivers\mouclass.sys
21:53:18.0602 0x05cc  mouclass - ok
21:53:18.0633 0x05cc  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:53:18.0633 0x05cc  mouhid - ok
21:53:18.0680 0x05cc  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:53:18.0680 0x05cc  mountmgr - ok
21:53:18.0727 0x05cc  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:53:18.0727 0x05cc  mpio - ok
21:53:18.0758 0x05cc  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:53:18.0758 0x05cc  mpsdrv - ok
21:53:18.0805 0x05cc  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:53:18.0805 0x05cc  MRxDAV - ok
21:53:18.0852 0x05cc  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:53:18.0867 0x05cc  mrxsmb - ok
21:53:18.0930 0x05cc  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:53:18.0945 0x05cc  mrxsmb10 - ok
21:53:18.0976 0x05cc  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:53:18.0976 0x05cc  mrxsmb20 - ok
21:53:19.0008 0x05cc  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:53:19.0008 0x05cc  msahci - ok
21:53:19.0164 0x05cc  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:53:19.0179 0x05cc  msdsm - ok
21:53:19.0195 0x05cc  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:53:19.0195 0x05cc  MSDTC - ok
21:53:19.0226 0x05cc  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:53:19.0242 0x05cc  Msfs - ok
21:53:19.0257 0x05cc  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:53:19.0257 0x05cc  mshidkmdf - ok
21:53:19.0288 0x05cc  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:53:19.0288 0x05cc  msisadrv - ok
21:53:19.0335 0x05cc  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:53:19.0335 0x05cc  MSiSCSI - ok
21:53:19.0351 0x05cc  msiserver - ok
21:53:19.0366 0x05cc  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:53:19.0366 0x05cc  MSKSSRV - ok
21:53:19.0382 0x05cc  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:53:19.0398 0x05cc  MSPCLOCK - ok
21:53:19.0413 0x05cc  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:53:19.0413 0x05cc  MSPQM - ok
21:53:19.0429 0x05cc  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:53:19.0429 0x05cc  MsRPC - ok
21:53:19.0444 0x05cc  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
21:53:19.0444 0x05cc  mssmbios - ok
21:53:19.0460 0x05cc  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:53:19.0460 0x05cc  MSTEE - ok
21:53:19.0491 0x05cc  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
21:53:19.0491 0x05cc  MTConfig - ok
21:53:19.0522 0x05cc  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:53:19.0522 0x05cc  Mup - ok
21:53:19.0569 0x05cc  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:53:19.0585 0x05cc  napagent - ok
21:53:19.0647 0x05cc  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:53:19.0647 0x05cc  NativeWifiP - ok
21:53:19.0725 0x05cc  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:53:19.0772 0x05cc  NDIS - ok
21:53:19.0803 0x05cc  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:53:19.0803 0x05cc  NdisCap - ok
21:53:19.0850 0x05cc  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:53:19.0850 0x05cc  NdisTapi - ok
21:53:19.0912 0x05cc  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:53:19.0912 0x05cc  Ndisuio - ok
21:53:19.0975 0x05cc  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:53:19.0975 0x05cc  NdisWan - ok
21:53:20.0022 0x05cc  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:53:20.0022 0x05cc  NDProxy - ok
21:53:20.0084 0x05cc  [ 510C138564486FF926A3F773205C63D1, 50FBB8555C284ED22F71D99750899321B63E3B4C255174FE9B4F31084F9A34B1 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
21:53:20.0084 0x05cc  Net Driver HPZ12 - ok
21:53:20.0100 0x05cc  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:53:20.0100 0x05cc  NetBIOS - ok
21:53:20.0146 0x05cc  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:53:20.0178 0x05cc  NetBT - ok
21:53:20.0178 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon        C:\Windows\system32\lsass.exe
21:53:20.0178 0x05cc  Netlogon - ok
21:53:20.0224 0x05cc  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:53:20.0240 0x05cc  Netman - ok
21:53:20.0256 0x05cc  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:53:20.0271 0x05cc  netprofm - ok
21:53:20.0318 0x05cc  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:53:20.0318 0x05cc  NetTcpPortSharing - ok
21:53:20.0349 0x05cc  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
21:53:20.0349 0x05cc  nfrd960 - ok
21:53:20.0396 0x05cc  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:53:20.0458 0x05cc  NlaSvc - ok
21:53:20.0505 0x05cc  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:53:20.0505 0x05cc  Npfs - ok
21:53:20.0552 0x05cc  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:53:20.0552 0x05cc  nsi - ok
21:53:20.0568 0x05cc  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:53:20.0568 0x05cc  nsiproxy - ok
21:53:20.0661 0x05cc  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:53:20.0677 0x05cc  Ntfs - ok
21:53:20.0755 0x05cc  [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B639D6A5371F381CC ] NuidFltr        C:\Windows\system32\DRIVERS\NuidFltr.sys
21:53:20.0755 0x05cc  NuidFltr - ok
21:53:20.0786 0x05cc  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:53:20.0786 0x05cc  Null - ok
21:53:20.0802 0x05cc  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:53:20.0817 0x05cc  nvraid - ok
21:53:20.0864 0x05cc  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:53:20.0864 0x05cc  nvstor - ok
21:53:20.0895 0x05cc  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:53:20.0895 0x05cc  nv_agp - ok
21:53:20.0989 0x05cc  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
21:53:21.0036 0x05cc  odserv - ok
21:53:21.0051 0x05cc  [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM13Vfx        C:\Windows\system32\DRIVERS\OEM13Vfx.sys
21:53:21.0051 0x05cc  OEM13Vfx - ok
21:53:21.0098 0x05cc  [ 12539B57ED05DE7552403A12B3E0161C, 15E1E10DBA6508B539A1CDD0B2E809E40ECB0988AE76FC1A477FA83F01AA8495 ] OEM13Vid        C:\Windows\system32\DRIVERS\OEM13Vid.sys
21:53:21.0098 0x05cc  OEM13Vid - ok
21:53:21.0145 0x05cc  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:53:21.0145 0x05cc  ohci1394 - ok
21:53:21.0192 0x05cc  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:53:21.0192 0x05cc  ose - ok
21:53:21.0238 0x05cc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:53:21.0254 0x05cc  p2pimsvc - ok
21:53:21.0301 0x05cc  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:53:21.0316 0x05cc  p2psvc - ok
21:53:21.0332 0x05cc  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
21:53:21.0332 0x05cc  Parport - ok
21:53:21.0379 0x05cc  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:53:21.0379 0x05cc  partmgr - ok
21:53:21.0426 0x05cc  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
21:53:21.0426 0x05cc  Parvdm - ok
21:53:21.0441 0x05cc  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:53:21.0441 0x05cc  pci - ok
21:53:21.0488 0x05cc  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:53:21.0504 0x05cc  pciide - ok
21:53:21.0519 0x05cc  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
21:53:21.0519 0x05cc  pcmcia - ok
21:53:21.0535 0x05cc  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:53:21.0550 0x05cc  pcw - ok
21:53:21.0597 0x05cc  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:53:21.0628 0x05cc  PEAUTH - ok
21:53:21.0753 0x05cc  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:53:21.0816 0x05cc  pla - ok
21:53:21.0878 0x05cc  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:53:21.0894 0x05cc  PlugPlay - ok
21:53:21.0940 0x05cc  [ 37E5E8FFBAD35605DAEEC3224EA0E465, E3A9BE275D3C8A3E143DF3A795964E9860A1F6C18BE36F8FE552E954435AC927 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
21:53:21.0940 0x05cc  Pml Driver HPZ12 - ok
21:53:21.0987 0x05cc  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:53:21.0987 0x05cc  PNRPAutoReg - ok
21:53:22.0018 0x05cc  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:53:22.0034 0x05cc  PNRPsvc - ok
21:53:22.0065 0x05cc  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:53:22.0065 0x05cc  Power - ok
21:53:22.0112 0x05cc  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:53:22.0112 0x05cc  PptpMiniport - ok
21:53:22.0128 0x05cc  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
21:53:22.0128 0x05cc  Processor - ok
21:53:22.0159 0x05cc  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:53:22.0159 0x05cc  ProfSvc - ok
21:53:22.0190 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
21:53:22.0190 0x05cc  ProtectedStorage - ok
21:53:22.0237 0x05cc  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:53:22.0237 0x05cc  Psched - ok
21:53:22.0315 0x05cc  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
21:53:22.0393 0x05cc  ql2300 - ok
21:53:22.0408 0x05cc  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
21:53:22.0408 0x05cc  ql40xx - ok
21:53:22.0455 0x05cc  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:53:22.0486 0x05cc  QWAVE - ok
21:53:22.0502 0x05cc  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:53:22.0502 0x05cc  QWAVEdrv - ok
21:53:22.0518 0x05cc  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:53:22.0518 0x05cc  RasAcd - ok
21:53:22.0549 0x05cc  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:53:22.0549 0x05cc  RasAgileVpn - ok
21:53:22.0580 0x05cc  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:53:22.0580 0x05cc  RasAuto - ok
21:53:22.0596 0x05cc  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:53:22.0596 0x05cc  Rasl2tp - ok
21:53:22.0658 0x05cc  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:53:22.0674 0x05cc  RasMan - ok
21:53:22.0705 0x05cc  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:53:22.0705 0x05cc  RasPppoe - ok
21:53:22.0720 0x05cc  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:53:22.0720 0x05cc  RasSstp - ok
21:53:22.0798 0x05cc  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:53:22.0814 0x05cc  rdbss - ok
21:53:22.0830 0x05cc  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:53:22.0830 0x05cc  rdpbus - ok
21:53:22.0876 0x05cc  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:53:22.0876 0x05cc  RDPCDD - ok
21:53:22.0908 0x05cc  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:53:22.0908 0x05cc  RDPENCDD - ok
21:53:22.0939 0x05cc  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:53:22.0939 0x05cc  RDPREFMP - ok
21:53:22.0986 0x05cc  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:53:23.0001 0x05cc  RDPWD - ok
21:53:23.0048 0x05cc  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:53:23.0064 0x05cc  rdyboost - ok
21:53:23.0095 0x05cc  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:53:23.0095 0x05cc  RemoteRegistry - ok
21:53:23.0126 0x05cc  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:53:23.0126 0x05cc  RpcEptMapper - ok
21:53:23.0142 0x05cc  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:53:23.0142 0x05cc  RpcLocator - ok
21:53:23.0173 0x05cc  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:53:23.0173 0x05cc  RpcSs - ok
21:53:23.0204 0x05cc  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:53:23.0204 0x05cc  rspndr - ok
21:53:23.0251 0x05cc  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
21:53:23.0266 0x05cc  RTL8167 - ok
21:53:23.0266 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs           C:\Windows\system32\lsass.exe
21:53:23.0282 0x05cc  SamSs - ok
21:53:23.0298 0x05cc  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:53:23.0313 0x05cc  sbp2port - ok
21:53:23.0344 0x05cc  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:53:23.0344 0x05cc  SCardSvr - ok
21:53:23.0360 0x05cc  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:53:23.0360 0x05cc  scfilter - ok
21:53:23.0438 0x05cc  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:53:23.0469 0x05cc  Schedule - ok
21:53:23.0485 0x05cc  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:53:23.0500 0x05cc  SCPolicySvc - ok
21:53:23.0532 0x05cc  [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus           C:\Windows\system32\drivers\sdbus.sys
21:53:23.0532 0x05cc  sdbus - ok
21:53:23.0578 0x05cc  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:53:23.0578 0x05cc  SDRSVC - ok
21:53:23.0625 0x05cc  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:53:23.0641 0x05cc  secdrv - ok
21:53:23.0656 0x05cc  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:53:23.0672 0x05cc  seclogon - ok
21:53:23.0688 0x05cc  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
21:53:23.0688 0x05cc  SENS - ok
21:53:23.0719 0x05cc  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:53:23.0734 0x05cc  SensrSvc - ok
21:53:23.0750 0x05cc  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
21:53:23.0750 0x05cc  Serenum - ok
21:53:23.0781 0x05cc  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
21:53:23.0781 0x05cc  Serial - ok
21:53:23.0828 0x05cc  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
21:53:23.0828 0x05cc  sermouse - ok
21:53:23.0875 0x05cc  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:53:23.0875 0x05cc  SessionEnv - ok
21:53:23.0922 0x05cc  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:53:23.0922 0x05cc  sffdisk - ok
21:53:23.0922 0x05cc  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:53:23.0937 0x05cc  sffp_mmc - ok
21:53:23.0937 0x05cc  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:53:23.0937 0x05cc  sffp_sd - ok
21:53:23.0953 0x05cc  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
21:53:23.0968 0x05cc  sfloppy - ok
21:53:24.0015 0x05cc  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:53:24.0046 0x05cc  ShellHWDetection - ok
21:53:24.0093 0x05cc  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:53:24.0109 0x05cc  sisagp - ok
21:53:24.0124 0x05cc  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
21:53:24.0140 0x05cc  SiSRaid2 - ok
21:53:24.0156 0x05cc  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
21:53:24.0156 0x05cc  SiSRaid4 - ok
21:53:24.0187 0x05cc  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:53:24.0187 0x05cc  Smb - ok
21:53:24.0249 0x05cc  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:53:24.0249 0x05cc  SNMPTRAP - ok
21:53:24.0265 0x05cc  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:53:24.0265 0x05cc  spldr - ok
21:53:24.0327 0x05cc  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:53:24.0343 0x05cc  Spooler - ok
21:53:24.0499 0x05cc  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:53:24.0655 0x05cc  sppsvc - ok
21:53:24.0717 0x05cc  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:53:24.0717 0x05cc  sppuinotify - ok
21:53:24.0764 0x05cc  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:53:24.0795 0x05cc  srv - ok
21:53:24.0811 0x05cc  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:53:24.0826 0x05cc  srv2 - ok
21:53:24.0842 0x05cc  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:53:24.0842 0x05cc  srvnet - ok
21:53:24.0889 0x05cc  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:53:24.0904 0x05cc  SSDPSRV - ok
21:53:24.0951 0x05cc  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:53:24.0967 0x05cc  SstpSvc - ok
21:53:24.0982 0x05cc  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
21:53:24.0982 0x05cc  stexstor - ok
21:53:25.0029 0x05cc  [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
21:53:25.0029 0x05cc  StillCam - ok
21:53:25.0107 0x05cc  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:53:25.0154 0x05cc  StiSvc - ok
21:53:25.0216 0x05cc  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
21:53:25.0216 0x05cc  swenum - ok
21:53:25.0248 0x05cc  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:53:25.0263 0x05cc  swprv - ok
21:53:25.0341 0x05cc  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:53:25.0388 0x05cc  SysMain - ok
21:53:25.0450 0x05cc  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:53:25.0450 0x05cc  TabletInputService - ok
21:53:25.0513 0x05cc  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:53:25.0528 0x05cc  TapiSrv - ok
21:53:25.0560 0x05cc  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:53:25.0575 0x05cc  TBS - ok
21:53:25.0669 0x05cc  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:53:25.0731 0x05cc  Tcpip - ok
21:53:25.0825 0x05cc  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:53:25.0856 0x05cc  TCPIP6 - ok
21:53:25.0903 0x05cc  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:53:25.0903 0x05cc  tcpipreg - ok
21:53:25.0950 0x05cc  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:53:25.0950 0x05cc  TDPIPE - ok
21:53:25.0965 0x05cc  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:53:25.0965 0x05cc  TDTCP - ok
21:53:26.0012 0x05cc  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:53:26.0012 0x05cc  tdx - ok
21:53:26.0059 0x05cc  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
21:53:26.0059 0x05cc  TermDD - ok
21:53:26.0137 0x05cc  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
21:53:26.0152 0x05cc  TermService - ok
21:53:26.0230 0x05cc  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:53:26.0246 0x05cc  Themes - ok
21:53:26.0262 0x05cc  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:53:26.0277 0x05cc  THREADORDER - ok
21:53:26.0308 0x05cc  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:53:26.0324 0x05cc  TrkWks - ok
21:53:26.0418 0x05cc  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:53:26.0433 0x05cc  TrustedInstaller - ok
21:53:26.0464 0x05cc  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:53:26.0464 0x05cc  tssecsrv - ok
21:53:26.0542 0x05cc  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:53:26.0542 0x05cc  TsUsbFlt - ok
21:53:26.0574 0x05cc  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:53:26.0589 0x05cc  tunnel - ok
21:53:26.0620 0x05cc  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
21:53:26.0620 0x05cc  uagp35 - ok
21:53:26.0652 0x05cc  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:53:26.0683 0x05cc  udfs - ok
21:53:26.0730 0x05cc  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:53:26.0730 0x05cc  UI0Detect - ok
21:53:26.0761 0x05cc  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:53:26.0761 0x05cc  uliagpkx - ok
21:53:26.0792 0x05cc  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\drivers\umbus.sys
21:53:26.0792 0x05cc  umbus - ok
21:53:26.0808 0x05cc  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
21:53:26.0808 0x05cc  UmPass - ok
21:53:26.0823 0x05cc  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:53:26.0839 0x05cc  upnphost - ok
21:53:26.0886 0x05cc  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:53:26.0901 0x05cc  usbccgp - ok
21:53:26.0948 0x05cc  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:53:26.0948 0x05cc  usbcir - ok
21:53:26.0995 0x05cc  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:53:26.0995 0x05cc  usbehci - ok
21:53:27.0057 0x05cc  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:53:27.0073 0x05cc  usbhub - ok
21:53:27.0088 0x05cc  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
21:53:27.0088 0x05cc  usbohci - ok
21:53:27.0135 0x05cc  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:53:27.0135 0x05cc  usbprint - ok
21:53:27.0182 0x05cc  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:53:27.0182 0x05cc  usbscan - ok
21:53:27.0182 0x05cc  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:53:27.0198 0x05cc  USBSTOR - ok
21:53:27.0213 0x05cc  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
21:53:27.0213 0x05cc  usbuhci - ok
21:53:27.0260 0x05cc  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
21:53:27.0276 0x05cc  usbvideo - ok
21:53:27.0291 0x05cc  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:53:27.0307 0x05cc  UxSms - ok
21:53:27.0322 0x05cc  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc        C:\Windows\system32\lsass.exe
21:53:27.0322 0x05cc  VaultSvc - ok
21:53:27.0369 0x05cc  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:53:27.0369 0x05cc  vdrvroot - ok
21:53:27.0447 0x05cc  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:53:27.0463 0x05cc  vds - ok
21:53:27.0494 0x05cc  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:53:27.0494 0x05cc  vga - ok
21:53:27.0510 0x05cc  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:53:27.0510 0x05cc  VgaSave - ok
21:53:27.0556 0x05cc  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:53:27.0556 0x05cc  vhdmp - ok
21:53:27.0588 0x05cc  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:53:27.0588 0x05cc  viaagp - ok
21:53:27.0603 0x05cc  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
21:53:27.0603 0x05cc  ViaC7 - ok
21:53:27.0634 0x05cc  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:53:27.0634 0x05cc  viaide - ok
21:53:27.0650 0x05cc  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:53:27.0666 0x05cc  volmgr - ok
21:53:27.0697 0x05cc  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:53:27.0728 0x05cc  volmgrx - ok
21:53:27.0744 0x05cc  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:53:27.0759 0x05cc  volsnap - ok
21:53:27.0790 0x05cc  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
21:53:27.0806 0x05cc  vsmraid - ok
21:53:27.0884 0x05cc  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:53:27.0931 0x05cc  VSS - ok
21:53:27.0962 0x05cc  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:53:27.0962 0x05cc  vwifibus - ok
21:53:27.0993 0x05cc  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:53:27.0993 0x05cc  vwififlt - ok
21:53:28.0040 0x05cc  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:53:28.0056 0x05cc  W32Time - ok
21:53:28.0087 0x05cc  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
21:53:28.0087 0x05cc  WacomPen - ok
21:53:28.0134 0x05cc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:53:28.0134 0x05cc  WANARP - ok
21:53:28.0149 0x05cc  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:53:28.0149 0x05cc  Wanarpv6 - ok
21:53:28.0305 0x05cc  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
21:53:28.0368 0x05cc  WatAdminSvc - ok
21:53:28.0492 0x05cc  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:53:28.0524 0x05cc  wbengine - ok
21:53:28.0570 0x05cc  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:53:28.0586 0x05cc  WbioSrvc - ok
21:53:28.0648 0x05cc  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:53:28.0664 0x05cc  wcncsvc - ok
21:53:28.0680 0x05cc  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:53:28.0680 0x05cc  WcsPlugInService - ok
21:53:28.0711 0x05cc  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
21:53:28.0711 0x05cc  Wd - ok
21:53:28.0773 0x05cc  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:53:28.0804 0x05cc  Wdf01000 - ok
21:53:28.0836 0x05cc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:53:28.0836 0x05cc  WdiServiceHost - ok
21:53:28.0836 0x05cc  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:53:28.0851 0x05cc  WdiSystemHost - ok
21:53:28.0882 0x05cc  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
21:53:28.0882 0x05cc  WebClient - ok
21:53:28.0914 0x05cc  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:53:28.0914 0x05cc  Wecsvc - ok
21:53:28.0929 0x05cc  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:53:28.0945 0x05cc  wercplsupport - ok
21:53:28.0976 0x05cc  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:53:28.0976 0x05cc  WerSvc - ok
21:53:29.0007 0x05cc  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:53:29.0007 0x05cc  WfpLwf - ok
21:53:29.0038 0x05cc  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:53:29.0038 0x05cc  WIMMount - ok
21:53:29.0038 0x05cc  WinHttpAutoProxySvc - ok
21:53:29.0116 0x05cc  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:53:29.0132 0x05cc  Winmgmt - ok
21:53:29.0257 0x05cc  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:53:29.0335 0x05cc  WinRM - ok
21:53:29.0413 0x05cc  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:53:29.0475 0x05cc  Wlansvc - ok
21:53:29.0506 0x05cc  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
21:53:29.0506 0x05cc  WmiAcpi - ok
21:53:29.0569 0x05cc  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:53:29.0569 0x05cc  wmiApSrv - ok
21:53:29.0694 0x05cc  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:53:29.0756 0x05cc  WMPNetworkSvc - ok
21:53:29.0772 0x05cc  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:53:29.0787 0x05cc  WPCSvc - ok
21:53:29.0928 0x05cc  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:53:29.0943 0x05cc  WPDBusEnum - ok
21:53:29.0959 0x05cc  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:53:29.0974 0x05cc  ws2ifsl - ok
21:53:30.0006 0x05cc  [ 553F6CCD7C58EB98D4A8FBDAF283D7A9, 71FBE50C470D1F54FDAADCECEC2CB021AE240CD59DE4E8EB5BCAA6E7F2F86560 ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
21:53:30.0006 0x05cc  WSDPrintDevice - ok
21:53:30.0006 0x05cc  WSearch - ok
21:53:30.0068 0x05cc  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:53:30.0068 0x05cc  WudfPf - ok
21:53:30.0130 0x05cc  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:53:30.0130 0x05cc  WUDFRd - ok
21:53:30.0162 0x05cc  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:53:30.0177 0x05cc  wudfsvc - ok
21:53:30.0208 0x05cc  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:53:30.0224 0x05cc  WwanSvc - ok
21:53:30.0240 0x05cc  ================ Scan global ===============================
21:53:30.0286 0x05cc  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:53:30.0333 0x05cc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:53:30.0364 0x05cc  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
21:53:30.0427 0x05cc  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:53:30.0474 0x05cc  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:53:30.0505 0x05cc  [ Global ] - ok
21:53:30.0505 0x05cc  ================ Scan MBR ==================================
21:53:30.0520 0x05cc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:53:31.0176 0x05cc  \Device\Harddisk0\DR0 - ok
21:53:31.0191 0x05cc  [ 65E858A8A0293BE11A920B0BC99D695E ] \Device\Harddisk1\DR3
21:53:31.0191 0x05cc  \Device\Harddisk1\DR3 - ok
21:53:31.0191 0x05cc  ================ Scan VBR ==================================
21:53:31.0441 0x05cc  [ 3B4F66C8667C2399FFA0F8D5F460CF0D ] \Device\Harddisk0\DR0\Partition1
21:53:31.0441 0x05cc  \Device\Harddisk0\DR0\Partition1 - ok
21:53:31.0456 0x05cc  [ 3C5EC2467CA61C5C9AB39C35F0E2AAD4 ] \Device\Harddisk0\DR0\Partition2
21:53:31.0456 0x05cc  \Device\Harddisk0\DR0\Partition2 - ok
21:53:31.0456 0x05cc  [ 6E5A9752ED1E748B0E8AF4FBE29FC2FA ] \Device\Harddisk1\DR3\Partition1
21:53:31.0456 0x05cc  \Device\Harddisk1\DR3\Partition1 - ok
21:53:31.0472 0x05cc  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe (  ), 0x41000 ( enabled : updated )
21:53:31.0503 0x05cc  Win FW state via NFP2: enabled
21:53:31.0503 0x05cc  ============================================================
21:53:31.0503 0x05cc  Scan finished
21:53:31.0503 0x05cc  ============================================================
21:53:31.0519 0x0c90  Detected object count: 0
21:53:31.0519 0x0c90  Actual detected object count: 0
21:53:58.0023 0x07e8  Deinitialize success
 

Attached Files



#12 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 05 November 2013 - 04:27 AM

Hi agarrison23

Step 1

Download RogueKiller and save it to your desktop.
  • Close all the running processes
  • Double click RogueKiller icon to run the program
    Vista/Win7 users should right click the icon and select Run as Administrator.
  • Wait for the Prescan to finish.
  • Now click the Scan button.
  • Please copy and paste the report in your next reply.
A copy of the RKreport.txt can be found on your desktop.

Note:
If RogueKiller is blocked, do not hesitate to try running it again.
If it still fails to run, right click on the downloaded icon and select 'Rename'.....rename it to winlogon and try again.

Step 2

Please download Malwarebytes' AntiMalware.
Double click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform Quick Scan, then click Scan.
    The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to restart. Restart if it tells you to.

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png


#13 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 05 November 2013 - 07:51 PM

Latest log files

Attached Files



#14 agarrison23

agarrison23
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:12:06 AM

Posted 05 November 2013 - 11:29 PM

I ran a full scan and it detected 4 objects

Attached Files



#15 seedy21

seedy21

  • Malware Response Team
  • 742 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:West Yorkshire, UK
  • Local time:07:06 AM

Posted 06 November 2013 - 02:04 PM

Hi agarrison23

The Full scan log is just finding the quarantine section where we have moved some infected files.

Step 1
Please Download Farbar Recovery Scan Tool

Farbar Recovery Scan Tool 32-Bit and save it to your Desktop.


Open notepad. Please copy the contents of the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
Save it on the Desktop as fixlist.txt
 
DeleteJunctionsIndirectory: C:\Program Files\Windows Defender
NOTICE: This script was written specifically for this user, for use on that particular machine.
Running this on another machine may cause damage to your operating system


Run FRST and press the Fix button just once and wait.
The tool will make a log on the desktop (Fixlog.txt) please post it to your reply.

Step 2

How is your machine running now? Do you have any further issues?

“It's only after we've lost everything that we're free to do anything.”
― Chuck Palahniuk, Fight Club

unite_blue.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users