Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gmer sees some suspicious files and unknown code


  • This topic is locked This topic is locked
15 replies to this topic

#1 Doomap117

Doomap117

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norrath
  • Local time:01:55 PM

Posted 18 January 2014 - 08:52 PM

Boopme, instructed me to post my dds log here but when i try to run dds i get a message saying "DDS is not meant to run in "Compatibility Mode" The Program shall now exit. i will try to run it in safe-mode.

Edit
Using 8.1

original topic
http://www.bleepingcomputer.com/forums/t/521046/im-sure-my-pc-is-infected-but/#entry3263530

Edited by boopme, 19 January 2014 - 02:05 PM.


BC AdBot (Login to Remove)

 


#2 Doomap117

Doomap117
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norrath
  • Local time:01:55 PM

Posted 20 January 2014 - 04:07 AM

here are the dds logs.

Attached Files



#3 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:55 PM

Posted 23 January 2014 - 02:46 PM

Hello and welcome to BleepingComputer! 
 
 
 
I am Elle and I will be helping you out with your problem. Firstly, you should know that we are working with specific tools which are used to identify the possible threats present on your system so I will analyze the results they produce. 
 
 
As a start we need to have some more up-to-date logs than the ones you have already provided. The current state of the files on your system might have changed so we need to get a clear look on that aspect. DO NOT bring any changes to the system except the ones I tell you to as that may produce more damage than helping us. 
 
If you will encounter a delay of over 2 days from me, please don't hesitate and private message me (link in the signature). 
Do not forget to check your topic periodically and subscribe to it so that you can receive notifications regarding my replies.
 
 
 
Please generate other DDS logs (download it from here if you haven't already) and post them in your next reply along with other changes that may have occured since you last posted.
Also download and run GMER from this link: GMER download link.
 
 
 
Thank you very much for your patience. 
 
 
 
 
Regards,
 
Elle

Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#4 Doomap117

Doomap117
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norrath
  • Local time:01:55 PM

Posted 23 January 2014 - 06:03 PM

I am sorry but i did a reinstall of windows last night, but i am not sure if the bug was removed. so here are the logs.

 

Thank you for helping :)

Attached Files



#5 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:55 PM

Posted 25 January 2014 - 10:25 AM

Hi there,

 

 

Have you tried the GMER scan?

 

 

 

Elle 


Can you hear it?It's all around!

Tomar ki manè acchè?
Yadi thakè, tahalè
Ki kshama kartè paro
?



If I haven't replied in 48 hours, please feel free to send me a PM.



Posted Image

#6 Doomap117

Doomap117
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Norrath
  • Local time:01:55 PM

Posted 25 January 2014 - 03:57 PM

I have used Gmer, here is the log text.

I do think i'm still infected but I maybe paranoid now.

 

GMER 2.1.19355 - http://www.gmer.net
Rootkit scan 2014-01-25 12:53:20
Windows 6.2.9200  x64 \Device\Harddisk1\DR1 -> \Device\00000030 OCZ-VERTEX3 rev.2.25 111.79GB
Running: c6eqwpoj.exe; Driver: C:\Users\Randy\AppData\Local\Temp\fwdyqpob.sys
 
 
---- Kernel code sections - GMER 2.1 ----
 
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable                                                                                                                                                                                        fffff96000179500 15 bytes [00, F1, 0F, 02, C0, 1E, 70, ...]
.text    C:\WINDOWS\System32\win32k.sys!W32pServiceTable + 16                                                                                                                                                                                   fffff96000179510 11 bytes [00, 4D, FC, FF, 80, 7C, DF, ...]
 
---- User code sections - GMER 2.1 ----
 
.text    C:\WINDOWS\system32\wininit.exe[676] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\services.exe[724] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\lsass.exe[732] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                               00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[804] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[856] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\nvvsvc.exe[304] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                              00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[1140] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[1512] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\System32\spoolsv.exe[1684] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[2132] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Bonjour\mDNSResponder.exe[2744] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                 00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe[2828] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                       00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Intel\iCLS Client\HeciServer.exe[2868] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                          00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\IProsetMonitor.exe[2924] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                     00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe[2968] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                               00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[2236] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                        00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[2236] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                       00007ffd31fc169a 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[2236] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                       00007ffd31fc16a2 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[2236] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                          00007ffd31fc181a 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe[2236] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                          00007ffd31fc1832 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\system32\svchost.exe[2452] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\svchost.exe[3584] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\SearchIndexer.exe[1560] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                      00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\System32\dwm.exe[3216] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                                00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\System32\dwm.exe[3216] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                               00007ffd31fc169a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\System32\dwm.exe[3216] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                               00007ffd31fc16a2 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\System32\dwm.exe[3216] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                  00007ffd31fc181a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\System32\dwm.exe[3216] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                  00007ffd31fc1832 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[4672] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\nvvsvc.exe[4672] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                            00007ffd31fc169a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[4672] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                            00007ffd31fc16a2 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[4672] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                               00007ffd31fc181a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\system32\nvvsvc.exe[4672] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                               00007ffd31fc1832 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe[2916] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                   00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\Explorer.EXE[3816] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                                    00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\Explorer.EXE[3816] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 506                                                                                                                                                   00007ffd31fc169a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\Explorer.EXE[3816] C:\WINDOWS\system32\PSAPI.DLL!GetModuleBaseNameA + 514                                                                                                                                                   00007ffd31fc16a2 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\Explorer.EXE[3816] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 118                                                                                                                                                      00007ffd31fc181a 4 bytes [FC, 31, FD, 7F]
.text    C:\WINDOWS\Explorer.EXE[3816] C:\WINDOWS\system32\PSAPI.DLL!QueryWorkingSet + 142                                                                                                                                                      00007ffd31fc1832 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Classic Shell\ClassicStartMenu.exe[1440] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                        00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\DllHost.exe[3416] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\taskhostex.exe[3448] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                         00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4940] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                        00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4940] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 506                                                                                                                       00007ffd31fc169a 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4940] C:\WINDOWS\system32\psapi.dll!GetModuleBaseNameA + 514                                                                                                                       00007ffd31fc16a2 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4940] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 118                                                                                                                          00007ffd31fc181a 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Logitech Gaming Software\LCore.exe[4940] C:\WINDOWS\system32\psapi.dll!QueryWorkingSet + 142                                                                                                                          00007ffd31fc1832 4 bytes [FC, 31, FD, 7F]
.text    C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe[1888] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe[4040] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                             00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\DllHost.exe[5312] C:\WINDOWS\system32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
.text    C:\WINDOWS\system32\AUDIODG.EXE[6128] C:\WINDOWS\SYSTEM32\KERNEL32.DLL!GetBinaryTypeW + 165                                                                                                                                            00007ffd301c977d 1 byte [62]
 
---- Threads - GMER 2.1 ----
 
Thread   C:\WINDOWS\system32\csrss.exe [4704:1944]                                                                                                                                                                                              fffff960008a54d0
Thread   C:\WINDOWS\system32\csrss.exe [4704:1844]                                                                                                                                                                                              fffff960008a54d0
---- Processes - GMER 2.1 ----
 
Library  C:\Users\Randy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\SkyDriveShell64.dll (*** suspicious ***) @ C:\WINDOWS\Explorer.EXE [3816] (Microsoft SkyDrive Shell Extension/Microsoft Corporation SIGNED)(2014-01-24 16:13:09)  00007ffd295d0000
Library  C:\Users\Randy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\MSVCP110.dll (*** suspicious ***) @ C:\WINDOWS\Explorer.EXE [3816] (Microsoft® C Runtime Library/Microsoft Corporation SIGNED)(2014-01-24 16:13:08)               00007ffd23920000
Library  C:\Users\Randy\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64\MSVCR110.dll (*** suspicious ***) @ C:\WINDOWS\Explorer.EXE [3816] (Microsoft® C Runtime Library/Microsoft Corporation SIGNED)(2014-01-24 16:13:09)               00007ffd22e40000
 
---- Disk sectors - GMER 2.1 ----
 
Disk     \Device\Harddisk1\DR1                                                                                                                                                                                                                  unknown MBR code
 
---- EOF - GMER 2.1 ----

Edited by Doomap117, 25 January 2014 - 03:57 PM.


#7 Blind Faith

Blind Faith

  • Malware Response Team
  • 4,101 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:11:55 PM

Posted 26 January 2014 - 01:22 PM

Hi there,

 

 

Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
  • Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it. 
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.
  •  
     
     
    Elle 

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #8 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:11:55 PM

    Posted 29 January 2014 - 07:02 AM

    Hi,

     

     

    Do you still need help? Please let me know.

     

     

    Elle 


    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #9 Doomap117

    Doomap117
    • Topic Starter

    • Members
    • 32 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Norrath
    • Local time:01:55 PM

    Posted 29 January 2014 - 09:58 PM

    sorry, I'm following your directions now. i have had a lot of work to do lately.



    #10 Doomap117

    Doomap117
    • Topic Starter

    • Members
    • 32 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Norrath
    • Local time:01:55 PM

    Posted 29 January 2014 - 10:02 PM

    18:56:27.0470 0x0d8c  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
    18:56:27.0470 0x0d8c  UEFI system
    18:56:31.0778 0x0d8c  ============================================================
    18:56:31.0779 0x0d8c  Current date / time: 2014/01/29 18:56:31.0778
    18:56:31.0779 0x0d8c  SystemInfo:
    18:56:31.0779 0x0d8c  
    18:56:31.0779 0x0d8c  OS Version: 6.3.9600 ServicePack: 0.0
    18:56:31.0779 0x0d8c  Product type: Workstation
    18:56:31.0779 0x0d8c  ComputerName: RANDYS-PC
    18:56:31.0779 0x0d8c  UserName: Randy
    18:56:31.0779 0x0d8c  Windows directory: C:\WINDOWS
    18:56:31.0779 0x0d8c  System windows directory: C:\WINDOWS
    18:56:31.0779 0x0d8c  Running under WOW64
    18:56:31.0779 0x0d8c  Processor architecture: Intel x64
    18:56:31.0779 0x0d8c  Number of processors: 4
    18:56:31.0779 0x0d8c  Page size: 0x1000
    18:56:31.0779 0x0d8c  Boot type: Normal boot
    18:56:31.0779 0x0d8c  ============================================================
    18:56:31.0802 0x0d8c  KLMD registered as C:\WINDOWS\system32\drivers\27993151.sys
    18:56:31.0897 0x0d8c  System UUID: {4C070BA4-F77E-BBA7-5F3A-D59D162A63C2}
    18:56:32.0224 0x0d8c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0230 0x0d8c  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0234 0x0d8c  Drive \Device\Harddisk2\DR2 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0244 0x0d8c  Drive \Device\Harddisk3\DR3 - Size: 0x37E4896000 (223.57 Gb), SectorSize: 0x200, Cylinders: 0x7201, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0257 0x0d8c  Drive \Device\Harddisk4\DR4 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0266 0x0d8c  Drive \Device\Harddisk5\DR5 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0267 0x0d8c  Drive \Device\Harddisk6\DR6 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    18:56:32.0282 0x0d8c  ============================================================
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0:
    18:56:32.0282 0x0d8c  GPT partitions:
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {505A9CB7-2282-4520-BFC8-CAB1D9704BDF}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x96000
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {7084904E-7DF6-4469-BAC0-9E9E184F32C3}, Name: EFI system partition, StartLBA 0x96800, BlocksNum 0x32000
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {BF1FBECD-3B58-44AF-9535-246FBC9ED506}, Name: Microsoft reserved partition, StartLBA 0xC8800, BlocksNum 0x40000
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A7E0E4B7-632E-4EE3-BCD2-05F6AFEAA712}, Name: Basic data partition, StartLBA 0x108800, BlocksNum 0xDDDD000
    18:56:32.0282 0x0d8c  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {BA7D5429-CC53-4ED7-820C-DC361A495E0E}, Name: , StartLBA 0xDEE5800, BlocksNum 0xAF000
    18:56:32.0282 0x0d8c  MBR partitions:
    18:56:32.0282 0x0d8c  \Device\Harddisk1\DR1:
    18:56:32.0283 0x0d8c  GPT partitions:
    18:56:32.0283 0x0d8c  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {74A930F4-8831-4919-9400-DE26D3A773F6}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
    18:56:32.0283 0x0d8c  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {79CB61B8-8B89-4E41-B8A7-B33DA6945C5D}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x2200000
    18:56:32.0283 0x0d8c  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {07A08DDE-128A-4E24-8AD7-0FBDFE41A314}, Name: Basic data partition, StartLBA 0x2240800, BlocksNum 0x724C5800
    18:56:32.0283 0x0d8c  MBR partitions:
    18:56:32.0283 0x0d8c  \Device\Harddisk2\DR2:
    18:56:32.0283 0x0d8c  GPT partitions:
    18:56:32.0283 0x0d8c  \Device\Harddisk2\DR2\Partition1: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {8468399D-844E-11E3-BE69-C86000DEFB27}, Name: LDM metadata partition, StartLBA 0x22, BlocksNum 0x800
    18:56:32.0284 0x0d8c  \Device\Harddisk2\DR2\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A5E5050A-7A5F-11E3-BF28-C86000DEFB27}, Name: Microsoft reserved partition, StartLBA 0x822, BlocksNum 0x3F800
    18:56:32.0284 0x0d8c  \Device\Harddisk2\DR2\Partition3: GPT, TypeGUID: {AF9B60A0-1431-4F62-BC68-3311714A69AD}, UniqueGUID: {846839A0-844E-11E3-BE69-C86000DEFB27}, Name: LDM data partition, StartLBA 0x40022, BlocksNum 0x1BEE446D
    18:56:32.0284 0x0d8c  MBR partitions:
    18:56:32.0284 0x0d8c  \Device\Harddisk3\DR3:
    18:56:32.0284 0x0d8c  GPT partitions:
    18:56:32.0284 0x0d8c  \Device\Harddisk3\DR3\Partition1: GPT, TypeGUID: {5808C8AA-7E8F-42E0-85D2-E1E90434CFB3}, UniqueGUID: {84683994-844E-11E3-BE69-C86000DEFB27}, Name: LDM metadata partition, StartLBA 0x22, BlocksNum 0x800
    18:56:32.0284 0x0d8c  \Device\Harddisk3\DR3\Partition2: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A5E50511-7A5F-11E3-BF28-C86000DEFB27}, Name: Microsoft reserved partition, StartLBA 0x822, BlocksNum 0x3F800
    18:56:32.0284 0x0d8c  \Device\Harddisk3\DR3\Partition3: GPT, TypeGUID: {AF9B60A0-1431-4F62-BC68-3311714A69AD}, UniqueGUID: {84683997-844E-11E3-BE69-C86000DEFB27}, Name: LDM data partition, StartLBA 0x40022, BlocksNum 0x1BEE446D
    18:56:32.0284 0x0d8c  MBR partitions:
    18:56:32.0284 0x0d8c  \Device\Harddisk4\DR4:
    18:56:32.0284 0x0d8c  GPT partitions:
    18:56:32.0285 0x0d8c  \Device\Harddisk4\DR4\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6B4012FA-4D30-4B36-9933-B5BFAFC12CAC}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x746C6000
    18:56:32.0285 0x0d8c  MBR partitions:
    18:56:32.0285 0x0d8c  \Device\Harddisk5\DR5:
    18:56:32.0285 0x0d8c  MBR partitions:
    18:56:32.0285 0x0d8c  \Device\Harddisk5\DR5\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
    18:56:32.0285 0x0d8c  \Device\Harddisk6\DR6:
    18:56:32.0285 0x0d8c  GPT partitions:
    18:56:32.0285 0x0d8c  \Device\Harddisk6\DR6\Partition1: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DD4DAE89-F474-4DEB-8AFD-DB5C0D50F3FB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x74706000
    18:56:32.0285 0x0d8c  MBR partitions:
    18:56:32.0285 0x0d8c  ============================================================
    18:56:32.0286 0x0d8c  C: <-> \Device\Harddisk0\DR0\Partition4
    18:56:32.0316 0x0d8c  F: <-> \Device\Harddisk4\DR4\Partition1
    18:56:32.0329 0x0d8c  L: <-> \Device\Harddisk1\DR1\Partition3
    18:56:32.0358 0x0d8c  M: <-> \Device\Harddisk6\DR6\Partition1
    18:56:32.0376 0x0d8c  N: <-> \Device\Harddisk1\DR1\Partition2
    18:56:32.0385 0x0d8c  O: <-> \Device\Harddisk5\DR5\Partition1
    18:56:32.0385 0x0d8c  ============================================================
    18:56:32.0385 0x0d8c  Initialize success
    18:56:32.0385 0x0d8c  ============================================================
    18:56:46.0339 0x0edc  ============================================================
    18:56:46.0339 0x0edc  Scan started
    18:56:46.0339 0x0edc  Mode: Manual; 
    18:56:46.0339 0x0edc  ============================================================
    18:56:46.0339 0x0edc  KSN ping started
    18:56:53.0383 0x0edc  KSN ping finished: true
    18:56:53.0449 0x0edc  ================ Scan system memory ========================
    18:56:53.0449 0x0edc  System memory - ok
    18:56:53.0449 0x0edc  ================ Scan services =============================
    18:56:53.0500 0x0edc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
    18:56:53.0505 0x0edc  1394ohci - ok
    18:56:53.0515 0x0edc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
    18:56:53.0518 0x0edc  3ware - ok
    18:56:53.0531 0x0edc  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
    18:56:53.0541 0x0edc  ACPI - ok
    18:56:53.0545 0x0edc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
    18:56:53.0547 0x0edc  acpiex - ok
    18:56:53.0550 0x0edc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
    18:56:53.0551 0x0edc  acpipagr - ok
    18:56:53.0554 0x0edc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
    18:56:53.0555 0x0edc  AcpiPmi - ok
    18:56:53.0557 0x0edc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
    18:56:53.0557 0x0edc  acpitime - ok
    18:56:53.0572 0x0edc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
    18:56:53.0584 0x0edc  ADP80XX - ok
    18:56:53.0591 0x0edc  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
    18:56:53.0594 0x0edc  AeLookupSvc - ok
    18:56:53.0604 0x0edc  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
    18:56:53.0613 0x0edc  AFD - ok
    18:56:53.0617 0x0edc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
    18:56:53.0619 0x0edc  agp440 - ok
    18:56:53.0622 0x0edc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
    18:56:53.0623 0x0edc  ahcache - ok
    18:56:53.0628 0x0edc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
    18:56:53.0629 0x0edc  ALG - ok
    18:56:53.0633 0x0edc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
    18:56:53.0636 0x0edc  AmdK8 - ok
    18:56:53.0640 0x0edc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
    18:56:53.0642 0x0edc  AmdPPM - ok
    18:56:53.0645 0x0edc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
    18:56:53.0647 0x0edc  amdsata - ok
    18:56:53.0653 0x0edc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
    18:56:53.0657 0x0edc  amdsbs - ok
    18:56:53.0660 0x0edc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
    18:56:53.0661 0x0edc  amdxata - ok
    18:56:53.0665 0x0edc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
    18:56:53.0666 0x0edc  AppID - ok
    18:56:53.0669 0x0edc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
    18:56:53.0670 0x0edc  AppIDSvc - ok
    18:56:53.0674 0x0edc  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\WINDOWS\System32\appinfo.dll
    18:56:53.0676 0x0edc  Appinfo - ok
    18:56:53.0682 0x0edc  [ F518545E5B7623AD49ABE7F8776EFA46, CD39B6EC0D80C6DB857F34D4AC5C31085271B51B8851A56FEFC052B20B7CC40C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    18:56:53.0684 0x0edc  Apple Mobile Device - ok
    18:56:53.0689 0x0edc  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
    18:56:53.0692 0x0edc  AppMgmt - ok
    18:56:53.0703 0x0edc  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
    18:56:53.0711 0x0edc  AppReadiness - ok
    18:56:53.0733 0x0edc  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
    18:56:53.0753 0x0edc  AppXSvc - ok
    18:56:53.0757 0x0edc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
    18:56:53.0760 0x0edc  arcsas - ok
    18:56:53.0777 0x0edc  [ 31E2470E61D5A390405BA41C279D8446, ADA2518DCB78529F716622E45775283CBBB8CA61A4E90B99C2D799C23C8AFCAA ] asComSvc        C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
    18:56:53.0791 0x0edc  asComSvc - ok
    18:56:53.0807 0x0edc  [ 0466B91EE5767A769E9F8EDB8EF94DDB, 04A529E57D6F617688B072B3BD281538B6B02BB985EE0AE2E355E685E52BE0C8 ] asHmComSvc      C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
    18:56:53.0822 0x0edc  asHmComSvc - ok
    18:56:53.0842 0x0edc  [ 798DE15F187C1F013095BBBEB6FB6197, 436CCAB6F62FA2D29827916E054ADE7ACAE485B3DE1D3E5C6C62D3DEBF1480E7 ] AsIO            C:\WINDOWS\syswow64\drivers\AsIO.sys
    18:56:53.0843 0x0edc  AsIO - ok
    18:56:53.0848 0x0edc  [ 10920CCB66203D7EF48F024B1B35AE6F, 3C97FE6C91076C059E54234F54021F5D74FB42638BE14E2C1E4CF2EFC342C274 ] asmthub3        C:\WINDOWS\System32\drivers\asmthub3.sys
    18:56:53.0851 0x0edc  asmthub3 - ok
    18:56:53.0860 0x0edc  [ C479BFAF73CF726E01AA0A487B268A5E, D49F7779CD25E098EC9DAF1886C3B3DB8EB22CEC0FEA6FDF4522A2B2D282AE37 ] asmtxhci        C:\WINDOWS\System32\drivers\asmtxhci.sys
    18:56:53.0866 0x0edc  asmtxhci - ok
    18:56:53.0873 0x0edc  [ AD8947D621FDCA48F1F39F4624B60AA1, D685CD1A378FA411EA11C18615A1EC5D66CEC2F990DB0D4181EE3140B9DF3E8B ] AsSysCtrlService C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
    18:56:53.0875 0x0edc  AsSysCtrlService - ok
    18:56:53.0878 0x0edc  [ 1392B92179B07B672720763D9B1028A5, B4D47EA790920A4531E3DF5A4B4B0721B7FEA6B49A35679F0652F1E590422602 ] AsUpIO          C:\WINDOWS\syswow64\drivers\AsUpIO.sys
    18:56:53.0879 0x0edc  AsUpIO - ok
    18:56:53.0882 0x0edc  [ A5E4CDB420540095D1293C874B5F89AA, EBC082FF94872537649F00D91AF22E0AFB4D538ACDB4731C9A95D209C7B144FD ] ASUSFILTER      C:\WINDOWS\syswow64\drivers\ASUSFILTER.sys
    18:56:53.0883 0x0edc  ASUSFILTER - ok
    18:56:53.0887 0x0edc  [ 57483E691D635510533E081EC4CB81EC, 5A963D1A51EAE53271820824522DD0372789035FEC8EEDA7B03A5049E0F85AF8 ] aswKbd          C:\WINDOWS\system32\drivers\aswKbd.sys
    18:56:53.0888 0x0edc  aswKbd - ok
    18:56:53.0891 0x0edc  [ 0ACC3F49015E628590CA4372322EB46B, EB4E22EB4E840261168AF750E878E7A28CC080A89CEF77B5037C2897C40D1DE3 ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
    18:56:53.0892 0x0edc  aswMonFlt - ok
    18:56:53.0901 0x0edc  [ 9C9F56BC4D399454600845FC806C270C, E48487BA54FC5638B2DBD630CD82B3BA4FE6706165132B1F5E7552016312C8DE ] aswNdisFlt      C:\WINDOWS\system32\DRIVERS\aswNdisFlt.sys
    18:56:53.0908 0x0edc  aswNdisFlt - ok
    18:56:53.0912 0x0edc  [ 679712B7A353EE665B9301592164A172, CA3C918106A355BAFD0833BB493DF2CCBC2D0F90CA7EBF5E27CC088C7170B0E0 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
    18:56:53.0914 0x0edc  aswRdr - ok
    18:56:53.0918 0x0edc  [ C04F7B373881009D7994D9BF55D24AB4, 5DEEA804F4F9862024F40A204E88DBCFFBDD2DC87CA86145E3FB649CFCCDC624 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
    18:56:53.0919 0x0edc  aswRvrt - ok
    18:56:53.0937 0x0edc  [ 43599E630DFC30AD4E6A2B4B269EB1C0, DA6C7FDC1F6A57117B17F697A94190CC0BB9E32B8CBB4F8C042AA461361CC74C ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
    18:56:53.0952 0x0edc  aswSnx - ok
    18:56:53.0961 0x0edc  [ F22DE5F5BA8ADA0A861441B624B51EB5, 58EF9FB3328B6B470F3652DBCE8ACEDAEE6839AC393889A02052298CA204689B ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
    18:56:53.0968 0x0edc  aswSP - ok
    18:56:53.0972 0x0edc  [ FD3EA14ADF6216BDF4030DB2EFD43D96, 2D3009008AAE93285301B5844DC214D6B05ECB05D37AE08895D8E7187A0BB619 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
    18:56:53.0974 0x0edc  aswStm - ok
    18:56:53.0979 0x0edc  [ 90399625F341AB76BA4B85A5E860EB1F, 92DD461B14240222F451F971642844A4DAD9DF4FFEAA8F12D16EA117822BEEF3 ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
    18:56:53.0982 0x0edc  aswVmm - ok
    18:56:53.0985 0x0edc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
    18:56:53.0986 0x0edc  atapi - ok
    18:56:53.0992 0x0edc  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
    18:56:53.0995 0x0edc  AudioEndpointBuilder - ok
    18:56:54.0010 0x0edc  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
    18:56:54.0022 0x0edc  Audiosrv - ok
    18:56:54.0028 0x0edc  [ CC42F104172B4A62793083D380867317, 0B09823419B328E29EB9FFBD033B3295590E414F31E7B37F11F62BD4B7EBAF06 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    18:56:54.0029 0x0edc  avast! Antivirus - ok
    18:56:54.0032 0x0edc  [ 3B5DA02DEA6910A709F19180746FF0CE, A97CD150692171663FE15B2BFAC8176C657C4D99232E17BD3ABA6ED1D65259E3 ] avast! Firewall C:\Program Files\AVAST Software\Avast\afwServ.exe
    18:56:54.0034 0x0edc  avast! Firewall - ok
    18:56:54.0038 0x0edc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
    18:56:54.0040 0x0edc  AxInstSV - ok
    18:56:54.0051 0x0edc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
    18:56:54.0059 0x0edc  b06bdrv - ok
    18:56:54.0062 0x0edc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
    18:56:54.0064 0x0edc  BasicDisplay - ok
    18:56:54.0067 0x0edc  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
    18:56:54.0068 0x0edc  BasicRender - ok
    18:56:54.0072 0x0edc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
    18:56:54.0073 0x0edc  bcmfn2 - ok
    18:56:54.0080 0x0edc  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
    18:56:54.0085 0x0edc  BDESVC - ok
    18:56:54.0088 0x0edc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
    18:56:54.0089 0x0edc  Beep - ok
    18:56:54.0105 0x0edc  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\WINDOWS\System32\bfe.dll
    18:56:54.0118 0x0edc  BFE - ok
    18:56:54.0136 0x0edc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
    18:56:54.0156 0x0edc  BITS - ok
    18:56:54.0168 0x0edc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
    18:56:54.0173 0x0edc  Bonjour Service - ok
    18:56:54.0177 0x0edc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
    18:56:54.0179 0x0edc  bowser - ok
    18:56:54.0186 0x0edc  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
    18:56:54.0191 0x0edc  BrokerInfrastructure - ok
    18:56:54.0195 0x0edc  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
    18:56:54.0198 0x0edc  Browser - ok
    18:56:54.0202 0x0edc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
    18:56:54.0204 0x0edc  BthAvrcpTg - ok
    18:56:54.0208 0x0edc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
    18:56:54.0209 0x0edc  BthHFEnum - ok
    18:56:54.0212 0x0edc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
    18:56:54.0213 0x0edc  bthhfhid - ok
    18:56:54.0217 0x0edc  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
    18:56:54.0218 0x0edc  BTHMODEM - ok
    18:56:54.0223 0x0edc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
    18:56:54.0224 0x0edc  bthserv - ok
    18:56:54.0227 0x0edc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
    18:56:54.0229 0x0edc  cdfs - ok
    18:56:54.0234 0x0edc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
    18:56:54.0238 0x0edc  cdrom - ok
    18:56:54.0243 0x0edc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
    18:56:54.0245 0x0edc  CertPropSvc - ok
    18:56:54.0249 0x0edc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
    18:56:54.0250 0x0edc  circlass - ok
    18:56:54.0259 0x0edc  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
    18:56:54.0264 0x0edc  CLFS - ok
    18:56:54.0270 0x0edc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
    18:56:54.0271 0x0edc  CmBatt - ok
    18:56:54.0282 0x0edc  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
    18:56:54.0291 0x0edc  CNG - ok
    18:56:54.0295 0x0edc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
    18:56:54.0296 0x0edc  CompositeBus - ok
    18:56:54.0298 0x0edc  COMSysApp - ok
    18:56:54.0301 0x0edc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
    18:56:54.0302 0x0edc  condrv - ok
    18:56:54.0306 0x0edc  cpuz136 - ok
    18:56:54.0310 0x0edc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
    18:56:54.0313 0x0edc  CryptSvc - ok
    18:56:54.0324 0x0edc  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
    18:56:54.0333 0x0edc  CSC - ok
    18:56:54.0347 0x0edc  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
    18:56:54.0359 0x0edc  CscService - ok
    18:56:54.0370 0x0edc  [ 51D43B57EA8EFFE5CB1E27E01C100A2F, 68995F291422F2C5A2C9C4C673272754E3AC49ED53D6197675EB9E19028163C5 ] CTAudSvcService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
    18:56:54.0377 0x0edc  CTAudSvcService - ok
    18:56:54.0396 0x0edc  [ 5EEE837B6C7AADD5542D70964416997D, D97104DACEB8F3C65A4EB8E82F29306B9B2269F43D3F5583BAD258A67996EAFB ] cthda           C:\WINDOWS\system32\drivers\cthda.sys
    18:56:54.0412 0x0edc  cthda - ok
    18:56:54.0433 0x0edc  [ 209733B2757CD9A2A2B67EF53655D0F9, E705A2CA35CB9DF3D08F2D8C964900319B15991420488703EB8C0EBFBABB2C5A ] CtHdaSvc        C:\WINDOWS\sysWow64\CtHdaSvc.exe
    18:56:54.0436 0x0edc  CtHdaSvc - ok
    18:56:54.0439 0x0edc  [ 1F6A682DC74C90F8FE5F1EF039AFCF7B, 9D3F491D215451B09ABBE66C7E276EC016EE4E3848A92CC12CD59F270570170F ] cthdb           C:\WINDOWS\system32\DRIVERS\cthdb.sys
    18:56:54.0439 0x0edc  cthdb - ok
    18:56:54.0443 0x0edc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
    18:56:54.0444 0x0edc  dam - ok
    18:56:54.0459 0x0edc  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
    18:56:54.0472 0x0edc  DcomLaunch - ok
    18:56:54.0481 0x0edc  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
    18:56:54.0489 0x0edc  defragsvc - ok
    18:56:54.0498 0x0edc  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
    18:56:54.0504 0x0edc  DeviceAssociationService - ok
    18:56:54.0509 0x0edc  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
    18:56:54.0513 0x0edc  DeviceInstall - ok
    18:56:54.0518 0x0edc  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
    18:56:54.0519 0x0edc  Dfsc - ok
    18:56:54.0528 0x0edc  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
    18:56:54.0534 0x0edc  Dhcp - ok
    18:56:54.0538 0x0edc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
    18:56:54.0540 0x0edc  disk - ok
    18:56:54.0542 0x0edc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
    18:56:54.0543 0x0edc  dmvsc - ok
    18:56:54.0549 0x0edc  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
    18:56:54.0553 0x0edc  Dnscache - ok
    18:56:54.0560 0x0edc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
    18:56:54.0564 0x0edc  dot3svc - ok
    18:56:54.0569 0x0edc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
    18:56:54.0573 0x0edc  DPS - ok
    18:56:54.0575 0x0edc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
    18:56:54.0577 0x0edc  drmkaud - ok
    18:56:54.0582 0x0edc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
    18:56:54.0585 0x0edc  DsmSvc - ok
    18:56:54.0592 0x0edc  [ EE8684BF88C1B74D47647802281ED085, 9CA7803E2544304D3EDC19D2706ED8AC066E97BBF700ACC532C787537CDA99A4 ] DTSAudioSvc     C:\Program Files\Realtek\Audio\HDA\DTSU2PAuSrv64.exe
    18:56:54.0596 0x0edc  DTSAudioSvc - ok
    18:56:54.0621 0x0edc  [ A3D1CB64DF885ACE126543E6D7067348, AFB5EF73F7B2854669137F586171500E4EB00F12BFCFD6B743FABD165B4AEED3 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
    18:56:54.0644 0x0edc  DXGKrnl - ok
    18:56:54.0655 0x0edc  [ 79A0E9735B144660512198C3F5F48623, 84D002242BD023D35F4ECFADBBA87076F9DDBDDE293F2E3056F669FB468F935E ] e1cexpress      C:\WINDOWS\system32\DRIVERS\e1c64x64.sys
    18:56:54.0663 0x0edc  e1cexpress - ok
    18:56:54.0674 0x0edc  [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress      C:\WINDOWS\system32\DRIVERS\e1i63x64.sys
    18:56:54.0681 0x0edc  e1iexpress - ok
    18:56:54.0685 0x0edc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
    18:56:54.0688 0x0edc  Eaphost - ok
    18:56:54.0741 0x0edc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
    18:56:54.0789 0x0edc  ebdrv - ok
    18:56:54.0795 0x0edc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
    18:56:54.0798 0x0edc  EFS - ok
    18:56:54.0801 0x0edc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
    18:56:54.0803 0x0edc  EhStorClass - ok
    18:56:54.0807 0x0edc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
    18:56:54.0809 0x0edc  EhStorTcgDrv - ok
    18:56:54.0811 0x0edc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
    18:56:54.0812 0x0edc  ErrDev - ok
    18:56:54.0816 0x0edc  [ BE0471229F5B8EBBAECB2BD47233899D, F85A665EE84A1B279D123DBFDF996F312C6EB8283551DEA8628AD616A8D4DB6B ] ESProtectionDriver C:\Program Files\Malwarebytes Anti-Exploit\MBAE.sys
    18:56:54.0817 0x0edc  ESProtectionDriver - ok
    18:56:54.0828 0x0edc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
    18:56:54.0836 0x0edc  EventSystem - ok
    18:56:54.0842 0x0edc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
    18:56:54.0845 0x0edc  exfat - ok
    18:56:54.0851 0x0edc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
    18:56:54.0855 0x0edc  fastfat - ok
    18:56:54.0867 0x0edc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
    18:56:54.0878 0x0edc  Fax - ok
    18:56:54.0881 0x0edc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
    18:56:54.0882 0x0edc  fdc - ok
    18:56:54.0885 0x0edc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
    18:56:54.0887 0x0edc  fdPHost - ok
    18:56:54.0889 0x0edc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
    18:56:54.0891 0x0edc  FDResPub - ok
    18:56:54.0895 0x0edc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
    18:56:54.0898 0x0edc  fhsvc - ok
    18:56:54.0901 0x0edc  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
    18:56:54.0902 0x0edc  FileInfo - ok
    18:56:54.0905 0x0edc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
    18:56:54.0906 0x0edc  Filetrace - ok
    18:56:54.0909 0x0edc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
    18:56:54.0910 0x0edc  flpydisk - ok
    18:56:54.0918 0x0edc  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
    18:56:54.0923 0x0edc  FltMgr - ok
    18:56:54.0946 0x0edc  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\WINDOWS\system32\FntCache.dll
    18:56:54.0967 0x0edc  FontCache - ok
    18:56:54.0972 0x0edc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    18:56:54.0973 0x0edc  FontCache3.0.0.0 - ok
    18:56:54.0976 0x0edc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
    18:56:54.0977 0x0edc  FsDepends - ok
    18:56:54.0980 0x0edc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
    18:56:54.0981 0x0edc  Fs_Rec - ok
    18:56:54.0992 0x0edc  [ 223C22579BF1B45EE9067263BFD5875E, 4995EF91F5448AF685628AF9AEF66DDC74BFDE470EE703CD9F187B2622A921F4 ] Futuremark SystemInfo Service C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe
    18:56:55.0000 0x0edc  Futuremark SystemInfo Service - ok
    18:56:55.0012 0x0edc  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
    18:56:55.0021 0x0edc  fvevol - ok
    18:56:55.0024 0x0edc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
    18:56:55.0025 0x0edc  FxPPM - ok
    18:56:55.0028 0x0edc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
    18:56:55.0030 0x0edc  gagp30kx - ok
    18:56:55.0032 0x0edc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
    18:56:55.0033 0x0edc  GEARAspiWDM - ok
    18:56:55.0035 0x0edc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
    18:56:55.0037 0x0edc  gencounter - ok
    18:56:55.0041 0x0edc  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
    18:56:55.0043 0x0edc  GPIOClx0101 - ok
    18:56:55.0065 0x0edc  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
    18:56:55.0086 0x0edc  gpsvc - ok
    18:56:55.0090 0x0edc  GPUZ - ok
    18:56:55.0093 0x0edc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    18:56:55.0095 0x0edc  gupdate - ok
    18:56:55.0098 0x0edc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    18:56:55.0100 0x0edc  gupdatem - ok
    18:56:55.0111 0x0edc  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
    18:56:55.0118 0x0edc  HdAudAddService - ok
    18:56:55.0122 0x0edc  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
    18:56:55.0124 0x0edc  HDAudBus - ok
    18:56:55.0127 0x0edc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
    18:56:55.0128 0x0edc  HidBatt - ok
    18:56:55.0132 0x0edc  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
    18:56:55.0134 0x0edc  HidBth - ok
    18:56:55.0137 0x0edc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
    18:56:55.0139 0x0edc  hidi2c - ok
    18:56:55.0142 0x0edc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
    18:56:55.0143 0x0edc  HidIr - ok
    18:56:55.0146 0x0edc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
    18:56:55.0147 0x0edc  hidserv - ok
    18:56:55.0150 0x0edc  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
    18:56:55.0151 0x0edc  HidUsb - ok
    18:56:55.0154 0x0edc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
    18:56:55.0157 0x0edc  hkmsvc - ok
    18:56:55.0163 0x0edc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
    18:56:55.0169 0x0edc  HomeGroupListener - ok
    18:56:55.0177 0x0edc  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
    18:56:55.0185 0x0edc  HomeGroupProvider - ok
    18:56:55.0189 0x0edc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
    18:56:55.0190 0x0edc  HpSAMD - ok
    18:56:55.0208 0x0edc  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
    18:56:55.0223 0x0edc  HTTP - ok
    18:56:55.0226 0x0edc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
    18:56:55.0227 0x0edc  hwpolicy - ok
    18:56:55.0229 0x0edc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
    18:56:55.0230 0x0edc  hyperkbd - ok
    18:56:55.0232 0x0edc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
    18:56:55.0233 0x0edc  HyperVideo - ok
    18:56:55.0237 0x0edc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
    18:56:55.0240 0x0edc  i8042prt - ok
    18:56:55.0242 0x0edc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
    18:56:55.0243 0x0edc  iaLPSSi_GPIO - ok
    18:56:55.0246 0x0edc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
    18:56:55.0248 0x0edc  iaLPSSi_I2C - ok
    18:56:55.0261 0x0edc  [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
    18:56:55.0269 0x0edc  iaStorA - ok
    18:56:55.0281 0x0edc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
    18:56:55.0291 0x0edc  iaStorAV - ok
    18:56:55.0295 0x0edc  [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
    18:56:55.0296 0x0edc  IAStorDataMgrSvc - ok
    18:56:55.0304 0x0edc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
    18:56:55.0311 0x0edc  iaStorV - ok
    18:56:55.0314 0x0edc  IEEtwCollectorService - ok
    18:56:55.0334 0x0edc  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
    18:56:55.0351 0x0edc  IKEEXT - ok
    18:56:55.0355 0x0edc  [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON         C:\WINDOWS\System32\Drivers\INETMON.sys
    18:56:55.0357 0x0edc  INETMON - ok
    18:56:55.0417 0x0edc  [ 2BEE14AC102CF1259AC99ABF53291A8B, 45FAF81302E7A575D378A67F4EF75C89FDDE3B16AC3155BB2803A54D3A7B0DD3 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
    18:56:55.0469 0x0edc  IntcAzAudAddService - ok
    18:56:55.0486 0x0edc  [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
    18:56:55.0497 0x0edc  Intel® Capability Licensing Service Interface - ok
    18:56:55.0512 0x0edc  [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel® Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
    18:56:55.0524 0x0edc  Intel® Capability Licensing Service TCP IP Interface - ok
    18:56:55.0527 0x0edc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
    18:56:55.0528 0x0edc  intelide - ok
    18:56:55.0531 0x0edc  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
    18:56:55.0532 0x0edc  intelpep - ok
    18:56:55.0537 0x0edc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
    18:56:55.0539 0x0edc  intelppm - ok
    18:56:55.0543 0x0edc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
    18:56:55.0545 0x0edc  IpFilterDriver - ok
    18:56:55.0562 0x0edc  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
    18:56:55.0576 0x0edc  iphlpsvc - ok
    18:56:55.0580 0x0edc  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
    18:56:55.0582 0x0edc  IPMIDRV - ok
    18:56:55.0586 0x0edc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
    18:56:55.0589 0x0edc  IPNAT - ok
    18:56:55.0601 0x0edc  [ F7ED08D4BC89D7AC6135C1556A89157F, 8F15F1E528F6513FCEF5D966880CBA8A2C7A4816393393F4B201CDD6227F36A3 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
    18:56:55.0611 0x0edc  iPod Service - ok
    18:56:55.0614 0x0edc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
    18:56:55.0615 0x0edc  IRENUM - ok
    18:56:55.0617 0x0edc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
    18:56:55.0619 0x0edc  isapnp - ok
    18:56:55.0626 0x0edc  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
    18:56:55.0632 0x0edc  iScsiPrt - ok
    18:56:55.0635 0x0edc  [ 1ECC1A421B0AEBF9A6934451FBFD7848, 1A8DDEC42831C12760CF27FA02EDD06D5CCE25A606E2DECB7D8487B5961B11AC ] ISCT            C:\WINDOWS\System32\drivers\ISCTD64.sys
    18:56:55.0636 0x0edc  ISCT - ok
    18:56:55.0642 0x0edc  [ CEF40A3E01C3BC23A904008D9CFB17C3, 3122C2E28E7C58E1BF23476DB03186384FA19F4C2CF952279CF4F1F41FD16C2E ] ISCTAgent       C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
    18:56:55.0645 0x0edc  ISCTAgent - ok
    18:56:55.0650 0x0edc  [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service     C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
    18:56:55.0653 0x0edc  jhi_service - ok
    18:56:55.0657 0x0edc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
    18:56:55.0659 0x0edc  kbdclass - ok
    18:56:55.0662 0x0edc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
    18:56:55.0663 0x0edc  kbdhid - ok
    18:56:55.0666 0x0edc  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
    18:56:55.0666 0x0edc  kbldfltr - ok
    18:56:55.0668 0x0edc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
    18:56:55.0669 0x0edc  kdnic - ok
    18:56:55.0672 0x0edc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
    18:56:55.0674 0x0edc  KeyIso - ok
    18:56:55.0678 0x0edc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
    18:56:55.0680 0x0edc  KSecDD - ok
    18:56:55.0685 0x0edc  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
    18:56:55.0688 0x0edc  KSecPkg - ok
    18:56:55.0691 0x0edc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
    18:56:55.0692 0x0edc  ksthunk - ok
    18:56:55.0699 0x0edc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
    18:56:55.0706 0x0edc  KtmRm - ok
    18:56:55.0714 0x0edc  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
    18:56:55.0721 0x0edc  LanmanServer - ok
    18:56:55.0729 0x0edc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
    18:56:55.0735 0x0edc  LanmanWorkstation - ok
    18:56:55.0746 0x0edc  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
    18:56:55.0755 0x0edc  lfsvc - ok
    18:56:55.0758 0x0edc  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum       C:\WINDOWS\system32\drivers\LGBusEnum.sys
    18:56:55.0759 0x0edc  LGBusEnum - ok
    18:56:55.0762 0x0edc  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
    18:56:55.0764 0x0edc  LGSHidFilt - ok
    18:56:55.0766 0x0edc  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
    18:56:55.0767 0x0edc  LGVirHid - ok
    18:56:55.0770 0x0edc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
    18:56:55.0771 0x0edc  lltdio - ok
    18:56:55.0778 0x0edc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
    18:56:55.0783 0x0edc  lltdsvc - ok
    18:56:55.0787 0x0edc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
    18:56:55.0789 0x0edc  lmhosts - ok
    18:56:55.0797 0x0edc  [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
    18:56:55.0802 0x0edc  LMS - ok
    18:56:55.0807 0x0edc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
    18:56:55.0810 0x0edc  LSI_SAS - ok
    18:56:55.0814 0x0edc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
    18:56:55.0816 0x0edc  LSI_SAS2 - ok
    18:56:55.0819 0x0edc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
    18:56:55.0821 0x0edc  LSI_SAS3 - ok
    18:56:55.0825 0x0edc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
    18:56:55.0827 0x0edc  LSI_SSS - ok
    18:56:55.0840 0x0edc  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\WINDOWS\System32\lsm.dll
    18:56:55.0852 0x0edc  LSM - ok
    18:56:55.0857 0x0edc  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
    18:56:55.0860 0x0edc  luafv - ok
    18:56:55.0862 0x0edc  [ 0BB97D43299910CBFBA59C461B99B910, 27C22D9D9EE8A410D7396960DA93E9E260D4DCDD38DCE06E85E45C5E24C067DE ] MBAMProtector   C:\WINDOWS\system32\drivers\mbam.sys
    18:56:55.0863 0x0edc  MBAMProtector - ok
    18:56:55.0872 0x0edc  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    18:56:55.0878 0x0edc  MBAMScheduler - ok
    18:56:55.0891 0x0edc  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    18:56:55.0901 0x0edc  MBAMService - ok
    18:56:55.0906 0x0edc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
    18:56:55.0908 0x0edc  megasas - ok
    18:56:55.0918 0x0edc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
    18:56:55.0928 0x0edc  megasr - ok
    18:56:55.0932 0x0edc  [ 18B9AD128EC84E8D16A83F70CF36594F, 199DF15D68E2A079794E5DD325162C1A68A65EF26EEF5A6C6154281DDE57279A ] MEIx64          C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys
    18:56:55.0934 0x0edc  MEIx64 - ok
    18:56:55.0938 0x0edc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
    18:56:55.0940 0x0edc  MMCSS - ok
    18:56:55.0943 0x0edc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
    18:56:55.0944 0x0edc  Modem - ok
    18:56:55.0947 0x0edc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
    18:56:55.0948 0x0edc  monitor - ok
    18:56:55.0951 0x0edc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
    18:56:55.0953 0x0edc  mouclass - ok
    18:56:55.0956 0x0edc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
    18:56:55.0957 0x0edc  mouhid - ok
    18:56:55.0960 0x0edc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
    18:56:55.0962 0x0edc  mountmgr - ok
    18:56:55.0966 0x0edc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
    18:56:55.0967 0x0edc  mpsdrv - ok
    18:56:55.0983 0x0edc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
    18:56:55.0998 0x0edc  MpsSvc - ok
    18:56:56.0003 0x0edc  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
    18:56:56.0005 0x0edc  MRxDAV - ok
    18:56:56.0014 0x0edc  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
    18:56:56.0020 0x0edc  mrxsmb - ok
    18:56:56.0026 0x0edc  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
    18:56:56.0031 0x0edc  mrxsmb10 - ok
    18:56:56.0037 0x0edc  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
    18:56:56.0040 0x0edc  mrxsmb20 - ok
    18:56:56.0044 0x0edc  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
    18:56:56.0046 0x0edc  MsBridge - ok
    18:56:56.0052 0x0edc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
    18:56:56.0056 0x0edc  MSDTC - ok
    18:56:56.0060 0x0edc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
    18:56:56.0061 0x0edc  Msfs - ok
    18:56:56.0064 0x0edc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
    18:56:56.0065 0x0edc  msgpiowin32 - ok
    18:56:56.0067 0x0edc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
    18:56:56.0068 0x0edc  mshidkmdf - ok
    18:56:56.0071 0x0edc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
    18:56:56.0071 0x0edc  mshidumdf - ok
    18:56:56.0073 0x0edc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
    18:56:56.0074 0x0edc  msisadrv - ok
    18:56:56.0078 0x0edc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
    18:56:56.0082 0x0edc  MSiSCSI - ok
    18:56:56.0084 0x0edc  msiserver - ok
    18:56:56.0088 0x0edc  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
    18:56:56.0090 0x0edc  MsKeyboardFilter - ok
    18:56:56.0092 0x0edc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
    18:56:56.0093 0x0edc  MSKSSRV - ok
    18:56:56.0096 0x0edc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
    18:56:56.0097 0x0edc  MsLldp - ok
    18:56:56.0099 0x0edc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
    18:56:56.0100 0x0edc  MSPCLOCK - ok
    18:56:56.0102 0x0edc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
    18:56:56.0103 0x0edc  MSPQM - ok
    18:56:56.0110 0x0edc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
    18:56:56.0116 0x0edc  MsRPC - ok
    18:56:56.0120 0x0edc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
    18:56:56.0121 0x0edc  mssmbios - ok
    18:56:56.0123 0x0edc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
    18:56:56.0124 0x0edc  MSTEE - ok
    18:56:56.0126 0x0edc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
    18:56:56.0127 0x0edc  MTConfig - ok
    18:56:56.0130 0x0edc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
    18:56:56.0132 0x0edc  Mup - ok
    18:56:56.0135 0x0edc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
    18:56:56.0136 0x0edc  mvumis - ok
    18:56:56.0145 0x0edc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
    18:56:56.0153 0x0edc  napagent - ok
    18:56:56.0162 0x0edc  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
    18:56:56.0169 0x0edc  NativeWifiP - ok
    18:56:56.0174 0x0edc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
    18:56:56.0178 0x0edc  NcaSvc - ok
    18:56:56.0183 0x0edc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
    18:56:56.0186 0x0edc  NcbService - ok
    18:56:56.0189 0x0edc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
    18:56:56.0192 0x0edc  NcdAutoSetup - ok
    18:56:56.0212 0x0edc  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
    18:56:56.0229 0x0edc  NDIS - ok
    18:56:56.0233 0x0edc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
    18:56:56.0233 0x0edc  NdisCap - ok
    18:56:56.0237 0x0edc  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
    18:56:56.0239 0x0edc  NdisImPlatform - ok
    18:56:56.0241 0x0edc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
    18:56:56.0242 0x0edc  NdisTapi - ok
    18:56:56.0245 0x0edc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
    18:56:56.0246 0x0edc  Ndisuio - ok
    18:56:56.0249 0x0edc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
    18:56:56.0249 0x0edc  NdisVirtualBus - ok
    18:56:56.0255 0x0edc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    18:56:56.0259 0x0edc  NdisWan - ok
    18:56:56.0263 0x0edc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
    18:56:56.0266 0x0edc  NdisWanLegacy - ok
    18:56:56.0270 0x0edc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
    18:56:56.0271 0x0edc  NDProxy - ok
    18:56:56.0275 0x0edc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
    18:56:56.0277 0x0edc  Ndu - ok
    18:56:56.0280 0x0edc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
    18:56:56.0281 0x0edc  NetBIOS - ok
    18:56:56.0287 0x0edc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
    18:56:56.0292 0x0edc  NetBT - ok
    18:56:56.0295 0x0edc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
    18:56:56.0297 0x0edc  Netlogon - ok
    18:56:56.0303 0x0edc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
    18:56:56.0308 0x0edc  Netman - ok
    18:56:56.0319 0x0edc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
    18:56:56.0329 0x0edc  netprofm - ok
    18:56:56.0337 0x0edc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
    18:56:56.0341 0x0edc  NetTcpPortSharing - ok
    18:56:56.0345 0x0edc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
    18:56:56.0347 0x0edc  netvsc - ok
    18:56:56.0355 0x0edc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
    18:56:56.0363 0x0edc  NlaSvc - ok
    18:56:56.0366 0x0edc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
    18:56:56.0368 0x0edc  Npfs - ok
    18:56:56.0370 0x0edc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
    18:56:56.0371 0x0edc  npsvctrig - ok
    18:56:56.0374 0x0edc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
    18:56:56.0376 0x0edc  nsi - ok
    18:56:56.0379 0x0edc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
    18:56:56.0380 0x0edc  nsiproxy - ok
    18:56:56.0415 0x0edc  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
    18:56:56.0444 0x0edc  Ntfs - ok
    18:56:56.0448 0x0edc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
    18:56:56.0448 0x0edc  Null - ok
    18:56:56.0648 0x0edc  [ 0218E1CE8F7B5D404980192B9112D03A, 30BFBDC8F4BFF9DCAE71940AFD3F3E8CCC71C950F3B4A9717A70FF667F6DDC9E ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
    18:56:56.0827 0x0edc  nvlddmkm - ok
    18:56:56.0865 0x0edc  [ 903A40C958D471F9D30D29FA6D2800A4, 4641F8E8B20EE9AF8AB61E61AD74D41A4E9F51C906EC5F3BDC484FFAFB540E69 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    18:56:56.0887 0x0edc  NvNetworkService - ok
    18:56:56.0891 0x0edc  [ 2E334C10BFAB37BDF2A66F6E0D36C061, AD7577E3A348D6A3BE170B507458EF04ABDA898CC5F7CA36D45262437BE20941 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
    18:56:56.0892 0x0edc  nvpciflt - ok
    18:56:56.0896 0x0edc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
    18:56:56.0899 0x0edc  nvraid - ok
    18:56:56.0904 0x0edc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
    18:56:56.0907 0x0edc  nvstor - ok
    18:56:56.0924 0x0edc  [ B7973C405247C5A44BA46B12A4B7AEEA, DF25E4CB7093EFF528C47A51C68CD1B0A93AE273D078804B7E09E74163753AA8 ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
    18:56:56.0937 0x0edc  nvsvc - ok
    18:56:56.0941 0x0edc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
    18:56:56.0944 0x0edc  nv_agp - ok
    18:56:56.0976 0x0edc  [ E7D8C7748AAED52F1700D048A0087158, 3DD1652460C3AC9809A01DFC39326614C738CBF8196AC1DB73D88231EB860C90 ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX64\integratedoffice.exe
    18:56:57.0000 0x0edc  OfficeSvc - ok
    18:56:57.0006 0x0edc  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    18:56:57.0009 0x0edc  ose - ok
    18:56:57.0018 0x0edc  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
    18:56:57.0026 0x0edc  p2pimsvc - ok
    18:56:57.0035 0x0edc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
    18:56:57.0044 0x0edc  p2psvc - ok
    18:56:57.0048 0x0edc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
    18:56:57.0050 0x0edc  Parport - ok
    18:56:57.0055 0x0edc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
    18:56:57.0056 0x0edc  partmgr - ok
    18:56:57.0066 0x0edc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
    18:56:57.0074 0x0edc  PcaSvc - ok
    18:56:57.0083 0x0edc  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\WINDOWS\system32\drivers\pci.sys
    18:56:57.0088 0x0edc  pci - ok
    18:56:57.0091 0x0edc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
    18:56:57.0092 0x0edc  pciide - ok
    18:56:57.0096 0x0edc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
    18:56:57.0099 0x0edc  pcmcia - ok
    18:56:57.0101 0x0edc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
    18:56:57.0103 0x0edc  pcw - ok
    18:56:57.0106 0x0edc  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
    18:56:57.0108 0x0edc  pdc - ok
    18:56:57.0121 0x0edc  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
    18:56:57.0132 0x0edc  PEAUTH - ok
    18:56:57.0168 0x0edc  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
    18:56:57.0201 0x0edc  PeerDistSvc - ok
    18:56:57.0225 0x0edc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
    18:56:57.0228 0x0edc  PerfHost - ok
    18:56:57.0254 0x0edc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
    18:56:57.0277 0x0edc  pla - ok
    18:56:57.0282 0x0edc  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
    18:56:57.0286 0x0edc  PlugPlay - ok
    18:56:57.0289 0x0edc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
    18:56:57.0291 0x0edc  PNRPAutoReg - ok
    18:56:57.0299 0x0edc  [ 3B510F20806B94E389784ED09DBD2111, EF8896C500B3AA3A811FDE97BC322EF3295E9BD0DE236715D4A4C52CF63727E1 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
    18:56:57.0305 0x0edc  PNRPsvc - ok
    18:56:57.0314 0x0edc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
    18:56:57.0321 0x0edc  PolicyAgent - ok
    18:56:57.0326 0x0edc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
    18:56:57.0329 0x0edc  Power - ok
    18:56:57.0376 0x0edc  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
    18:56:57.0410 0x0edc  PrintNotify - ok
    18:56:57.0417 0x0edc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
    18:56:57.0420 0x0edc  Processor - ok
    18:56:57.0425 0x0edc  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
    18:56:57.0431 0x0edc  ProfSvc - ok
    18:56:57.0438 0x0edc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
    18:56:57.0440 0x0edc  Psched - ok
    18:56:57.0447 0x0edc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
    18:56:57.0454 0x0edc  QWAVE - ok
    18:56:57.0457 0x0edc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
    18:56:57.0458 0x0edc  QWAVEdrv - ok
    18:56:57.0461 0x0edc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
    18:56:57.0462 0x0edc  RasAcd - ok
    18:56:57.0466 0x0edc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
    18:56:57.0469 0x0edc  RasAuto - ok
    18:56:57.0480 0x0edc  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\WINDOWS\System32\rasmans.dll
    18:56:57.0490 0x0edc  RasMan - ok
    18:56:57.0494 0x0edc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
    18:56:57.0496 0x0edc  RasPppoe - ok
    18:56:57.0504 0x0edc  [ B939A2A0F9D6C6C186721E268EB6FA93, 8AF03945428D8F0E9B6DE1C24627336398320C7C78E5F594E0A57AB2DB6E0A24 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
    18:56:57.0511 0x0edc  rdbss - ok
    18:56:57.0515 0x0edc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
    18:56:57.0516 0x0edc  rdpbus - ok
    18:56:57.0521 0x0edc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
    18:56:57.0525 0x0edc  RDPDR - ok
    18:56:57.0529 0x0edc  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
    18:56:57.0530 0x0edc  RdpVideoMiniport - ok
    18:56:57.0536 0x0edc  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
    18:56:57.0541 0x0edc  rdyboost - ok
    18:56:57.0557 0x0edc  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
    18:56:57.0571 0x0edc  ReFS - ok
    18:56:57.0578 0x0edc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
    18:56:57.0583 0x0edc  RemoteAccess - ok
    18:56:57.0587 0x0edc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
    18:56:57.0591 0x0edc  RemoteRegistry - ok
    18:56:57.0595 0x0edc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
    18:56:57.0598 0x0edc  RpcEptMapper - ok
    18:56:57.0600 0x0edc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
    18:56:57.0602 0x0edc  RpcLocator - ok
    18:56:57.0616 0x0edc  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
    18:56:57.0627 0x0edc  RpcSs - ok
    18:56:57.0631 0x0edc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
    18:56:57.0635 0x0edc  rspndr - ok
    18:56:57.0637 0x0edc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
    18:56:57.0638 0x0edc  s3cap - ok
    18:56:57.0640 0x0edc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
    18:56:57.0642 0x0edc  SamSs - ok
    18:56:57.0647 0x0edc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
    18:56:57.0649 0x0edc  sbp2port - ok
    18:56:57.0654 0x0edc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
    18:56:57.0658 0x0edc  SCardSvr - ok
    18:56:57.0662 0x0edc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
    18:56:57.0666 0x0edc  ScDeviceEnum - ok
    18:56:57.0669 0x0edc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
    18:56:57.0670 0x0edc  scfilter - ok
    18:56:57.0690 0x0edc  [ 888A30EAB651502352C18745367FD179, 00CD9FA55F3E896D8BA81368DF1E855E2F64B5AC488EB4F9BF2C4E45ED63FD5F ] Schedule        C:\WINDOWS\system32\schedsvc.dll
    18:56:57.0710 0x0edc  Schedule - ok
    18:56:57.0715 0x0edc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
    18:56:57.0718 0x0edc  SCPolicySvc - ok
    18:56:57.0725 0x0edc  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
    18:56:57.0730 0x0edc  sdbus - ok
    18:56:57.0734 0x0edc  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
    18:56:57.0736 0x0edc  sdstor - ok
    18:56:57.0739 0x0edc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
    18:56:57.0740 0x0edc  secdrv - ok
    18:56:57.0743 0x0edc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
    18:56:57.0745 0x0edc  seclogon - ok
    18:56:57.0749 0x0edc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
    18:56:57.0751 0x0edc  SENS - ok
    18:56:57.0757 0x0edc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
    18:56:57.0763 0x0edc  SensrSvc - ok
    18:56:57.0766 0x0edc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
    18:56:57.0767 0x0edc  SerCx - ok
    18:56:57.0772 0x0edc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
    18:56:57.0775 0x0edc  SerCx2 - ok
    18:56:57.0778 0x0edc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
    18:56:57.0779 0x0edc  Serenum - ok
    18:56:57.0783 0x0edc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
    18:56:57.0784 0x0edc  Serial - ok
    18:56:57.0786 0x0edc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
    18:56:57.0788 0x0edc  sermouse - ok
    18:56:57.0797 0x0edc  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
    18:56:57.0805 0x0edc  SessionEnv - ok
    18:56:57.0808 0x0edc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
    18:56:57.0809 0x0edc  sfloppy - ok
    18:56:57.0817 0x0edc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
    18:56:57.0825 0x0edc  SharedAccess - ok
    18:56:57.0838 0x0edc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
    18:56:57.0849 0x0edc  ShellHWDetection - ok
    18:56:57.0852 0x0edc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
    18:56:57.0854 0x0edc  SiSRaid2 - ok
    18:56:57.0857 0x0edc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
    18:56:57.0859 0x0edc  SiSRaid4 - ok
    18:56:57.0861 0x0edc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
    18:56:57.0864 0x0edc  smphost - ok
    18:56:57.0868 0x0edc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
    18:56:57.0870 0x0edc  SNMPTRAP - ok
    18:56:57.0880 0x0edc  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
    18:56:57.0886 0x0edc  spaceport - ok
    18:56:57.0890 0x0edc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
    18:56:57.0891 0x0edc  SpbCx - ok
    18:56:57.0906 0x0edc  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
    18:56:57.0920 0x0edc  Spooler - ok
    18:56:58.0023 0x0edc  [ E6DEC72A2A23FAA53EB9FEC3C7E29D66, 58BB3B9D50DFFF99E790D5B768FAA387F16385436BA6EB704BE6DB1F63B8E4B2 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
    18:56:58.0115 0x0edc  sppsvc - ok
    18:56:58.0131 0x0edc  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
    18:56:58.0138 0x0edc  srv - ok
    18:56:58.0151 0x0edc  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
    18:56:58.0161 0x0edc  srv2 - ok
    18:56:58.0168 0x0edc  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
    18:56:58.0172 0x0edc  srvnet - ok
    18:56:58.0178 0x0edc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
    18:56:58.0184 0x0edc  SSDPSRV - ok
    18:56:58.0189 0x0edc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
    18:56:58.0195 0x0edc  SstpSvc - ok
    18:56:58.0206 0x0edc  [ 5FFDA96330357A914A69D79BE1988A38, E2A03A8D108C210B1111E2466E3DD381F0FA440B95B5013DC728EAD9CFE448AF ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    18:56:58.0215 0x0edc  Steam Client Service - ok
    18:56:58.0218 0x0edc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
    18:56:58.0219 0x0edc  stexstor - ok
    18:56:58.0231 0x0edc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
    18:56:58.0243 0x0edc  stisvc - ok
    18:56:58.0247 0x0edc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
    18:56:58.0248 0x0edc  storahci - ok
    18:56:58.0251 0x0edc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
    18:56:58.0253 0x0edc  storflt - ok
    18:56:58.0256 0x0edc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
    18:56:58.0257 0x0edc  stornvme - ok
    18:56:58.0260 0x0edc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
    18:56:58.0263 0x0edc  StorSvc - ok
    18:56:58.0265 0x0edc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
    18:56:58.0267 0x0edc  storvsc - ok
    18:56:58.0270 0x0edc  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp         C:\WINDOWS\System32\drivers\storvsp.sys
    18:56:58.0271 0x0edc  storvsp - ok
    18:56:58.0274 0x0edc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
    18:56:58.0276 0x0edc  svsvc - ok
    18:56:58.0278 0x0edc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
    18:56:58.0279 0x0edc  swenum - ok
    18:56:58.0292 0x0edc  [ A5DC2E63F5E5D3C0B843307374998479, B3156296D1750FEAF2354E217735B8D888C50599869233FB1B537167F2CECE0B ] swprv           C:\WINDOWS\System32\swprv.dll
    18:56:58.0305 0x0edc  swprv - ok
    18:56:58.0326 0x0edc  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\WINDOWS\system32\sysmain.dll
    18:56:58.0347 0x0edc  SysMain - ok
    18:56:58.0355 0x0edc  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
    18:56:58.0361 0x0edc  SystemEventsBroker - ok
    18:56:58.0366 0x0edc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
    18:56:58.0369 0x0edc  TabletInputService - ok
    18:56:58.0376 0x0edc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
    18:56:58.0383 0x0edc  TapiSrv - ok
    18:56:58.0425 0x0edc  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
    18:56:58.0462 0x0edc  Tcpip - ok
    18:56:58.0503 0x0edc  [ 3D9A5AC880D7AA2305812D665D24ED23, 3947FA5DDE537EC566D10AC9705EC6A58C8D058CA535303434499D67B52A42A8 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
    18:56:58.0533 0x0edc  TCPIP6 - ok
    18:56:58.0538 0x0edc  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
    18:56:58.0539 0x0edc  tcpipreg - ok
    18:56:58.0544 0x0edc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
    18:56:58.0546 0x0edc  tdx - ok
    18:56:58.0549 0x0edc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
    18:56:58.0551 0x0edc  terminpt - ok
    18:56:58.0569 0x0edc  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\WINDOWS\System32\termsrv.dll
    18:56:58.0587 0x0edc  TermService - ok
    18:56:58.0590 0x0edc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
    18:56:58.0593 0x0edc  Themes - ok
    18:56:58.0596 0x0edc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
    18:56:58.0600 0x0edc  THREADORDER - ok
    18:56:58.0605 0x0edc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
    18:56:58.0611 0x0edc  TimeBroker - ok
    18:56:58.0616 0x0edc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
    18:56:58.0620 0x0edc  TPM - ok
    18:56:58.0624 0x0edc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
    18:56:58.0628 0x0edc  TrkWks - ok
    18:56:58.0631 0x0edc  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
    18:56:58.0633 0x0edc  TrustedInstaller - ok
    18:56:58.0637 0x0edc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
    18:56:58.0638 0x0edc  TsUsbFlt - ok
    18:56:58.0641 0x0edc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
    18:56:58.0642 0x0edc  TsUsbGD - ok
    18:56:58.0646 0x0edc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
    18:56:58.0649 0x0edc  tunnel - ok
    18:56:58.0652 0x0edc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
    18:56:58.0654 0x0edc  uagp35 - ok
    18:56:58.0658 0x0edc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
    18:56:58.0661 0x0edc  UASPStor - ok
    18:56:58.0666 0x0edc  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
    18:56:58.0670 0x0edc  UCX01000 - ok
    18:56:58.0677 0x0edc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
    18:56:58.0682 0x0edc  udfs - ok
    18:56:58.0685 0x0edc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
    18:56:58.0687 0x0edc  UEFI - ok
    18:56:58.0691 0x0edc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
    18:56:58.0694 0x0edc  UI0Detect - ok
    18:56:58.0697 0x0edc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
    18:56:58.0698 0x0edc  uliagpkx - ok
    18:56:58.0702 0x0edc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
    18:56:58.0703 0x0edc  umbus - ok
    18:56:58.0708 0x0edc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
    18:56:58.0709 0x0edc  UmPass - ok
    18:56:58.0716 0x0edc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
    18:56:58.0722 0x0edc  UmRdpService - ok
    18:56:58.0731 0x0edc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
    18:56:58.0740 0x0edc  upnphost - ok
    18:56:58.0743 0x0edc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
    18:56:58.0744 0x0edc  USBAAPL64 - ok
    18:56:58.0750 0x0edc  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
    18:56:58.0753 0x0edc  usbccgp - ok
    18:56:58.0758 0x0edc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
    18:56:58.0759 0x0edc  usbcir - ok
    18:56:58.0763 0x0edc  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
    18:56:58.0766 0x0edc  usbehci - ok
    18:56:58.0776 0x0edc  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
    18:56:58.0783 0x0edc  usbhub - ok
    18:56:58.0795 0x0edc  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
    18:56:58.0804 0x0edc  USBHUB3 - ok
    18:56:58.0808 0x0edc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
    18:56:58.0809 0x0edc  usbohci - ok
    18:56:58.0812 0x0edc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
    18:56:58.0813 0x0edc  usbprint - ok
    18:56:58.0818 0x0edc  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
    18:56:58.0822 0x0edc  USBSTOR - ok
    18:56:58.0825 0x0edc  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
    18:56:58.0827 0x0edc  usbuhci - ok
    18:56:58.0834 0x0edc  [ 3B44CB989757428208CCFCC028C13110, E71BFA4BB0F4FAEDA79606C44F7DAAB317CD99C9382942E5830F440CF96D9B35 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
    18:56:58.0840 0x0edc  USBXHCI - ok
    18:56:58.0843 0x0edc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
    18:56:58.0845 0x0edc  VaultSvc - ok
    18:56:58.0848 0x0edc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
    18:56:58.0849 0x0edc  vdrvroot - ok
    18:56:58.0872 0x0edc  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\WINDOWS\System32\vds.exe
    18:56:58.0893 0x0edc  vds - ok
    18:56:58.0897 0x0edc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
    18:56:58.0901 0x0edc  VerifierExt - ok
    18:56:58.0913 0x0edc  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
    18:56:58.0924 0x0edc  vhdmp - ok
    18:56:58.0927 0x0edc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
    18:56:58.0929 0x0edc  viaide - ok
    18:56:58.0934 0x0edc  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid             C:\WINDOWS\System32\drivers\Vid.sys
    18:56:58.0938 0x0edc  Vid - ok
    18:56:58.0942 0x0edc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
    18:56:58.0944 0x0edc  vmbus - ok
    18:56:58.0946 0x0edc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
    18:56:58.0947 0x0edc  VMBusHID - ok
    18:56:58.0951 0x0edc  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
    18:56:58.0953 0x0edc  vmbusr - ok
    18:56:58.0964 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
    18:56:58.0973 0x0edc  vmicguestinterface - ok
    18:56:58.0982 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
    18:56:58.0989 0x0edc  vmicheartbeat - ok
    18:56:58.0999 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
    18:56:59.0006 0x0edc  vmickvpexchange - ok
    18:56:59.0015 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
    18:56:59.0022 0x0edc  vmicrdv - ok
    18:56:59.0032 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
    18:56:59.0040 0x0edc  vmicshutdown - ok
    18:56:59.0049 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
    18:56:59.0057 0x0edc  vmictimesync - ok
    18:56:59.0066 0x0edc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
    18:56:59.0074 0x0edc  vmicvss - ok
    18:56:59.0077 0x0edc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
    18:56:59.0080 0x0edc  volmgr - ok
    18:56:59.0087 0x0edc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
    18:56:59.0094 0x0edc  volmgrx - ok
    18:56:59.0103 0x0edc  [ 9F9CE33B50611A1C61A46B8911E0B30B, FE4EDF16CE8FC36BB2125FC7D1CF45C65B06A2C31D426635115D879987DF2159 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
    18:56:59.0109 0x0edc  volsnap - ok
    18:56:59.0113 0x0edc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
    18:56:59.0114 0x0edc  vpci - ok
    18:56:59.0118 0x0edc  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp         C:\WINDOWS\System32\drivers\vpcivsp.sys
    18:56:59.0119 0x0edc  vpcivsp - ok
    18:56:59.0124 0x0edc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
    18:56:59.0128 0x0edc  vsmraid - ok
    18:56:59.0151 0x0edc  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\WINDOWS\system32\vssvc.exe
    18:56:59.0175 0x0edc  VSS - ok
    18:56:59.0183 0x0edc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
    18:56:59.0188 0x0edc  VSTXRAID - ok
    18:56:59.0190 0x0edc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
    18:56:59.0192 0x0edc  vwifibus - ok
    18:56:59.0200 0x0edc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
    18:56:59.0209 0x0edc  W32Time - ok
    18:56:59.0212 0x0edc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
    18:56:59.0213 0x0edc  WacomPen - ok
    18:56:59.0240 0x0edc  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\WINDOWS\system32\wbengine.exe
    18:56:59.0263 0x0edc  wbengine - ok
    18:56:59.0273 0x0edc  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
    18:56:59.0282 0x0edc  WbioSrvc - ok
    18:56:59.0290 0x0edc  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
    18:56:59.0298 0x0edc  Wcmsvc - ok
    18:56:59.0307 0x0edc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
    18:56:59.0316 0x0edc  wcncsvc - ok
    18:56:59.0319 0x0edc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
    18:56:59.0323 0x0edc  WcsPlugInService - ok
    18:56:59.0326 0x0edc  [ 694B28DE12AD47031FFB4B052662131A, FF3B1B1A69C82BB123073E10D9F1322ED8587F5BAC36F8AB7DAED22C7DD5C7DB ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
    18:56:59.0327 0x0edc  WdBoot - ok
    18:56:59.0343 0x0edc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
    18:56:59.0355 0x0edc  Wdf01000 - ok
    18:56:59.0362 0x0edc  [ 0B99529A3BECC3528D865DDECB62503B, 28E6B44BDC52E212D2EB269491D3574B45EE9B19821FE15167D7FA05566C89F4 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
    18:56:59.0366 0x0edc  WdFilter - ok
    18:56:59.0370 0x0edc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
    18:56:59.0374 0x0edc  WdiServiceHost - ok
    18:56:59.0376 0x0edc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
    18:56:59.0380 0x0edc  WdiSystemHost - ok
    18:56:59.0383 0x0edc  [ 282E7D46310338FF4A6B7680440EB0DA, 04242798DD82F583154AEA3D775C9BFD574FC471D01CDEB9D070872425094D82 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
    18:56:59.0386 0x0edc  WdNisDrv - ok
    18:56:59.0387 0x0edc  WdNisSvc - ok
    18:56:59.0393 0x0edc  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
    18:56:59.0399 0x0edc  WebClient - ok
    18:56:59.0405 0x0edc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
    18:56:59.0410 0x0edc  Wecsvc - ok
    18:56:59.0413 0x0edc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
    18:56:59.0416 0x0edc  WEPHOSTSVC - ok
    18:56:59.0419 0x0edc  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
    18:56:59.0423 0x0edc  wercplsupport - ok
    18:56:59.0426 0x0edc  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
    18:56:59.0430 0x0edc  WerSvc - ok
    18:56:59.0434 0x0edc  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
    18:56:59.0437 0x0edc  WFPLWFS - ok
    18:56:59.0440 0x0edc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
    18:56:59.0443 0x0edc  WiaRpc - ok
    18:56:59.0446 0x0edc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
    18:56:59.0447 0x0edc  WIMMount - ok
    18:56:59.0448 0x0edc  WinDefend - ok
    18:56:59.0464 0x0edc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
    18:56:59.0478 0x0edc  WinHttpAutoProxySvc - ok
    18:56:59.0487 0x0edc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
    18:56:59.0491 0x0edc  Winmgmt - ok
    18:56:59.0493 0x0edc  WinRing0_1_2_0 - ok
    18:56:59.0549 0x0edc  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
    18:56:59.0587 0x0edc  WinRM - ok
    18:56:59.0595 0x0edc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
    18:56:59.0596 0x0edc  WinUsb - ok
    18:56:59.0622 0x0edc  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
    18:56:59.0646 0x0edc  WlanSvc - ok
    18:56:59.0672 0x0edc  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
    18:56:59.0698 0x0edc  wlidsvc - ok
    18:56:59.0701 0x0edc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
    18:56:59.0702 0x0edc  WmiAcpi - ok
    18:56:59.0709 0x0edc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
    18:56:59.0712 0x0edc  wmiApSrv - ok
    18:56:59.0714 0x0edc  WMPNetworkSvc - ok
    18:56:59.0741 0x0edc  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
    18:56:59.0766 0x0edc  workfolderssvc - ok
    18:56:59.0770 0x0edc  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
    18:56:59.0772 0x0edc  wpcfltr - ok
    18:56:59.0775 0x0edc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
    18:56:59.0778 0x0edc  WPCSvc - ok
    18:56:59.0781 0x0edc  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
    18:56:59.0785 0x0edc  WPDBusEnum - ok
    18:56:59.0787 0x0edc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
    18:56:59.0788 0x0edc  WpdUpFltr - ok
    18:56:59.0791 0x0edc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
    18:56:59.0793 0x0edc  ws2ifsl - ok
    18:56:59.0797 0x0edc  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
    18:56:59.0801 0x0edc  wscsvc - ok
    18:56:59.0803 0x0edc  WSearch - ok
    18:56:59.0858 0x0edc  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\WINDOWS\System32\WSService.dll
    18:56:59.0909 0x0edc  WSService - ok
    18:56:59.0968 0x0edc  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
    18:57:00.0021 0x0edc  wuauserv - ok
    18:57:00.0027 0x0edc  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
    18:57:00.0030 0x0edc  WudfPf - ok
    18:57:00.0036 0x0edc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
    18:57:00.0039 0x0edc  WUDFRd - ok
    18:57:00.0044 0x0edc  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
    18:57:00.0048 0x0edc  wudfsvc - ok
    18:57:00.0054 0x0edc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
    18:57:00.0057 0x0edc  WUDFWpdFs - ok
    18:57:00.0061 0x0edc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
    18:57:00.0064 0x0edc  WUDFWpdMtp - ok
    18:57:00.0075 0x0edc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
    18:57:00.0085 0x0edc  WwanSvc - ok
    18:57:00.0087 0x0edc  ================ Scan global ===============================
    18:57:00.0090 0x0edc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
    18:57:00.0096 0x0edc  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\WINDOWS\system32\winsrv.dll
    18:57:00.0104 0x0edc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
    18:57:00.0114 0x0edc  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\WINDOWS\system32\services.exe
    18:57:00.0121 0x0edc  [ Global ] - ok
    18:57:00.0122 0x0edc  ================ Scan MBR ==================================
    18:57:00.0123 0x0edc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
    18:57:00.0127 0x0edc  \Device\Harddisk0\DR0 - ok
    18:57:00.0128 0x0edc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
    18:57:00.0132 0x0edc  \Device\Harddisk1\DR1 - ok
    18:57:00.0138 0x0edc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
    18:57:00.0142 0x0edc  \Device\Harddisk2\DR2 - ok
    18:57:00.0148 0x0edc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk3\DR3
    18:57:00.0151 0x0edc  \Device\Harddisk3\DR3 - ok
    18:57:00.0152 0x0edc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk4\DR4
    18:57:00.0155 0x0edc  \Device\Harddisk4\DR4 - ok
    18:57:00.0156 0x0edc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk5\DR5
    18:57:00.0159 0x0edc  \Device\Harddisk5\DR5 - ok
    18:57:00.0160 0x0edc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk6\DR6
    18:57:00.0162 0x0edc  \Device\Harddisk6\DR6 - ok
    18:57:00.0163 0x0edc  ================ Scan VBR ==================================
    18:57:00.0164 0x0edc  [ BA586EC3CCBBB2611E07406599BE6FBD ] \Device\Harddisk0\DR0\Partition1
    18:57:00.0165 0x0edc  \Device\Harddisk0\DR0\Partition1 - ok
    18:57:00.0166 0x0edc  [ 26FE8A07B6CA63814C95B6799C272FCA ] \Device\Harddisk0\DR0\Partition2
    18:57:00.0167 0x0edc  \Device\Harddisk0\DR0\Partition2 - ok
    18:57:00.0168 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
    18:57:00.0168 0x0edc  \Device\Harddisk0\DR0\Partition3 - ok
    18:57:00.0170 0x0edc  [ 88343B20EAC43DAAD848ED1B15E509D7 ] \Device\Harddisk0\DR0\Partition4
    18:57:00.0170 0x0edc  \Device\Harddisk0\DR0\Partition4 - ok
    18:57:00.0172 0x0edc  [ F590A4C52C67859309833F331F4CC636 ] \Device\Harddisk0\DR0\Partition5
    18:57:00.0172 0x0edc  \Device\Harddisk0\DR0\Partition5 - ok
    18:57:00.0174 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
    18:57:00.0174 0x0edc  \Device\Harddisk1\DR1\Partition1 - ok
    18:57:00.0175 0x0edc  [ 24A29ABE3B7E75C3D7CE51DDA27C33FE ] \Device\Harddisk1\DR1\Partition2
    18:57:00.0176 0x0edc  \Device\Harddisk1\DR1\Partition2 - ok
    18:57:00.0177 0x0edc  [ 204B301407261C46CF245F9C13CB7AE6 ] \Device\Harddisk1\DR1\Partition3
    18:57:00.0178 0x0edc  \Device\Harddisk1\DR1\Partition3 - ok
    18:57:00.0180 0x0edc  [ BB8C9F03C87FAEF8A6DDD0FC120AEEF1 ] \Device\Harddisk2\DR2\Partition1
    18:57:00.0180 0x0edc  \Device\Harddisk2\DR2\Partition1 - ok
    18:57:00.0182 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition2
    18:57:00.0182 0x0edc  \Device\Harddisk2\DR2\Partition2 - ok
    18:57:00.0184 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk2\DR2\Partition3
    18:57:00.0184 0x0edc  \Device\Harddisk2\DR2\Partition3 - ok
    18:57:00.0186 0x0edc  [ BB8C9F03C87FAEF8A6DDD0FC120AEEF1 ] \Device\Harddisk3\DR3\Partition1
    18:57:00.0186 0x0edc  \Device\Harddisk3\DR3\Partition1 - ok
    18:57:00.0187 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition2
    18:57:00.0187 0x0edc  \Device\Harddisk3\DR3\Partition2 - ok
    18:57:00.0189 0x0edc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk3\DR3\Partition3
    18:57:00.0189 0x0edc  \Device\Harddisk3\DR3\Partition3 - ok
    18:57:00.0191 0x0edc  [ 792DE21427EBBCA8E4DC676E92E8B361 ] \Device\Harddisk4\DR4\Partition1
    18:57:00.0191 0x0edc  \Device\Harddisk4\DR4\Partition1 - ok
    18:57:00.0193 0x0edc  [ 7ECC3D537E18E51B2B434BB5E9D6BCA1 ] \Device\Harddisk5\DR5\Partition1
    18:57:00.0194 0x0edc  \Device\Harddisk5\DR5\Partition1 - ok
    18:57:00.0195 0x0edc  [ 64F4C08E9288978841B53E5AFAA71E6F ] \Device\Harddisk6\DR6\Partition1
    18:57:00.0195 0x0edc  \Device\Harddisk6\DR6\Partition1 - ok
    18:57:00.0196 0x0edc  Waiting for KSN requests completion. In queue: 223
    18:57:01.0197 0x0edc  Waiting for KSN requests completion. In queue: 223
    18:57:02.0197 0x0edc  Waiting for KSN requests completion. In queue: 223
    18:57:03.0211 0x0edc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
    18:57:03.0212 0x0edc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
    18:57:03.0212 0x0edc  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41010 ( enabled )
    18:57:05.0773 0x0edc  ============================================================
    18:57:05.0773 0x0edc  Scan finished
    18:57:05.0773 0x0edc  ============================================================
    18:57:05.0777 0x062c  Detected object count: 0
    18:57:05.0777 0x062c  Actual detected object count: 0
    18:57:28.0993 0x0ffc  ============================================================
    18:57:28.0993 0x0ffc  Scan started
    18:57:28.0993 0x0ffc  Mode: Manual; 
    18:57:28.0993 0x0ffc  ============================================================
    18:57:28.0993 0x0ffc  KSN ping started
    18:57:35.0970 0x0ffc  KSN ping finished: true
    18:57:36.0014 0x0ffc  ================ Scan system memory ========================
    18:57:36.0014 0x0ffc  Scan was interrupted by user!
    18:57:36.0016 0x0ffc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.3.9600.16384 ), 0x60100 ( disabled : updated )
    18:57:36.0017 0x0ffc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41000 ( enabled : updated )
    18:57:36.0017 0x0ffc  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2013.292 ), 0x41010 ( enabled )
    18:57:38.0572 0x0ffc  ============================================================
    18:57:38.0572 0x0ffc  Scan finished
    18:57:38.0572 0x0ffc  ============================================================
    18:57:38.0575 0x110c  Detected object count: 0
    18:57:38.0575 0x110c  Actual detected object count: 0
    18:59:17.0022 0x0824  KLMD registered as C:\WINDOWS\system32\drivers\71463760.sys
    18:59:17.0554 0x0824  Deinitialize success


    #11 Doomap117

    Doomap117
    • Topic Starter

    • Members
    • 32 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Norrath
    • Local time:01:55 PM

    Posted 29 January 2014 - 10:07 PM

    my pc seems to be running fine after i reinstalled windows, it was not a clean install, it was windows 8.1 "remove everything and reinstall windows."

    i'm not sure if it is the same as a clean install or not.



    #12 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:11:55 PM

    Posted 31 January 2014 - 07:19 PM

    Hi there,

     

     

    Please download Malwarebytes Anti-Malware mbamicontw5.gif and save it to your desktop.
    • Important!! When you save the mbam-setup file, rename it to something random (such as 123abc.exe) before beginning the download.
    Malwarebytes may "make changes to your registry" as part of its disinfection routine. If using other security programs that detect registry changes (ie Spybot's Teatimer), they may interfere or alert you. Temporarily disable such programs or permit them to allow the changes.
     
    • Make sure you are connected to the Internet and double-click on the renamed file to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • Malwarebytes will automatically start and you will be asked to update the program before performing a scan.
  • If an update is found, the program will automatically update itself. Press the OK button and continue.
  • If you cannot update Malwarebytes or use the Internet to download any files to the infected computer, manually update the database by following the instructions in FAQ Section A: 4. Issues.
    • Under the Scanner tab, make sure the "Perform Quick Scan" option is selected.
  • Click on the Scan button.
  • When finished, a message box will say "The scan completed successfully. Click 'Show Results' to display all objects found".
  • Click OK to close the message box, then click the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked and then click Remove Selected.
  • When removal is completed, a log report will open in Notepad.
  • The log is automatically saved and can be viewed by clicking the Logs tab.
  • Copy and paste the contents of that report in your next reply. Be sure to post the complete log to include the top portion which shows the database version and your operating system.
  • Exit Malwarebytes when done.
  • Note: If Malwarebytes encounters a file that is difficult to remove, you will be asked to reboot your computer so it can proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot normally will prevent Malwarebytes from removing all the malware.
     
    -- Some types of malware will target Malwarebytes and other security tools to keep them from running properly. If that's the case, use Malwarebytes Chameleon and follow the onscreen instructions. The Chameleon folder can be accessed by opening the program folder for Malwarebytes Anti-Malware (normally C:\Program Files\Malwarebytes' Anti-Malware or C:\Program Files (x86)\Malwarebytes' Anti-Malware).
     
     
     
     
    Elle 

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #13 Doomap117

    Doomap117
    • Topic Starter

    • Members
    • 32 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Norrath
    • Local time:01:55 PM

    Posted 01 February 2014 - 01:30 PM

    Malwarebytes Anti-Malware (PRO) 1.75.0.1300
    www.malwarebytes.org
     
    Database version: v2014.01.23.02
     
    Windows 8 x64 NTFS
    Internet Explorer 10.0.9200.16750
    Randy :: RANDYS-PC [administrator]
     
    Protection: Enabled
     
    1/23/2014 10:48:37 AM
    MBAM-log-2014-01-23 (11-09-07).txt
     
    Scan type: Full scan (C:\|D:\|F:\|L:\|M:\|N:\|O:\|)
    Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM | P2P
    Scan options disabled: 
    Objects scanned: 400602
    Time elapsed: 14 minute(s), 8 second(s)
     
    Memory Processes Detected: 0
    (No malicious items detected)
     
    Memory Modules Detected: 0
    (No malicious items detected)
     
    Registry Keys Detected: 0
    (No malicious items detected)
     
    Registry Values Detected: 0
    (No malicious items detected)
     
    Registry Data Items Detected: 0
    (No malicious items detected)
     
    Folders Detected: 0
    (No malicious items detected)
     
    (end)


    #14 Blind Faith

    Blind Faith

    • Malware Response Team
    • 4,101 posts
    • OFFLINE
    •  
    • Gender:Female
    • Local time:11:55 PM

    Posted 02 February 2014 - 04:18 PM

    Hello, 

     

     

     

    Your logs look clean now! :clapping:

     

    I will leave several pieces of advice upon computer safety and how to prevent reinfection.
     
    • Make sure you have a running Antivirus and Firewall program
    Both  represent the keys of a secure system, however keep in mind that no antivirus or firewall will ensure 100% protection. The most important component is the one sitting in front of the desktop. If you are connected through a router, you do not need a firewall anymore as you already have one. :)
    A comprehensive tutorial and a list of possible firewalls can be found here
     
  • Keep your Windows installation up to date
  • Visit the Microsoft Update Websiteas often as possible as the fundation of your system is your Windows Installation which needs to be updated regularily. Please take it into consideration. 
     
  • Keep your other software up to date as well
  • Any software may have security holes. Therefore producers release updates in order to fix those security holes. You can use Secunia Online Software in order to find the programs that need to be updated.
     
     
     
     
    Please reply to this topic if you have read the above information. If your computer is working fine, this topic will be closed afterwards.
     
     
     
     
     
    Elle 

    Can you hear it?It's all around!

    Tomar ki manè acchè?
    Yadi thakè, tahalè
    Ki kshama kartè paro
    ?



    If I haven't replied in 48 hours, please feel free to send me a PM.



    Posted Image

    #15 Doomap117

    Doomap117
    • Topic Starter

    • Members
    • 32 posts
    • OFFLINE
    •  
    • Gender:Male
    • Location:Norrath
    • Local time:01:55 PM

    Posted 03 February 2014 - 02:11 PM

    thank you very much :)

    M'Lady






    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users