Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with Win32/Patched rpcs.dll


  • This topic is locked This topic is locked
35 replies to this topic

#1 Birdhouse247

Birdhouse247

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 26 March 2014 - 08:08 PM

Hello, I have a continuous popup from AVG stating:

"Virus found Win32/Patched"

"c:\Windows\System32\rpcss.dll"

 

I have run Mawlarebytes but to no avail.  I have also tried HitmanPro, Hijack This, and the AVG recovery tool/bootup USB but that did not work either.

 

My DDS.txt file is:

 

DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 9.0.8112.16490  BrowserJavaVersion: 1.6.0_16
Run by Dave at 20:00:26 on 2014-03-26
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3325.1534 [GMT -5:00]
.
AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\SLsvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Windows\System32\nvraidservice.exe
C:\Windows\System32\Ctxfihlp.exe
C:\Program Files\AVG\AVG2013\avgui.exe
C:\Program Files\AVG Secure Search\vprot.exe
C:\Users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\AVG\AVG2013\avgidsagent.exe
C:\Program Files\AVG\AVG2013\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\PnkBstrB.exe
C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe
C:\Program Files\AVG\AVG2013\avgnsx.exe
C:\Program Files\AVG\AVG2013\avgemcx.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVG\AVG2013\avgrsx.exe
C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\loggingserver.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\AVG\AVG2013\avgcsrvx.exe
C:\Windows\SYSTEM32\CTXFISPI.EXE
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\System32\wbem\unsecapp.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_12_0_0_77.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\wbem\WmiPrvSE.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\18.0.5.292\AVG Secure Search_toolbar.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.2.4204.1700\swg.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
TB: &Google: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\18.0.5.292\AVG Secure Search_toolbar.dll
uRun: [NVIDIA nTune] "c:\program files\nvidia corporation\ntune\nTuneCmd.exe" resetprofile
uRun: [Spotify Web Helper] "c:\users\dave\appdata\roaming\spotify\data\SpotifyWebHelper.exe"
mRun: [VolPanel] "c:\program files\creative\sound blaster x-fi\volume panel\VolPanlu.exe" /r
mRun: [NVRaidService] c:\windows\system32\nvraidservice.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
dRun: [CtxfiReg] CTXFIREG.exe /FAIL2
StartupFolder: c:\users\dave\appdata\roaming\microsoft\windows\start menu\programs\startup\OneNote Table Of Contents.onetoc2
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\netgea~1.lnk - c:\program files\netgear\wnda4100\WNDA4100.EXE
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{29F2B232-6A0D-495F-A1B9-1A8A4D96C3F0} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{A2DD6FD1-5F4B-4B5F-AC1A-B5A8BA6F4303} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{DFE0228F-5653-46B0-AA3D-D699C2819325} : DHCPNameServer = 192.168.1.254
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\18.0.5\ViProtocol.dll
Notify: GoToAssist - c:\program files\citrix\gotoassist\514\G2AWinLogon.dll
LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\33.0.1750.154\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\dave\appdata\roaming\mozilla\firefox\profiles\xfw7x17s.default-1347322367210\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=012213&q=
FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\18.0.5\npsitesafety.dll
FF - plugin: c:\program files\download manager\npfpdlm.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.2432.1652\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.3.22.5\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dv.dll
FF - plugin: c:\program files\nvidia corporation\3d vision\npnv3dvstreaming.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_12_0_0_77.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2013-7-20 60216]
R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2013-7-20 246072]
R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2013-7-1 96568]
R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2013-10-23 39224]
R0 MPRIFL;MPRIFL;c:\windows\system32\drivers\mprifl.sys [2009-1-5 17264]
R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2013-11-25 208184]
R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2013-10-23 22328]
R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2013-7-20 171320]
R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2013-3-21 182072]
R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-10-11 42272]
R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-11-20 283136]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-5-2 21504]
R2 RalinkRegistryWriter;RalinkRegistryWriter;c:\program files\netgear\wnda4100\service\RaRegistry.exe [2012-9-4 377088]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2012-10-2 382824]
R2 vToolbarUpdater18.0.5;vToolbarUpdater18.0.5;c:\program files\common files\avg secure search\vtoolbarupdater\18.0.5\ToolbarUpdater.exe [2014-3-20 1771032]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-2-19 198168]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-2-19 1353240]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-2-19 73752]
R3 netr28u;RT2870 USB Wireless LAN Card Driver for Vista;c:\windows\system32\drivers\netr28u.sys [2012-11-12 1206560]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9de69ecb1b563;Google Update Service (gupdate1c9de69ecb1b563);c:\program files\google\update\GoogleUpdate.exe [2009-5-26 133104]
S2 MSSQL$BWDATOOLSET;SQL Server (BWDATOOLSET);"c:\program files\dragon age\tools\toolssql\mssql.1\mssql\binn\sqlservr.exe" -sbwdatoolset --> c:\program files\dragon age\tools\toolssql\mssql.1\mssql\binn\sqlservr.exe [?]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-1-8 161536]
S3 AX88178;ASIX AX88178 USB2.0 to Gigabit Ethernet Adapter;c:\windows\system32\drivers\ax88178.sys [2012-5-28 49664]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-2-19 198168]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-2-19 1353240]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-2-19 73752]
S3 ha20x22k;Creative 20X2 HAL Driver;c:\windows\system32\drivers\ha20x22k.sys [2009-2-19 1222680]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2014-3-25 40776]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2014-03-27 00:51:43    --------    d-----w-    c:\users\dave\appdata\local\CrashDumps
2014-03-26 23:30:54    --------    d-----w-    c:\windows\system32\wbem\repository
2014-03-26 22:54:39    --------    d-----w-    C:\RegBackup
2014-03-26 22:52:47    --------    d-----w-    c:\program files\Tweaking.com
2014-03-26 13:03:17    --------    d-----w-    C:\FRST
2014-03-26 06:03:22    69632    ----a-w-    c:\windows\system32\blzblk.exe
2014-03-26 05:27:15    12872    ----a-w-    c:\windows\system32\bootdelete.exe
2014-03-26 05:15:17    --------    d-----w-    c:\programdata\HitmanPro
2014-03-26 01:30:40    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-25 18:23:56    712264    ----a-w-    c:\windows\isRS-000.tmp
2014-03-20 23:58:31    --------    d-----w-    c:\programdata\AVG Secure Search
2014-03-08 14:57:09    --------    d-----w-    c:\program files\RIFT
2014-03-03 00:41:15    --------    d-----w-    c:\program files\Gloria Victis
.
==================== Find3M  ====================
.
2014-03-20 23:58:22    42272    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 02:01:11    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 02:01:11    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
.
============= FINISH: 20:01:31.57 ===============
 

 

 

 

The attach.txt file is attached to this post as well.  THANK YOU for any help and assistance.

Attached Files


Edited by Birdhouse247, 26 March 2014 - 08:10 PM.


BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 27 March 2014 - 05:00 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 27 March 2014 - 10:26 AM

Hello and thank you, attached is the result of the scan.  (I realize there is a typo in the title of my post - it should be "Infected with win32 patched rpcss.dll.)

 

10:20:34.0864 0x1f90  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
10:20:39.0136 0x1f90  ============================================================
10:20:39.0136 0x1f90  Current date / time: 2014/03/27 10:20:39.0136
10:20:39.0136 0x1f90  SystemInfo:
10:20:39.0136 0x1f90  
10:20:39.0136 0x1f90  OS Version: 6.0.6002 ServicePack: 2.0
10:20:39.0136 0x1f90  Product type: Workstation
10:20:39.0136 0x1f90  ComputerName: DAVE-PC
10:20:39.0136 0x1f90  UserName: Dave
10:20:39.0136 0x1f90  Windows directory: C:\Windows
10:20:39.0137 0x1f90  System windows directory: C:\Windows
10:20:39.0137 0x1f90  Processor architecture: Intel x86
10:20:39.0137 0x1f90  Number of processors: 4
10:20:39.0137 0x1f90  Page size: 0x1000
10:20:39.0137 0x1f90  Boot type: Normal boot
10:20:39.0137 0x1f90  ============================================================
10:20:39.0389 0x1f90  KLMD registered as C:\Windows\system32\drivers\03345649.sys
10:20:39.0639 0x1f90  System UUID: {16EB2CB0-2660-395B-9D3E-8D3E4D317369}
10:20:40.0922 0x1f90  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
10:20:40.0985 0x1f90  Drive \Device\Harddisk1\DR1 - Size: 0xEF5FFE00 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
10:20:40.0986 0x1f90  ============================================================
10:20:40.0986 0x1f90  \Device\Harddisk0\DR0:
10:20:41.0002 0x1f90  MBR partitions:
10:20:41.0002 0x1f90  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
10:20:41.0002 0x1f90  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000
10:20:41.0002 0x1f90  \Device\Harddisk1\DR1:
10:20:41.0003 0x1f90  MBR partitions:
10:20:41.0003 0x1f90  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
10:20:41.0003 0x1f90  ============================================================
10:20:41.0059 0x1f90  C: <-> \Device\Harddisk0\DR0\Partition2
10:20:41.0126 0x1f90  D: <-> \Device\Harddisk0\DR0\Partition1
10:20:41.0126 0x1f90  ============================================================
10:20:41.0126 0x1f90  Initialize success
10:20:41.0126 0x1f90  ============================================================
10:20:43.0444 0x0dd0  ============================================================
10:20:43.0444 0x0dd0  Scan started
10:20:43.0444 0x0dd0  Mode: Manual;
10:20:43.0444 0x0dd0  ============================================================
10:20:43.0444 0x0dd0  KSN ping started
10:20:58.0011 0x0dd0  KSN ping finished: true
10:20:59.0341 0x0dd0  ================ Scan system memory ========================
10:20:59.0341 0x0dd0  System memory - ok
10:20:59.0342 0x0dd0  ================ Scan services =============================
10:20:59.0581 0x0dd0  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
10:20:59.0609 0x0dd0  ACPI - ok
10:20:59.0752 0x0dd0  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
10:20:59.0761 0x0dd0  AdobeFlashPlayerUpdateSvc - ok
10:20:59.0855 0x0dd0  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:20:59.0869 0x0dd0  adp94xx - ok
10:20:59.0899 0x0dd0  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:20:59.0910 0x0dd0  adpahci - ok
10:20:59.0936 0x0dd0  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
10:20:59.0941 0x0dd0  adpu160m - ok
10:20:59.0964 0x0dd0  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:20:59.0970 0x0dd0  adpu320 - ok
10:21:00.0019 0x0dd0  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:21:00.0020 0x0dd0  AeLookupSvc - ok
10:21:00.0178 0x0dd0  [ A201207363AA900ABF1A388468688570, C772D8546BBA93553AFCD553B7CF50C252B1F8B45A4A415014B48308F1D7ECD6 ] AFD             C:\Windows\system32\drivers\afd.sys
10:21:00.0188 0x0dd0  AFD - ok
10:21:00.0232 0x0dd0  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
10:21:00.0235 0x0dd0  agp440 - ok
10:21:00.0286 0x0dd0  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
10:21:00.0290 0x0dd0  aic78xx - ok
10:21:00.0331 0x0dd0  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
10:21:00.0334 0x0dd0  ALG - ok
10:21:00.0339 0x0dd0  [ E32A92E1574A467F7C762922F6162D76, 8FFDB6DF3DCA371BF0252BA42A4D9E67D6CC08B67C9008F6992646156E3DDAF7 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:21:00.0341 0x0dd0  aliide - ok
10:21:00.0360 0x0dd0  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
10:21:00.0363 0x0dd0  amdagp - ok
10:21:00.0391 0x0dd0  [ B52B576CB0099A62F87214F371031561, E11C1FC16CF8D7B26856EB07E59537EFF5D2AFBB83B4A18CCFA3909DC8FD3196 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:21:00.0392 0x0dd0  amdide - ok
10:21:00.0416 0x0dd0  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
10:21:00.0441 0x0dd0  AmdK7 - ok
10:21:00.0478 0x0dd0  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
10:21:00.0480 0x0dd0  AmdK8 - ok
10:21:00.0563 0x0dd0  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
10:21:00.0565 0x0dd0  Appinfo - ok
10:21:00.0701 0x0dd0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
10:21:00.0705 0x0dd0  Apple Mobile Device - ok
10:21:00.0738 0x0dd0  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
10:21:00.0742 0x0dd0  arc - ok
10:21:00.0780 0x0dd0  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:21:00.0784 0x0dd0  arcsas - ok
10:21:00.0824 0x0dd0  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:21:00.0825 0x0dd0  AsyncMac - ok
10:21:00.0870 0x0dd0  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
10:21:00.0872 0x0dd0  atapi - ok
10:21:00.0993 0x0dd0  [ F9C24D25D9FF29F894995A64812B4D85, 3430E4EE1F7D185E269AF220C96BCA55143BA7C3A28262240F4D30DD1810A38C ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
10:21:01.0054 0x0dd0  atksgt - ok
10:21:01.0110 0x0dd0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:21:01.0122 0x0dd0  AudioEndpointBuilder - ok
10:21:01.0135 0x0dd0  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
10:21:01.0144 0x0dd0  Audiosrv - ok
10:21:01.0726 0x0dd0  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
10:21:01.0939 0x0dd0  AVGIDSAgent - ok
10:21:02.0104 0x0dd0  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
10:21:02.0122 0x0dd0  AVGIDSDriver - ok
10:21:02.0186 0x0dd0  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
10:21:02.0189 0x0dd0  AVGIDSHX - ok
10:21:02.0261 0x0dd0  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
10:21:02.0270 0x0dd0  AVGIDSShim - ok
10:21:02.0346 0x0dd0  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
10:21:02.0387 0x0dd0  Avgldx86 - ok
10:21:02.0442 0x0dd0  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
10:21:02.0452 0x0dd0  Avglogx - ok
10:21:02.0460 0x0dd0  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
10:21:02.0464 0x0dd0  Avgmfx86 - ok
10:21:02.0512 0x0dd0  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
10:21:02.0515 0x0dd0  Avgrkx86 - ok
10:21:02.0578 0x0dd0  [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
10:21:02.0591 0x0dd0  Avgtdix - ok
10:21:02.0612 0x0dd0  [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
10:21:02.0616 0x0dd0  avgtp - ok
10:21:02.0687 0x0dd0  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
10:21:02.0698 0x0dd0  avgwd - ok
10:21:02.0727 0x0dd0  [ BF9D39CE8C5FFA38502E542C834809D3, A279458C8EEBCD835D38EF0037BB6D56399055DB233E023C9D0F0E2C2512240E ] AX88178         C:\Windows\system32\DRIVERS\ax88178.sys
10:21:02.0729 0x0dd0  AX88178 - ok
10:21:02.0780 0x0dd0  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:21:02.0782 0x0dd0  Beep - ok
10:21:02.0840 0x0dd0  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
10:21:02.0852 0x0dd0  BFE - ok
10:21:02.0858 0x0dd0  blbdrive - ok
10:21:02.0940 0x0dd0  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
10:21:02.0955 0x0dd0  Bonjour Service - ok
10:21:02.0993 0x0dd0  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:21:03.0006 0x0dd0  bowser - ok
10:21:03.0053 0x0dd0  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
10:21:03.0063 0x0dd0  BrFiltLo - ok
10:21:03.0081 0x0dd0  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
10:21:03.0096 0x0dd0  BrFiltUp - ok
10:21:03.0133 0x0dd0  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
10:21:03.0137 0x0dd0  Browser - ok
10:21:03.0180 0x0dd0  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
10:21:03.0184 0x0dd0  Brserid - ok
10:21:03.0233 0x0dd0  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
10:21:03.0256 0x0dd0  BrSerWdm - ok
10:21:03.0281 0x0dd0  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
10:21:03.0283 0x0dd0  BrUsbMdm - ok
10:21:03.0309 0x0dd0  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
10:21:03.0311 0x0dd0  BrUsbSer - ok
10:21:03.0346 0x0dd0  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:21:03.0348 0x0dd0  BTHMODEM - ok
10:21:03.0363 0x0dd0  catchme - ok
10:21:03.0406 0x0dd0  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:21:03.0408 0x0dd0  cdfs - ok
10:21:03.0446 0x0dd0  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:21:03.0450 0x0dd0  cdrom - ok
10:21:03.0508 0x0dd0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
10:21:03.0510 0x0dd0  CertPropSvc - ok
10:21:03.0554 0x0dd0  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:21:03.0557 0x0dd0  circlass - ok
10:21:03.0623 0x0dd0  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
10:21:03.0635 0x0dd0  CLFS - ok
10:21:03.0687 0x0dd0  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:21:03.0690 0x0dd0  clr_optimization_v2.0.50727_32 - ok
10:21:03.0751 0x0dd0  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:21:03.0757 0x0dd0  clr_optimization_v4.0.30319_32 - ok
10:21:03.0790 0x0dd0  [ C177DD90B5DC1DCAA96CCECE752E6F0F, 4469A32BFE9D0207A55AB222E4AF111D8780FCDB3E2D0BFB24742B4CE9040BA7 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:21:03.0798 0x0dd0  cmdide - ok
10:21:03.0836 0x0dd0  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:21:03.0838 0x0dd0  Compbatt - ok
10:21:03.0860 0x0dd0  COMSysApp - ok
10:21:03.0895 0x0dd0  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:21:03.0896 0x0dd0  crcdisk - ok
10:21:03.0911 0x0dd0  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
10:21:03.0913 0x0dd0  Crusoe - ok
10:21:03.0953 0x0dd0  [ FB27772BEAF8E1D28CCD825C09DA939B, D074A314FB3E6B2248F2DB0A734B98A110F618804449E055B4178BF414826982 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:21:03.0958 0x0dd0  CryptSvc - ok
10:21:03.0989 0x0dd0  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT         C:\Windows\system32\drivers\CT20XUT.SYS
10:21:03.0997 0x0dd0  CT20XUT - ok
10:21:04.0005 0x0dd0  CT20XUT.DLL - ok
10:21:04.0020 0x0dd0  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT.SYS     C:\Windows\System32\drivers\CT20XUT.SYS
10:21:04.0026 0x0dd0  CT20XUT.SYS - ok
10:21:04.0083 0x0dd0  [ BBEA62C1E79CB60AEBCEBE3C652A65AF, E0C609D168C789FD78537BC399C8C455CFC01503FF782DE8BCE931053E9A7A5E ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
10:21:04.0115 0x0dd0  ctac32k - ok
10:21:04.0185 0x0dd0  [ 9E9E32BEB19C84DB63DD06190F815883, 93A4A8DD27F39E0B86D06CC4DD2E90EF17768F4C424761E1E14D65E52B1129BE ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
10:21:04.0210 0x0dd0  ctaud2k - ok
10:21:04.0279 0x0dd0  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX        C:\Windows\system32\drivers\CTEXFIFX.SYS
10:21:04.0324 0x0dd0  CTEXFIFX - ok
10:21:04.0334 0x0dd0  CTEXFIFX.DLL - ok
10:21:04.0388 0x0dd0  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX.SYS    C:\Windows\System32\drivers\CTEXFIFX.SYS
10:21:04.0426 0x0dd0  CTEXFIFX.SYS - ok
10:21:04.0454 0x0dd0  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT         C:\Windows\system32\drivers\CTHWIUT.SYS
10:21:04.0467 0x0dd0  CTHWIUT - ok
10:21:04.0473 0x0dd0  CTHWIUT.DLL - ok
10:21:04.0480 0x0dd0  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT.SYS     C:\Windows\System32\drivers\CTHWIUT.SYS
10:21:04.0482 0x0dd0  CTHWIUT.SYS - ok
10:21:04.0505 0x0dd0  [ 9AB033A33B89E845AF5DA2BD11591111, F1B448B116B426B5AEE669D03B63221E20692BC052CB352CD83D81B174BF3666 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
10:21:04.0507 0x0dd0  ctprxy2k - ok
10:21:04.0528 0x0dd0  [ 421903C220773310E64107E636D79C4C, 8297D1EAD43B7D4B2E3300ECD95D2A8D7A78222C46F8A2E9A657CF77A4C289CE ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
10:21:04.0535 0x0dd0  ctsfm2k - ok
10:21:04.0620 0x0dd0  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:21:04.0651 0x0dd0  DcomLaunch - ok
10:21:04.0733 0x0dd0  [ 218D8AE46C88E82014F5D73D0236D9B2, D404EE45EFC2557182DDD9C1B7244C10FC5AD3080A57CDFBF2C9D3B890F78852 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:21:04.0748 0x0dd0  DfsC - ok
10:21:04.0927 0x0dd0  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
10:21:05.0004 0x0dd0  DFSR - ok
10:21:05.0095 0x0dd0  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
10:21:05.0112 0x0dd0  Dhcp - ok
10:21:05.0158 0x0dd0  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
10:21:05.0172 0x0dd0  disk - ok
10:21:05.0208 0x0dd0  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:21:05.0224 0x0dd0  Dnscache - ok
10:21:05.0291 0x0dd0  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
10:21:05.0306 0x0dd0  dot3svc - ok
10:21:05.0382 0x0dd0  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
10:21:05.0388 0x0dd0  DPS - ok
10:21:05.0430 0x0dd0  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:21:05.0432 0x0dd0  drmkaud - ok
10:21:05.0481 0x0dd0  [ C68AC676B0EF30CFBB1080ADCE49EB1F, 62A808F2BB22507B66AE825315BBB655776AFEFD9E7DE33795DD308ACE87F0CD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:21:05.0503 0x0dd0  DXGKrnl - ok
10:21:05.0554 0x0dd0  [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
10:21:05.0562 0x0dd0  e1express - ok
10:21:05.0619 0x0dd0  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
10:21:05.0624 0x0dd0  E1G60 - ok
10:21:05.0661 0x0dd0  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
10:21:05.0665 0x0dd0  EapHost - ok
10:21:05.0729 0x0dd0  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
10:21:05.0735 0x0dd0  Ecache - ok
10:21:05.0858 0x0dd0  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:21:05.0868 0x0dd0  ehRecvr - ok
10:21:05.0898 0x0dd0  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
10:21:05.0903 0x0dd0  ehSched - ok
10:21:05.0929 0x0dd0  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
10:21:05.0930 0x0dd0  ehstart - ok
10:21:05.0979 0x0dd0  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:21:06.0008 0x0dd0  elxstor - ok
10:21:06.0067 0x0dd0  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
10:21:06.0087 0x0dd0  EMDMgmt - ok
10:21:06.0122 0x0dd0  [ DCD7FCC11D9A2CFC0C51E2BC0F6877B9, AF84EEF436B679BD4333BE5FBB17EF71044A914F9A81EB85A0F57F3EBED84E47 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
10:21:06.0131 0x0dd0  emupia - ok
10:21:06.0183 0x0dd0  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
10:21:06.0194 0x0dd0  EventSystem - ok
10:21:06.0253 0x0dd0  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:21:06.0259 0x0dd0  exfat - ok
10:21:06.0298 0x0dd0  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:21:06.0304 0x0dd0  fastfat - ok
10:21:06.0328 0x0dd0  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
10:21:06.0330 0x0dd0  fdc - ok
10:21:06.0352 0x0dd0  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
10:21:06.0354 0x0dd0  fdPHost - ok
10:21:06.0385 0x0dd0  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:21:06.0387 0x0dd0  FDResPub - ok
10:21:06.0422 0x0dd0  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:21:06.0425 0x0dd0  FileInfo - ok
10:21:06.0445 0x0dd0  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:21:06.0462 0x0dd0  Filetrace - ok
10:21:06.0486 0x0dd0  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
10:21:06.0487 0x0dd0  flpydisk - ok
10:21:06.0531 0x0dd0  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:21:06.0538 0x0dd0  FltMgr - ok
10:21:06.0612 0x0dd0  [ 8CE364388C8ECA59B14B539179276D44, AD37AD512412A1A0955218A3DA0D6FBE1E30F373153CAF5912EFC076D348FED8 ] FontCache       C:\Windows\system32\FntCache.dll
10:21:06.0640 0x0dd0  FontCache - ok
10:21:06.0802 0x0dd0  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
10:21:06.0819 0x0dd0  FontCache3.0.0.0 - ok
10:21:06.0849 0x0dd0  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:21:06.0912 0x0dd0  Fs_Rec - ok
10:21:06.0958 0x0dd0  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:21:06.0980 0x0dd0  gagp30kx - ok
10:21:07.0069 0x0dd0  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
10:21:07.0071 0x0dd0  GEARAspiWDM - ok
10:21:07.0114 0x0dd0  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
10:21:07.0116 0x0dd0  GoToAssist - ok
10:21:07.0172 0x0dd0  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
10:21:07.0194 0x0dd0  gpsvc - ok
10:21:07.0281 0x0dd0  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1c9de69ecb1b563 C:\Program Files\Google\Update\GoogleUpdate.exe
10:21:07.0287 0x0dd0  gupdate1c9de69ecb1b563 - ok
10:21:07.0318 0x0dd0  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
10:21:07.0323 0x0dd0  gupdatem - ok
10:21:07.0351 0x0dd0  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
10:21:07.0358 0x0dd0  gusvc - ok
10:21:07.0491 0x0dd0  [ C663D5A459EE96B51D3FF49E70ABD143, 728F176249D7E21004CFBECF9127A8B91650AD2C6F352E370DACB20A7BB34538 ] ha20x22k        C:\Windows\system32\drivers\ha20x22k.sys
10:21:07.0543 0x0dd0  ha20x22k - ok
10:21:07.0632 0x0dd0  [ 435AFF96BA20997F684145C93A0D555F, A6AD23F51D2BB26CB525E98583148BA5D917265E2B7A78A9FF4C5D80353CB6F6 ] ha20x2k         C:\Windows\system32\drivers\ha20x2k.sys
10:21:07.0672 0x0dd0  ha20x2k - ok
10:21:07.0745 0x0dd0  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:21:07.0753 0x0dd0  HdAudAddService - ok
10:21:07.0928 0x0dd0  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:21:08.0003 0x0dd0  HDAudBus - ok
10:21:08.0069 0x0dd0  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:21:08.0071 0x0dd0  HidBth - ok
10:21:08.0113 0x0dd0  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:21:08.0115 0x0dd0  HidIr - ok
10:21:08.0145 0x0dd0  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
10:21:08.0147 0x0dd0  hidserv - ok
10:21:08.0216 0x0dd0  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:21:08.0250 0x0dd0  HidUsb - ok
10:21:08.0295 0x0dd0  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:21:08.0300 0x0dd0  hkmsvc - ok
10:21:08.0355 0x0dd0  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
10:21:08.0402 0x0dd0  HpCISSs - ok
10:21:08.0441 0x0dd0  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:21:08.0455 0x0dd0  HTTP - ok
10:21:08.0488 0x0dd0  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
10:21:08.0514 0x0dd0  i2omp - ok
10:21:08.0542 0x0dd0  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
10:21:08.0545 0x0dd0  i8042prt - ok
10:21:08.0647 0x0dd0  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
10:21:08.0674 0x0dd0  iaStorV - ok
10:21:08.0801 0x0dd0  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
10:21:08.0926 0x0dd0  IDriverT - ok
10:21:09.0028 0x0dd0  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
10:21:09.0059 0x0dd0  idsvc - ok
10:21:09.0083 0x0dd0  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:21:09.0092 0x0dd0  iirsp - ok
10:21:09.0145 0x0dd0  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:21:09.0162 0x0dd0  IKEEXT - ok
10:21:09.0235 0x0dd0  [ 59B00EFB24EAD979BECF413703BB1FAC, CC094DF02F2D894DCE31AB21CA3A90AB93AF9782535FBDE8B383CAD48BAB13DF ] intelide        C:\Windows\system32\drivers\intelide.sys
10:21:09.0237 0x0dd0  intelide - ok
10:21:09.0269 0x0dd0  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
10:21:09.0271 0x0dd0  intelppm - ok
10:21:09.0401 0x0dd0  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:21:09.0406 0x0dd0  IPBusEnum - ok
10:21:09.0503 0x0dd0  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:21:09.0519 0x0dd0  IpFilterDriver - ok
10:21:09.0528 0x0dd0  IpInIp - ok
10:21:09.0577 0x0dd0  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
10:21:09.0580 0x0dd0  IPMIDRV - ok
10:21:09.0673 0x0dd0  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
10:21:09.0715 0x0dd0  IPNAT - ok
10:21:09.0799 0x0dd0  [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
10:21:09.0819 0x0dd0  iPod Service - ok
10:21:09.0894 0x0dd0  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:21:09.0907 0x0dd0  IRENUM - ok
10:21:09.0938 0x0dd0  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:21:09.0940 0x0dd0  isapnp - ok
10:21:10.0038 0x0dd0  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
10:21:10.0063 0x0dd0  iScsiPrt - ok
10:21:10.0113 0x0dd0  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
10:21:10.0115 0x0dd0  iteatapi - ok
10:21:10.0169 0x0dd0  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
10:21:10.0172 0x0dd0  iteraid - ok
10:21:10.0216 0x0dd0  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:21:10.0218 0x0dd0  kbdclass - ok
10:21:10.0265 0x0dd0  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:21:10.0266 0x0dd0  kbdhid - ok
10:21:10.0320 0x0dd0  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] KeyIso          C:\Windows\system32\lsass.exe
10:21:10.0392 0x0dd0  KeyIso - ok
10:21:10.0480 0x0dd0  [ 86165728AF9BF72D6442A894FDFB4F8B, 97A95C1856C761C93F43B177995749E45FA066C7FF6E93E6C3F34C1593ED2FB7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:21:10.0497 0x0dd0  KSecDD - ok
10:21:10.0578 0x0dd0  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:21:10.0592 0x0dd0  KtmRm - ok
10:21:10.0649 0x0dd0  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
10:21:10.0671 0x0dd0  LanmanServer - ok
10:21:10.0751 0x0dd0  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:21:10.0761 0x0dd0  LanmanWorkstation - ok
10:21:10.0843 0x0dd0  [ 8CCF9ED46D52AF1375875F74A91FFACF, 43A38AE17D054C88176C7F1527CAA0D45AB0AC429C1C0440D9F2DECE0F90C058 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
10:21:10.0845 0x0dd0  lirsgt - ok
10:21:10.0876 0x0dd0  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:21:10.0901 0x0dd0  lltdio - ok
10:21:10.0957 0x0dd0  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:21:11.0035 0x0dd0  lltdsvc - ok
10:21:11.0077 0x0dd0  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:21:11.0080 0x0dd0  lmhosts - ok
10:21:11.0193 0x0dd0  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:21:11.0197 0x0dd0  LSI_FC - ok
10:21:11.0232 0x0dd0  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:21:11.0265 0x0dd0  LSI_SAS - ok
10:21:11.0303 0x0dd0  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:21:11.0307 0x0dd0  LSI_SCSI - ok
10:21:11.0341 0x0dd0  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
10:21:11.0346 0x0dd0  luafv - ok
10:21:11.0411 0x0dd0  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
10:21:11.0413 0x0dd0  MBAMSwissArmy - ok
10:21:11.0447 0x0dd0  MCSTRM - ok
10:21:11.0495 0x0dd0  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:21:11.0540 0x0dd0  Mcx2Svc - ok
10:21:11.0655 0x0dd0  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:21:11.0667 0x0dd0  megasas - ok
10:21:11.0698 0x0dd0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
10:21:11.0702 0x0dd0  MMCSS - ok
10:21:11.0810 0x0dd0  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
10:21:11.0841 0x0dd0  Modem - ok
10:21:11.0899 0x0dd0  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:21:11.0901 0x0dd0  monitor - ok
10:21:11.0943 0x0dd0  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:21:11.0972 0x0dd0  mouclass - ok
10:21:12.0018 0x0dd0  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:21:12.0020 0x0dd0  mouhid - ok
10:21:12.0059 0x0dd0  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
10:21:12.0062 0x0dd0  MountMgr - ok
10:21:12.0130 0x0dd0  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
10:21:12.0134 0x0dd0  MozillaMaintenance - ok
10:21:12.0189 0x0dd0  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:21:12.0227 0x0dd0  mpio - ok
10:21:12.0301 0x0dd0  [ A252ADB815E5186382D79E19DD7A486B, A3031877ED2BD7FDBF38F1D9524336666424D5D694D7EC4E7EBD644F19F08427 ] MPRIFL          C:\Windows\system32\DRIVERS\MPRIFL.SYS
10:21:12.0328 0x0dd0  MPRIFL - ok
10:21:12.0372 0x0dd0  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:21:12.0375 0x0dd0  mpsdrv - ok
10:21:12.0555 0x0dd0  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:21:12.0661 0x0dd0  MpsSvc - ok
10:21:12.0735 0x0dd0  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
10:21:12.0737 0x0dd0  Mraid35x - ok
10:21:12.0778 0x0dd0  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:21:12.0812 0x0dd0  MRxDAV - ok
10:21:12.0891 0x0dd0  [ 5FE5CF325F5B02EBC60832D3440CB414, F3039AD1D890994D06F68DFF6B265B0109732A44C9924190FEC3479B279A1E6E ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:21:12.0896 0x0dd0  mrxsmb - ok
10:21:12.0926 0x0dd0  [ 30B9C769446AF379A2AFB72B0392604D, D98DA01AE03C93F2E0A8F3EB5CD44BC92699F0353AB04DBE73E4CADEB4710A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:21:12.0934 0x0dd0  mrxsmb10 - ok
10:21:12.0943 0x0dd0  [ FEA239B3EC4877E2B7E23204AF589DDF, 94610722161880D4AC7C6B17823860C4B3A576AC4B6D21456F585EE2E970B6F6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:21:12.0948 0x0dd0  mrxsmb20 - ok
10:21:12.0967 0x0dd0  [ 2681302B63B318CBEA6C82902AC5428C, B3E243E8582AE92568231C197FC1CB2BA60EDDCBCAA7F404C4012D2A803B7A8E ] msahci          C:\Windows\system32\drivers\msahci.sys
10:21:12.0969 0x0dd0  msahci - ok
10:21:13.0009 0x0dd0  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:21:13.0031 0x0dd0  msdsm - ok
10:21:13.0084 0x0dd0  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
10:21:13.0143 0x0dd0  MSDTC - ok
10:21:13.0232 0x0dd0  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:21:13.0234 0x0dd0  Msfs - ok
10:21:13.0259 0x0dd0  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:21:13.0261 0x0dd0  msisadrv - ok
10:21:13.0360 0x0dd0  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:21:13.0411 0x0dd0  MSiSCSI - ok
10:21:13.0417 0x0dd0  msiserver - ok
10:21:13.0515 0x0dd0  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:21:13.0550 0x0dd0  MSKSSRV - ok
10:21:13.0581 0x0dd0  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:21:13.0582 0x0dd0  MSPCLOCK - ok
10:21:13.0622 0x0dd0  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:21:13.0634 0x0dd0  MSPQM - ok
10:21:13.0690 0x0dd0  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:21:13.0696 0x0dd0  MsRPC - ok
10:21:13.0722 0x0dd0  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:21:13.0724 0x0dd0  mssmbios - ok
10:21:13.0746 0x0dd0  MSSQL$BWDATOOLSET - ok
10:21:13.0938 0x0dd0  [ C06EA83F6FC2959E897C117255B6B1D5, 012C6E5AA61BAAED47CB0E59E2F3E6E87941F555C5581ECAC7DF1051795AF681 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
10:21:13.0966 0x0dd0  MSSQLServerADHelper - ok
10:21:14.0077 0x0dd0  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:21:14.0112 0x0dd0  MSTEE - ok
10:21:14.0162 0x0dd0  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
10:21:14.0165 0x0dd0  Mup - ok
10:21:14.0221 0x0dd0  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
10:21:14.0235 0x0dd0  napagent - ok
10:21:14.0290 0x0dd0  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:21:14.0322 0x0dd0  NativeWifiP - ok
10:21:14.0444 0x0dd0  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:21:14.0463 0x0dd0  NDIS - ok
10:21:14.0488 0x0dd0  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:21:14.0519 0x0dd0  NdisTapi - ok
10:21:14.0592 0x0dd0  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:21:14.0621 0x0dd0  Ndisuio - ok
10:21:14.0671 0x0dd0  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:21:14.0681 0x0dd0  NdisWan - ok
10:21:14.0716 0x0dd0  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:21:14.0719 0x0dd0  NDProxy - ok
10:21:14.0742 0x0dd0  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:21:14.0744 0x0dd0  NetBIOS - ok
10:21:14.0792 0x0dd0  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
10:21:14.0799 0x0dd0  netbt - ok
10:21:14.0824 0x0dd0  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] Netlogon        C:\Windows\system32\lsass.exe
10:21:14.0827 0x0dd0  Netlogon - ok
10:21:14.0959 0x0dd0  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
10:21:14.0994 0x0dd0  Netman - ok
10:21:15.0119 0x0dd0  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
10:21:15.0151 0x0dd0  netprofm - ok
10:21:15.0292 0x0dd0  [ 4D531DB50BBE43DACFF57ED20E25BE7F, FC71CB8708B03825DD8F3FE739538E695478C6818FC382A836F61AE0BED15B41 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
10:21:15.0333 0x0dd0  netr28u - ok
10:21:15.0378 0x0dd0  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:21:15.0406 0x0dd0  NetTcpPortSharing - ok
10:21:15.0456 0x0dd0  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:21:15.0488 0x0dd0  nfrd960 - ok
10:21:15.0543 0x0dd0  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:21:15.0578 0x0dd0  NlaSvc - ok
10:21:15.0643 0x0dd0  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:21:15.0674 0x0dd0  Npfs - ok
10:21:15.0710 0x0dd0  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
10:21:15.0735 0x0dd0  nsi - ok
10:21:15.0774 0x0dd0  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:21:15.0776 0x0dd0  nsiproxy - ok
10:21:15.0847 0x0dd0  [ 6A4A98CEE84CF9E99564510DDA4BAA47, 18C3D8C0F12761D3B7FC43D9413CF4C4CEBF8CA9BEC521381F40D241B35EA779 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:21:15.0905 0x0dd0  Ntfs - ok
10:21:15.0949 0x0dd0  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
10:21:15.0968 0x0dd0  ntrigdigi - ok
10:21:16.0027 0x0dd0  nTuneService - ok
10:21:16.0034 0x0dd0  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
10:21:16.0036 0x0dd0  Null - ok
10:21:16.0094 0x0dd0  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
10:21:16.0126 0x0dd0  NVENETFD - ok
10:21:16.0232 0x0dd0  [ 77F9F9A199B87FE3F852E12F5419240B, BE9C05F2AC12BB41EC71A596039F2116E5A0F454D32E5A618112296721001473 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
10:21:16.0239 0x0dd0  NVHDA - ok
10:21:17.0292 0x0dd0  [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
10:21:17.0719 0x0dd0  nvlddmkm - ok
10:21:17.0786 0x0dd0  [ 812F257ED1CD53FCB1F9F9CC910F4809, 253979B87378397566B4594283086DF0E541D838A29D540D93091F41438BD160 ] NVR0Dev         C:\Windows\nvoclock.sys
10:21:17.0789 0x0dd0  NVR0Dev - ok
10:21:17.0825 0x0dd0  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:21:17.0836 0x0dd0  nvraid - ok
10:21:17.0893 0x0dd0  [ 049E81B6FB41C73619ED3FE4DF7D8638, A31AF5271A36356148BF60952C40584652A1F4B8A06B027E9C3E7E4BEFFC3A8B ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
10:21:17.0898 0x0dd0  nvrd32 - ok
10:21:17.0940 0x0dd0  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:21:17.0964 0x0dd0  nvstor - ok
10:21:18.0003 0x0dd0  [ 7EBA6C9A0A295B1559EFB9062E701218, AB890B1CE155ABA6E633B9A4D422BFF42322D1CB067C237A926F36C8A5ADC8A2 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
10:21:18.0007 0x0dd0  nvstor32 - ok
10:21:18.0080 0x0dd0  [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] NVSvc           C:\Windows\system32\nvvsvc.exe
10:21:18.0123 0x0dd0  NVSvc - ok
10:21:18.0426 0x0dd0  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
10:21:18.0471 0x0dd0  nvUpdatusService - ok
10:21:18.0512 0x0dd0  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:21:18.0544 0x0dd0  nv_agp - ok
10:21:18.0550 0x0dd0  NwlnkFlt - ok
10:21:18.0556 0x0dd0  NwlnkFwd - ok
10:21:18.0797 0x0dd0  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
10:21:18.0824 0x0dd0  odserv - ok
10:21:18.0873 0x0dd0  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
10:21:18.0876 0x0dd0  ohci1394 - ok
10:21:18.0953 0x0dd0  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:21:19.0014 0x0dd0  ose - ok
10:21:19.0059 0x0dd0  [ 720204068066A2E25B53045FE34670BB, B45D0A425F56947A6780AD018BB3F4867C24F364F6A6A710F57743767FFBD23C ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
10:21:19.0083 0x0dd0  ossrv - ok
10:21:19.0176 0x0dd0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
10:21:19.0227 0x0dd0  p2pimsvc - ok
10:21:19.0253 0x0dd0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
10:21:19.0274 0x0dd0  p2psvc - ok
10:21:19.0372 0x0dd0  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
10:21:19.0440 0x0dd0  Parport - ok
10:21:19.0529 0x0dd0  [ 57389FA59A36D96B3EB09D0CB91E9CDC, 05A3E2B155789990517CCFDC57FC3D1E9A596E4F31D86350B8BF0C043DE5EE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:21:19.0532 0x0dd0  partmgr - ok
10:21:19.0586 0x0dd0  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
10:21:19.0587 0x0dd0  Parvdm - ok
10:21:19.0667 0x0dd0  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:21:19.0677 0x0dd0  PcaSvc - ok
10:21:19.0749 0x0dd0  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
10:21:19.0779 0x0dd0  pci - ok
10:21:19.0837 0x0dd0  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
10:21:19.0840 0x0dd0  pciide - ok
10:21:19.0913 0x0dd0  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:21:19.0920 0x0dd0  pcmcia - ok
10:21:20.0006 0x0dd0  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:21:20.0067 0x0dd0  PEAUTH - ok
10:21:20.0400 0x0dd0  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
10:21:20.0457 0x0dd0  pla - ok
10:21:20.0657 0x0dd0  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:21:20.0686 0x0dd0  PlugPlay - ok
10:21:20.0786 0x0dd0  [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
10:21:20.0806 0x0dd0  PnkBstrA - ok
10:21:20.0844 0x0dd0  [ 27F1BE4A53441C9F1F48B9ADC145B0A5, 8E2A136C508FE5C602BB9140462541A3882E751983DA56498B5EFA3777E68D99 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
10:21:20.0854 0x0dd0  PnkBstrB - ok
10:21:20.0893 0x0dd0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
10:21:20.0914 0x0dd0  PNRPAutoReg - ok
10:21:20.0988 0x0dd0  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
10:21:21.0009 0x0dd0  PNRPsvc - ok
10:21:21.0179 0x0dd0  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:21:21.0232 0x0dd0  PolicyAgent - ok
10:21:21.0325 0x0dd0  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:21:21.0365 0x0dd0  PptpMiniport - ok
10:21:21.0416 0x0dd0  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
10:21:21.0436 0x0dd0  Processor - ok
10:21:21.0517 0x0dd0  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
10:21:21.0543 0x0dd0  ProfSvc - ok
10:21:21.0581 0x0dd0  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] ProtectedStorage C:\Windows\system32\lsass.exe
10:21:21.0584 0x0dd0  ProtectedStorage - ok
10:21:21.0658 0x0dd0  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
10:21:21.0700 0x0dd0  PSched - ok
10:21:21.0743 0x0dd0  [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
10:21:21.0745 0x0dd0  PxHelp20 - ok
10:21:21.0930 0x0dd0  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:21:21.0962 0x0dd0  ql2300 - ok
10:21:22.0042 0x0dd0  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:21:22.0088 0x0dd0  ql40xx - ok
10:21:22.0122 0x0dd0  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
10:21:22.0134 0x0dd0  QWAVE - ok
10:21:22.0155 0x0dd0  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:21:22.0157 0x0dd0  QWAVEdrv - ok
10:21:22.0280 0x0dd0  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
10:21:22.0351 0x0dd0  R300 - ok
10:21:22.0536 0x0dd0  [ 37C3272E58976598BEF1CDF321019209, 1DCADE8B172A7E87E932573157666BC43E8296544E73E2BB0D0F0A6A9485A249 ] RalinkRegistryWriter C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe
10:21:22.0559 0x0dd0  RalinkRegistryWriter - ok
10:21:22.0579 0x0dd0  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:21:22.0581 0x0dd0  RasAcd - ok
10:21:22.0611 0x0dd0  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
10:21:22.0618 0x0dd0  RasAuto - ok
10:21:22.0647 0x0dd0  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:21:22.0654 0x0dd0  Rasl2tp - ok
10:21:22.0731 0x0dd0  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
10:21:22.0763 0x0dd0  RasMan - ok
10:21:22.0806 0x0dd0  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:21:22.0808 0x0dd0  RasPppoe - ok
10:21:22.0832 0x0dd0  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:21:22.0836 0x0dd0  RasSstp - ok
10:21:22.0876 0x0dd0  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:21:22.0885 0x0dd0  rdbss - ok
10:21:22.0910 0x0dd0  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:21:22.0921 0x0dd0  RDPCDD - ok
10:21:22.0949 0x0dd0  [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
10:21:22.0958 0x0dd0  rdpdr - ok
10:21:22.0971 0x0dd0  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:21:22.0972 0x0dd0  RDPENCDD - ok
10:21:23.0083 0x0dd0  [ 30BFBDFB7F95559EDE971F9DDB9A00BA, 1BDD3FD0ABCF5EA2C4D2618E76AC782894E5A7132700BA4C4226E1F9C7CE547B ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:21:23.0102 0x0dd0  RDPWD - ok
10:21:23.0135 0x0dd0  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:21:23.0143 0x0dd0  RemoteAccess - ok
10:21:23.0172 0x0dd0  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:21:23.0179 0x0dd0  RemoteRegistry - ok
10:21:23.0482 0x0dd0  [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
10:21:23.0600 0x0dd0  RoxMediaDB9 - ok
10:21:23.0716 0x0dd0  [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
10:21:23.0799 0x0dd0  RoxWatch9 - ok
10:21:23.0844 0x0dd0  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
10:21:23.0847 0x0dd0  RpcLocator - ok
10:21:23.0908 0x0dd0  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] RpcSs           C:\Windows\system32\rpcss.dll
10:21:23.0939 0x0dd0  RpcSs - ok
10:21:23.0992 0x0dd0  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:21:24.0010 0x0dd0  rspndr - ok
10:21:24.0026 0x0dd0  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] SamSs           C:\Windows\system32\lsass.exe
10:21:24.0029 0x0dd0  SamSs - ok
10:21:24.0061 0x0dd0  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:21:24.0079 0x0dd0  sbp2port - ok
10:21:24.0126 0x0dd0  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:21:24.0141 0x0dd0  SCardSvr - ok
10:21:24.0190 0x0dd0  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
10:21:24.0219 0x0dd0  Schedule - ok
10:21:24.0229 0x0dd0  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:21:24.0232 0x0dd0  SCPolicySvc - ok
10:21:24.0265 0x0dd0  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:21:24.0277 0x0dd0  SDRSVC - ok
10:21:24.0307 0x0dd0  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:21:24.0309 0x0dd0  secdrv - ok
10:21:24.0327 0x0dd0  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
10:21:24.0331 0x0dd0  seclogon - ok
10:21:24.0391 0x0dd0  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
10:21:24.0410 0x0dd0  SENS - ok
10:21:24.0429 0x0dd0  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
10:21:24.0431 0x0dd0  Serenum - ok
10:21:24.0477 0x0dd0  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
10:21:24.0506 0x0dd0  Serial - ok
10:21:24.0558 0x0dd0  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:21:24.0570 0x0dd0  sermouse - ok
10:21:24.0609 0x0dd0  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
10:21:24.0618 0x0dd0  SessionEnv - ok
10:21:24.0651 0x0dd0  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:21:24.0664 0x0dd0  sffdisk - ok
10:21:24.0682 0x0dd0  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:21:24.0684 0x0dd0  sffp_mmc - ok
10:21:24.0714 0x0dd0  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:21:24.0716 0x0dd0  sffp_sd - ok
10:21:24.0738 0x0dd0  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:21:24.0739 0x0dd0  sfloppy - ok
10:21:24.0786 0x0dd0  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:21:24.0797 0x0dd0  SharedAccess - ok
10:21:24.0872 0x0dd0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:21:24.0923 0x0dd0  ShellHWDetection - ok
10:21:24.0980 0x0dd0  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
10:21:24.0983 0x0dd0  sisagp - ok
10:21:25.0031 0x0dd0  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
10:21:25.0055 0x0dd0  SiSRaid2 - ok
10:21:25.0085 0x0dd0  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:21:25.0114 0x0dd0  SiSRaid4 - ok
10:21:25.0227 0x0dd0  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
10:21:25.0258 0x0dd0  SkypeUpdate - ok
10:21:26.0312 0x0dd0  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
10:21:27.0945 0x0dd0  slsvc - ok
10:21:28.0005 0x0dd0  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
10:21:28.0011 0x0dd0  SLUINotify - ok
10:21:28.0048 0x0dd0  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:21:28.0062 0x0dd0  Smb - ok
10:21:28.0108 0x0dd0  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:21:28.0113 0x0dd0  SNMPTRAP - ok
10:21:28.0133 0x0dd0  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:21:28.0135 0x0dd0  spldr - ok
10:21:28.0169 0x0dd0  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
10:21:28.0178 0x0dd0  Spooler - ok
10:21:28.0253 0x0dd0  [ B2EC3E1DEAC5F0A764BD3486D213A0AF, 77597D6AF90BF0FD50AF7271C800D84BE69E288760116B7A252FB8B068614A52 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
10:21:28.0314 0x0dd0  SQLBrowser - ok
10:21:28.0319 0x0dd0  SQLWriter - ok
10:21:28.0399 0x0dd0  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:21:28.0411 0x0dd0  srv - ok
10:21:28.0461 0x0dd0  [ A5940CA32ED206F90BE9FABDF6E92DE4, 3FA6120BE2380F85C0A7DCAA3D7D158494AA4C5B6587EF9F4135FE9B644B6029 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:21:28.0470 0x0dd0  srv2 - ok
10:21:28.0556 0x0dd0  [ 37AA1D560D5FA486C4B11C2F276ADA61, 53A54A45FE40E82F7BE481EFE5A8B14A5540398946B87AC0B1AB0F8253E2F1D8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:21:28.0576 0x0dd0  srvnet - ok
10:21:28.0685 0x0dd0  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:21:28.0705 0x0dd0  SSDPSRV - ok
10:21:28.0752 0x0dd0  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:21:28.0771 0x0dd0  SstpSvc - ok
10:21:28.0892 0x0dd0  [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
10:21:28.0906 0x0dd0  Stereo Service - ok
10:21:29.0006 0x0dd0  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
10:21:29.0025 0x0dd0  stisvc - ok
10:21:29.0134 0x0dd0  [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
10:21:29.0192 0x0dd0  stllssvr - ok
10:21:29.0254 0x0dd0  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:21:29.0279 0x0dd0  swenum - ok
10:21:29.0403 0x0dd0  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
10:21:29.0437 0x0dd0  swprv - ok
10:21:29.0476 0x0dd0  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
10:21:29.0478 0x0dd0  Symc8xx - ok
10:21:29.0502 0x0dd0  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
10:21:29.0524 0x0dd0  Sym_hi - ok
10:21:29.0532 0x0dd0  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
10:21:29.0534 0x0dd0  Sym_u3 - ok
10:21:29.0632 0x0dd0  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
10:21:29.0655 0x0dd0  SysMain - ok
10:21:29.0697 0x0dd0  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:21:29.0717 0x0dd0  TabletInputService - ok
10:21:29.0783 0x0dd0  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:21:29.0795 0x0dd0  TapiSrv - ok
10:21:29.0866 0x0dd0  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
10:21:29.0872 0x0dd0  TBS - ok
10:21:29.0928 0x0dd0  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:21:29.0996 0x0dd0  Tcpip - ok
10:21:30.0033 0x0dd0  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
10:21:30.0058 0x0dd0  Tcpip6 - ok
10:21:30.0137 0x0dd0  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:21:30.0147 0x0dd0  tcpipreg - ok
10:21:30.0242 0x0dd0  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:21:30.0246 0x0dd0  TDPIPE - ok
10:21:30.0269 0x0dd0  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:21:30.0271 0x0dd0  TDTCP - ok
10:21:30.0299 0x0dd0  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:21:30.0303 0x0dd0  tdx - ok
10:21:30.0305 0x0dd0  Have new async UDS detects: 2
10:21:30.0307 0x0dd0  DcomLaunch - detected UDS:DangerousObject.Multi.Generic ( 0 )
10:21:30.0404 0x0dd0  Object is SCO, delete is not allowed
10:21:30.0404 0x0dd0  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - infected
10:21:30.0404 0x0dd0  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
10:21:33.0189 0x0dd0  Object send P2P result: true
10:21:35.0814 0x0dd0  RpcSs - detected UDS:DangerousObject.Multi.Generic ( 0 )
10:21:35.0814 0x0dd0  Object is SCO, delete is not allowed
10:21:35.0814 0x0dd0  RpcSs ( UDS:DangerousObject.Multi.Generic ) - infected
10:21:35.0814 0x0dd0  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
10:21:40.0799 0x0dd0  Object send P2P result: true
10:21:43.0399 0x0dd0  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:21:43.0433 0x0dd0  TermDD - ok
10:21:43.0499 0x0dd0  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
10:21:43.0530 0x0dd0  TermService - ok
10:21:43.0569 0x0dd0  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
10:21:43.0579 0x0dd0  Themes - ok
10:21:43.0594 0x0dd0  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
10:21:43.0597 0x0dd0  THREADORDER - ok
10:21:43.0609 0x0dd0  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
10:21:43.0615 0x0dd0  TrkWks - ok
10:21:43.0666 0x0dd0  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:21:43.0696 0x0dd0  TrustedInstaller - ok
10:21:43.0738 0x0dd0  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:21:43.0740 0x0dd0  tssecsrv - ok
10:21:43.0769 0x0dd0  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
10:21:43.0772 0x0dd0  tunmp - ok
10:21:43.0853 0x0dd0  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:21:43.0881 0x0dd0  tunnel - ok
10:21:43.0917 0x0dd0  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:21:43.0921 0x0dd0  uagp35 - ok
10:21:44.0044 0x0dd0  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:21:44.0068 0x0dd0  udfs - ok
10:21:44.0118 0x0dd0  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:21:44.0124 0x0dd0  UI0Detect - ok
10:21:44.0177 0x0dd0  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:21:44.0213 0x0dd0  uliagpkx - ok
10:21:44.0317 0x0dd0  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
10:21:44.0340 0x0dd0  uliahci - ok
10:21:44.0391 0x0dd0  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
10:21:44.0409 0x0dd0  UlSata - ok
10:21:44.0440 0x0dd0  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
10:21:44.0445 0x0dd0  ulsata2 - ok
10:21:44.0529 0x0dd0  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:21:44.0560 0x0dd0  umbus - ok
10:21:44.0719 0x0dd0  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
10:21:44.0738 0x0dd0  upnphost - ok
10:21:44.0828 0x0dd0  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
10:21:44.0831 0x0dd0  USBAAPL - ok
10:21:44.0904 0x0dd0  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:21:44.0932 0x0dd0  usbccgp - ok
10:21:44.0996 0x0dd0  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:21:45.0017 0x0dd0  usbcir - ok
10:21:45.0067 0x0dd0  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:21:45.0069 0x0dd0  usbehci - ok
10:21:45.0104 0x0dd0  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:21:45.0111 0x0dd0  usbhub - ok
10:21:45.0192 0x0dd0  [ CE697FEE0D479290D89BEC80DFE793B7, D10F6BAD0467672CCE4F97C7F2E13437CE89AC754C895EAE05F0726B6DC617B1 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:21:45.0231 0x0dd0  usbohci - ok
10:21:45.0272 0x0dd0  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
10:21:45.0299 0x0dd0  usbprint - ok
10:21:45.0333 0x0dd0  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:21:45.0336 0x0dd0  USBSTOR - ok
10:21:45.0349 0x0dd0  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
10:21:45.0351 0x0dd0  usbuhci - ok
10:21:45.0415 0x0dd0  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
10:21:45.0482 0x0dd0  UxSms - ok
10:21:45.0729 0x0dd0  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
10:21:45.0745 0x0dd0  vds - ok
10:21:45.0785 0x0dd0  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:21:45.0787 0x0dd0  vga - ok
10:21:45.0813 0x0dd0  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:21:45.0815 0x0dd0  VgaSave - ok
10:21:45.0852 0x0dd0  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
10:21:45.0855 0x0dd0  viaagp - ok
10:21:45.0897 0x0dd0  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
10:21:45.0911 0x0dd0  ViaC7 - ok
10:21:45.0937 0x0dd0  [ 689547CE911998D1E0DA7A5992E025FC, F77F9732F2ACB7E227F692D582CD983C5B3AF3966204D5A6D6A580E3E2E3E084 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:21:45.0939 0x0dd0  viaide - ok
10:21:45.0956 0x0dd0  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:21:45.0960 0x0dd0  volmgr - ok
10:21:45.0999 0x0dd0  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:21:46.0009 0x0dd0  volmgrx - ok
10:21:46.0076 0x0dd0  [ 147281C01FCB1DF9252DE2A10D5E7093, DF5DCF6FD472F21863DC10B62F7647420B9686607857D08286B618D585E50219 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:21:46.0117 0x0dd0  volsnap - ok
10:21:46.0152 0x0dd0  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:21:46.0157 0x0dd0  vsmraid - ok
10:21:46.0607 0x0dd0  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
10:21:46.0649 0x0dd0  VSS - ok
10:21:46.0988 0x0dd0  [ 29CC39577CA273CA0E75FD562E66AE96, FA4A597CBFB918280C36EFBD11E73F9A2285C1A9B00913BDDDA546F3DCD310CF ] vToolbarUpdater18.0.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
10:21:47.0058 0x0dd0  vToolbarUpdater18.0.5 - ok
10:21:47.0320 0x0dd0  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
10:21:47.0362 0x0dd0  W32Time - ok
10:21:47.0395 0x0dd0  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:21:47.0397 0x0dd0  WacomPen - ok
10:21:47.0418 0x0dd0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
10:21:47.0421 0x0dd0  Wanarp - ok
10:21:47.0428 0x0dd0  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:21:47.0431 0x0dd0  Wanarpv6 - ok
10:21:47.0502 0x0dd0  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:21:47.0537 0x0dd0  wcncsvc - ok
10:21:47.0568 0x0dd0  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:21:47.0576 0x0dd0  WcsPlugInService - ok
10:21:47.0615 0x0dd0  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
10:21:47.0638 0x0dd0  Wd - ok
10:21:47.0692 0x0dd0  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:21:47.0715 0x0dd0  Wdf01000 - ok
10:21:47.0775 0x0dd0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:21:47.0789 0x0dd0  WdiServiceHost - ok
10:21:47.0795 0x0dd0  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:21:47.0801 0x0dd0  WdiSystemHost - ok
10:21:47.0838 0x0dd0  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
10:21:47.0849 0x0dd0  WebClient - ok
10:21:47.0891 0x0dd0  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:21:47.0904 0x0dd0  Wecsvc - ok
10:21:47.0933 0x0dd0  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:21:47.0939 0x0dd0  wercplsupport - ok
10:21:47.0958 0x0dd0  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:21:47.0966 0x0dd0  WerSvc - ok
10:21:47.0973 0x0dd0  WinHttpAutoProxySvc - ok
10:21:48.0097 0x0dd0  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:21:48.0158 0x0dd0  Winmgmt - ok
10:21:48.0368 0x0dd0  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:21:48.0414 0x0dd0  WinRM - ok
10:21:48.0474 0x0dd0  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:21:48.0495 0x0dd0  Wlansvc - ok
10:21:48.0519 0x0dd0  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:21:48.0522 0x0dd0  WmiAcpi - ok
10:21:48.0557 0x0dd0  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:21:48.0570 0x0dd0  wmiApSrv - ok
10:21:48.0640 0x0dd0  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
10:21:48.0670 0x0dd0  WMPNetworkSvc - ok
10:21:48.0711 0x0dd0  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:21:48.0723 0x0dd0  WPCSvc - ok
10:21:48.0792 0x0dd0  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:21:48.0804 0x0dd0  WPDBusEnum - ok
10:21:48.0833 0x0dd0  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
10:21:48.0835 0x0dd0  WpdUsb - ok
10:21:48.0944 0x0dd0  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
10:21:48.0974 0x0dd0  WPFFontCache_v0400 - ok
10:21:49.0009 0x0dd0  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:21:49.0015 0x0dd0  ws2ifsl - ok
10:21:49.0083 0x0dd0  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
10:21:49.0107 0x0dd0  wscsvc - ok
10:21:49.0112 0x0dd0  WSearch - ok
10:21:49.0165 0x0dd0  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:21:49.0168 0x0dd0  WUDFRd - ok
10:21:49.0227 0x0dd0  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:21:49.0234 0x0dd0  wudfsvc - ok
10:21:49.0272 0x0dd0  ================ Scan global ===============================
10:21:49.0306 0x0dd0  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
10:21:49.0455 0x0dd0  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
10:21:49.0620 0x0dd0  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
10:21:49.0764 0x0dd0  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
10:21:49.0781 0x0dd0  [ Global ] - ok
10:21:49.0781 0x0dd0  ================ Scan MBR ==================================
10:21:49.0804 0x0dd0  [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0
10:21:49.0838 0x0dd0  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a ( 0 )
10:21:49.0838 0x0dd0  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
10:21:55.0427 0x0dd0  [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
10:21:55.0434 0x0dd0  \Device\Harddisk1\DR1 - ok
10:21:55.0434 0x0dd0  ================ Scan VBR ==================================
10:21:55.0466 0x0dd0  [ 16D6AE6594CD9DAB8E6FECBD2CC03739 ] \Device\Harddisk0\DR0\Partition1
10:21:55.0654 0x0dd0  \Device\Harddisk0\DR0\Partition1 - ok
10:21:55.0705 0x0dd0  [ AA062BA183D7977D46E43AA638135E06 ] \Device\Harddisk0\DR0\Partition2
10:21:55.0861 0x0dd0  \Device\Harddisk0\DR0\Partition2 - ok
10:21:55.0865 0x0dd0  [ 997FBDE733E965D0CCCCA4242DB488A0 ] \Device\Harddisk1\DR1\Partition1
10:21:55.0867 0x0dd0  \Device\Harddisk1\DR1\Partition1 - ok
10:21:55.0957 0x0dd0  AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )
10:21:56.0011 0x0dd0  Win FW state via NFP2: enabled
10:22:10.0576 0x0dd0  ============================================================
10:22:10.0576 0x0dd0  Scan finished
10:22:10.0576 0x0dd0  ============================================================
10:22:10.0588 0x187c  Detected object count: 3
10:22:10.0589 0x187c  Actual detected object count: 3
10:22:48.0193 0x187c  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - skipped by user
10:22:48.0193 0x187c  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
10:22:48.0195 0x187c  RpcSs ( UDS:DangerousObject.Multi.Generic ) - skipped by user
10:22:48.0195 0x187c  RpcSs ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
10:22:48.0197 0x187c  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
10:22:48.0197 0x187c  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
 



#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 27 March 2014 - 11:40 AM

Fix with TDSS-Killer

Please read and follow these instructions carefully.

Download TDSSKiller.exe and save it to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • When the scan is finished, select copy to quarantine for the following entry.

    UDS:DangerousObject.Multi.Generic
    UDS:DangerousObject.Multi.Generic
    Rootkit.Boot.Wistler.a
    
  • Hit continue.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.
Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 27 March 2014 - 08:21 PM

Thank you, TDSS log:

 

20:18:29.0262 0x09d8  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
20:18:33.0642 0x09d8  ============================================================
20:18:33.0642 0x09d8  Current date / time: 2014/03/27 20:18:33.0642
20:18:33.0642 0x09d8  SystemInfo:
20:18:33.0642 0x09d8  
20:18:33.0642 0x09d8  OS Version: 6.0.6002 ServicePack: 2.0
20:18:33.0642 0x09d8  Product type: Workstation
20:18:33.0642 0x09d8  ComputerName: DAVE-PC
20:18:33.0642 0x09d8  UserName: Dave
20:18:33.0642 0x09d8  Windows directory: C:\Windows
20:18:33.0643 0x09d8  System windows directory: C:\Windows
20:18:33.0643 0x09d8  Processor architecture: Intel x86
20:18:33.0643 0x09d8  Number of processors: 4
20:18:33.0643 0x09d8  Page size: 0x1000
20:18:33.0643 0x09d8  Boot type: Normal boot
20:18:33.0643 0x09d8  ============================================================
20:18:33.0769 0x09d8  KLMD registered as C:\Windows\system32\drivers\22950711.sys
20:18:33.0873 0x09d8  System UUID: {16EB2CB0-2660-395B-9D3E-8D3E4D317369}
20:18:34.0431 0x09d8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:18:34.0435 0x09d8  Drive \Device\Harddisk1\DR1 - Size: 0xEF5FFE00 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
20:18:34.0436 0x09d8  ============================================================
20:18:34.0436 0x09d8  \Device\Harddisk0\DR0:
20:18:34.0436 0x09d8  MBR partitions:
20:18:34.0436 0x09d8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
20:18:34.0436 0x09d8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000
20:18:34.0436 0x09d8  \Device\Harddisk1\DR1:
20:18:34.0437 0x09d8  MBR partitions:
20:18:34.0437 0x09d8  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
20:18:34.0437 0x09d8  ============================================================
20:18:34.0462 0x09d8  C: <-> \Device\Harddisk0\DR0\Partition2
20:18:34.0485 0x09d8  D: <-> \Device\Harddisk0\DR0\Partition1
20:18:34.0486 0x09d8  ============================================================
20:18:34.0486 0x09d8  Initialize success
20:18:34.0486 0x09d8  ============================================================
20:18:41.0537 0x1f80  ============================================================
20:18:41.0537 0x1f80  Scan started
20:18:41.0537 0x1f80  Mode: Manual;
20:18:41.0537 0x1f80  ============================================================
20:18:41.0537 0x1f80  KSN ping started
20:18:44.0056 0x1f80  KSN ping finished: true
20:18:44.0235 0x1f80  ================ Scan system memory ========================
20:18:44.0235 0x1f80  System memory - ok
20:18:44.0235 0x1f80  ================ Scan services =============================
20:18:44.0375 0x1f80  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
20:18:44.0383 0x1f80  ACPI - ok
20:18:44.0471 0x1f80  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
20:18:44.0479 0x1f80  AdobeFlashPlayerUpdateSvc - ok
20:18:44.0532 0x1f80  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
20:18:44.0544 0x1f80  adp94xx - ok
20:18:44.0568 0x1f80  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
20:18:44.0577 0x1f80  adpahci - ok
20:18:44.0597 0x1f80  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
20:18:44.0601 0x1f80  adpu160m - ok
20:18:44.0625 0x1f80  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
20:18:44.0629 0x1f80  adpu320 - ok
20:18:44.0671 0x1f80  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
20:18:44.0673 0x1f80  AeLookupSvc - ok
20:18:44.0816 0x1f80  [ A201207363AA900ABF1A388468688570, C772D8546BBA93553AFCD553B7CF50C252B1F8B45A4A415014B48308F1D7ECD6 ] AFD             C:\Windows\system32\drivers\afd.sys
20:18:44.0824 0x1f80  AFD - ok
20:18:44.0910 0x1f80  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
20:18:44.0912 0x1f80  agp440 - ok
20:18:44.0955 0x1f80  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
20:18:44.0958 0x1f80  aic78xx - ok
20:18:45.0017 0x1f80  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
20:18:45.0020 0x1f80  ALG - ok
20:18:45.0027 0x1f80  [ E32A92E1574A467F7C762922F6162D76, 8FFDB6DF3DCA371BF0252BA42A4D9E67D6CC08B67C9008F6992646156E3DDAF7 ] aliide          C:\Windows\system32\drivers\aliide.sys
20:18:45.0028 0x1f80  aliide - ok
20:18:45.0054 0x1f80  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
20:18:45.0057 0x1f80  amdagp - ok
20:18:45.0085 0x1f80  [ B52B576CB0099A62F87214F371031561, E11C1FC16CF8D7B26856EB07E59537EFF5D2AFBB83B4A18CCFA3909DC8FD3196 ] amdide          C:\Windows\system32\drivers\amdide.sys
20:18:45.0086 0x1f80  amdide - ok
20:18:45.0110 0x1f80  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
20:18:45.0112 0x1f80  AmdK7 - ok
20:18:45.0122 0x1f80  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
20:18:45.0124 0x1f80  AmdK8 - ok
20:18:45.0149 0x1f80  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
20:18:45.0151 0x1f80  Appinfo - ok
20:18:45.0288 0x1f80  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:18:45.0291 0x1f80  Apple Mobile Device - ok
20:18:45.0333 0x1f80  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
20:18:45.0339 0x1f80  arc - ok
20:18:45.0374 0x1f80  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
20:18:45.0377 0x1f80  arcsas - ok
20:18:45.0434 0x1f80  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
20:18:45.0436 0x1f80  AsyncMac - ok
20:18:45.0472 0x1f80  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
20:18:45.0474 0x1f80  atapi - ok
20:18:45.0523 0x1f80  [ F9C24D25D9FF29F894995A64812B4D85, 3430E4EE1F7D185E269AF220C96BCA55143BA7C3A28262240F4D30DD1810A38C ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
20:18:45.0531 0x1f80  atksgt - ok
20:18:45.0588 0x1f80  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:18:45.0601 0x1f80  AudioEndpointBuilder - ok
20:18:45.0635 0x1f80  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
20:18:45.0647 0x1f80  Audiosrv - ok
20:18:46.0028 0x1f80  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
20:18:46.0179 0x1f80  AVGIDSAgent - ok
20:18:46.0273 0x1f80  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
20:18:46.0279 0x1f80  AVGIDSDriver - ok
20:18:46.0338 0x1f80  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
20:18:46.0341 0x1f80  AVGIDSHX - ok
20:18:46.0405 0x1f80  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
20:18:46.0407 0x1f80  AVGIDSShim - ok
20:18:46.0423 0x1f80  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
20:18:46.0429 0x1f80  Avgldx86 - ok
20:18:46.0462 0x1f80  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
20:18:46.0469 0x1f80  Avglogx - ok
20:18:46.0486 0x1f80  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
20:18:46.0490 0x1f80  Avgmfx86 - ok
20:18:46.0514 0x1f80  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
20:18:46.0516 0x1f80  Avgrkx86 - ok
20:18:46.0530 0x1f80  [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
20:18:46.0536 0x1f80  Avgtdix - ok
20:18:46.0565 0x1f80  [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
20:18:46.0567 0x1f80  avgtp - ok
20:18:46.0631 0x1f80  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
20:18:46.0639 0x1f80  avgwd - ok
20:18:46.0662 0x1f80  [ BF9D39CE8C5FFA38502E542C834809D3, A279458C8EEBCD835D38EF0037BB6D56399055DB233E023C9D0F0E2C2512240E ] AX88178         C:\Windows\system32\DRIVERS\ax88178.sys
20:18:46.0665 0x1f80  AX88178 - ok
20:18:46.0708 0x1f80  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
20:18:46.0709 0x1f80  Beep - ok
20:18:46.0797 0x1f80  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
20:18:46.0807 0x1f80  BFE - ok
20:18:46.0811 0x1f80  blbdrive - ok
20:18:46.0876 0x1f80  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:18:46.0887 0x1f80  Bonjour Service - ok
20:18:46.0928 0x1f80  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
20:18:46.0931 0x1f80  bowser - ok
20:18:46.0972 0x1f80  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
20:18:46.0973 0x1f80  BrFiltLo - ok
20:18:46.0991 0x1f80  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
20:18:46.0993 0x1f80  BrFiltUp - ok
20:18:47.0019 0x1f80  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
20:18:47.0022 0x1f80  Browser - ok
20:18:47.0049 0x1f80  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
20:18:47.0052 0x1f80  Brserid - ok
20:18:47.0111 0x1f80  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
20:18:47.0113 0x1f80  BrSerWdm - ok
20:18:47.0150 0x1f80  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
20:18:47.0152 0x1f80  BrUsbMdm - ok
20:18:47.0170 0x1f80  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
20:18:47.0171 0x1f80  BrUsbSer - ok
20:18:47.0199 0x1f80  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
20:18:47.0201 0x1f80  BTHMODEM - ok
20:18:47.0214 0x1f80  catchme - ok
20:18:47.0250 0x1f80  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
20:18:47.0253 0x1f80  cdfs - ok
20:18:47.0290 0x1f80  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
20:18:47.0293 0x1f80  cdrom - ok
20:18:47.0327 0x1f80  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
20:18:47.0329 0x1f80  CertPropSvc - ok
20:18:47.0365 0x1f80  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
20:18:47.0367 0x1f80  circlass - ok
20:18:47.0424 0x1f80  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
20:18:47.0432 0x1f80  CLFS - ok
20:18:47.0472 0x1f80  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:18:47.0475 0x1f80  clr_optimization_v2.0.50727_32 - ok
20:18:47.0520 0x1f80  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:18:47.0525 0x1f80  clr_optimization_v4.0.30319_32 - ok
20:18:47.0542 0x1f80  [ C177DD90B5DC1DCAA96CCECE752E6F0F, 4469A32BFE9D0207A55AB222E4AF111D8780FCDB3E2D0BFB24742B4CE9040BA7 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
20:18:47.0544 0x1f80  cmdide - ok
20:18:47.0572 0x1f80  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
20:18:47.0573 0x1f80  Compbatt - ok
20:18:47.0595 0x1f80  COMSysApp - ok
20:18:47.0605 0x1f80  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
20:18:47.0607 0x1f80  crcdisk - ok
20:18:47.0622 0x1f80  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
20:18:47.0624 0x1f80  Crusoe - ok
20:18:47.0656 0x1f80  [ FB27772BEAF8E1D28CCD825C09DA939B, D074A314FB3E6B2248F2DB0A734B98A110F618804449E055B4178BF414826982 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
20:18:47.0661 0x1f80  CryptSvc - ok
20:18:47.0699 0x1f80  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT         C:\Windows\system32\drivers\CT20XUT.SYS
20:18:47.0705 0x1f80  CT20XUT - ok
20:18:47.0715 0x1f80  CT20XUT.DLL - ok
20:18:47.0726 0x1f80  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT.SYS     C:\Windows\System32\drivers\CT20XUT.SYS
20:18:47.0732 0x1f80  CT20XUT.SYS - ok
20:18:47.0768 0x1f80  [ BBEA62C1E79CB60AEBCEBE3C652A65AF, E0C609D168C789FD78537BC399C8C455CFC01503FF782DE8BCE931053E9A7A5E ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
20:18:47.0783 0x1f80  ctac32k - ok
20:18:47.0881 0x1f80  [ 9E9E32BEB19C84DB63DD06190F815883, 93A4A8DD27F39E0B86D06CC4DD2E90EF17768F4C424761E1E14D65E52B1129BE ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
20:18:47.0897 0x1f80  ctaud2k - ok
20:18:47.0965 0x1f80  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX        C:\Windows\system32\drivers\CTEXFIFX.SYS
20:18:48.0002 0x1f80  CTEXFIFX - ok
20:18:48.0011 0x1f80  CTEXFIFX.DLL - ok
20:18:48.0059 0x1f80  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX.SYS    C:\Windows\System32\drivers\CTEXFIFX.SYS
20:18:48.0097 0x1f80  CTEXFIFX.SYS - ok
20:18:48.0132 0x1f80  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT         C:\Windows\system32\drivers\CTHWIUT.SYS
20:18:48.0135 0x1f80  CTHWIUT - ok
20:18:48.0139 0x1f80  CTHWIUT.DLL - ok
20:18:48.0145 0x1f80  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT.SYS     C:\Windows\System32\drivers\CTHWIUT.SYS
20:18:48.0147 0x1f80  CTHWIUT.SYS - ok
20:18:48.0174 0x1f80  [ 9AB033A33B89E845AF5DA2BD11591111, F1B448B116B426B5AEE669D03B63221E20692BC052CB352CD83D81B174BF3666 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
20:18:48.0176 0x1f80  ctprxy2k - ok
20:18:48.0188 0x1f80  [ 421903C220773310E64107E636D79C4C, 8297D1EAD43B7D4B2E3300ECD95D2A8D7A78222C46F8A2E9A657CF77A4C289CE ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
20:18:48.0193 0x1f80  ctsfm2k - ok
20:18:48.0281 0x1f80  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] DcomLaunch      C:\Windows\system32\rpcss.dll
20:18:48.0311 0x1f80  DcomLaunch - ok
20:18:48.0369 0x1f80  [ 218D8AE46C88E82014F5D73D0236D9B2, D404EE45EFC2557182DDD9C1B7244C10FC5AD3080A57CDFBF2C9D3B890F78852 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
20:18:48.0372 0x1f80  DfsC - ok
20:18:48.0491 0x1f80  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
20:18:48.0559 0x1f80  DFSR - ok
20:18:48.0648 0x1f80  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
20:18:48.0655 0x1f80  Dhcp - ok
20:18:48.0736 0x1f80  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
20:18:48.0739 0x1f80  disk - ok
20:18:48.0795 0x1f80  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
20:18:48.0799 0x1f80  Dnscache - ok
20:18:48.0884 0x1f80  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
20:18:48.0890 0x1f80  dot3svc - ok
20:18:49.0001 0x1f80  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
20:18:49.0006 0x1f80  DPS - ok
20:18:49.0067 0x1f80  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
20:18:49.0069 0x1f80  drmkaud - ok
20:18:49.0118 0x1f80  [ C68AC676B0EF30CFBB1080ADCE49EB1F, 62A808F2BB22507B66AE825315BBB655776AFEFD9E7DE33795DD308ACE87F0CD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
20:18:49.0137 0x1f80  DXGKrnl - ok
20:18:49.0208 0x1f80  [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
20:18:49.0214 0x1f80  e1express - ok
20:18:49.0272 0x1f80  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
20:18:49.0276 0x1f80  E1G60 - ok
20:18:49.0331 0x1f80  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
20:18:49.0335 0x1f80  EapHost - ok
20:18:49.0383 0x1f80  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
20:18:49.0387 0x1f80  Ecache - ok
20:18:49.0469 0x1f80  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
20:18:49.0477 0x1f80  ehRecvr - ok
20:18:49.0501 0x1f80  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
20:18:49.0506 0x1f80  ehSched - ok
20:18:49.0516 0x1f80  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
20:18:49.0517 0x1f80  ehstart - ok
20:18:49.0541 0x1f80  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
20:18:49.0551 0x1f80  elxstor - ok
20:18:49.0603 0x1f80  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
20:18:49.0624 0x1f80  EMDMgmt - ok
20:18:49.0642 0x1f80  [ DCD7FCC11D9A2CFC0C51E2BC0F6877B9, AF84EEF436B679BD4333BE5FBB17EF71044A914F9A81EB85A0F57F3EBED84E47 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
20:18:49.0647 0x1f80  emupia - ok
20:18:49.0695 0x1f80  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
20:18:49.0705 0x1f80  EventSystem - ok
20:18:49.0790 0x1f80  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
20:18:49.0796 0x1f80  exfat - ok
20:18:49.0826 0x1f80  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
20:18:49.0833 0x1f80  fastfat - ok
20:18:49.0890 0x1f80  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
20:18:49.0892 0x1f80  fdc - ok
20:18:49.0913 0x1f80  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
20:18:49.0916 0x1f80  fdPHost - ok
20:18:49.0938 0x1f80  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
20:18:49.0941 0x1f80  FDResPub - ok
20:18:49.0964 0x1f80  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
20:18:49.0967 0x1f80  FileInfo - ok
20:18:49.0982 0x1f80  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
20:18:49.0984 0x1f80  Filetrace - ok
20:18:50.0006 0x1f80  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
20:18:50.0008 0x1f80  flpydisk - ok
20:18:50.0068 0x1f80  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
20:18:50.0075 0x1f80  FltMgr - ok
20:18:50.0165 0x1f80  [ 8CE364388C8ECA59B14B539179276D44, AD37AD512412A1A0955218A3DA0D6FBE1E30F373153CAF5912EFC076D348FED8 ] FontCache       C:\Windows\system32\FntCache.dll
20:18:50.0202 0x1f80  FontCache - ok
20:18:50.0289 0x1f80  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:18:50.0291 0x1f80  FontCache3.0.0.0 - ok
20:18:50.0343 0x1f80  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
20:18:50.0346 0x1f80  Fs_Rec - ok
20:18:50.0378 0x1f80  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
20:18:50.0381 0x1f80  gagp30kx - ok
20:18:50.0464 0x1f80  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
20:18:50.0466 0x1f80  GEARAspiWDM - ok
20:18:50.0509 0x1f80  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
20:18:50.0510 0x1f80  GoToAssist - ok
20:18:50.0559 0x1f80  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
20:18:50.0579 0x1f80  gpsvc - ok
20:18:50.0659 0x1f80  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1c9de69ecb1b563 C:\Program Files\Google\Update\GoogleUpdate.exe
20:18:50.0665 0x1f80  gupdate1c9de69ecb1b563 - ok
20:18:50.0712 0x1f80  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
20:18:50.0716 0x1f80  gupdatem - ok
20:18:50.0762 0x1f80  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
20:18:50.0770 0x1f80  gusvc - ok
20:18:50.0870 0x1f80  [ C663D5A459EE96B51D3FF49E70ABD143, 728F176249D7E21004CFBECF9127A8B91650AD2C6F352E370DACB20A7BB34538 ] ha20x22k        C:\Windows\system32\drivers\ha20x22k.sys
20:18:50.0910 0x1f80  ha20x22k - ok
20:18:51.0010 0x1f80  [ 435AFF96BA20997F684145C93A0D555F, A6AD23F51D2BB26CB525E98583148BA5D917265E2B7A78A9FF4C5D80353CB6F6 ] ha20x2k         C:\Windows\system32\drivers\ha20x2k.sys
20:18:51.0051 0x1f80  ha20x2k - ok
20:18:51.0098 0x1f80  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:18:51.0107 0x1f80  HdAudAddService - ok
20:18:51.0140 0x1f80  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
20:18:51.0159 0x1f80  HDAudBus - ok
20:18:51.0198 0x1f80  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
20:18:51.0200 0x1f80  HidBth - ok
20:18:51.0233 0x1f80  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
20:18:51.0235 0x1f80  HidIr - ok
20:18:51.0265 0x1f80  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
20:18:51.0268 0x1f80  hidserv - ok
20:18:51.0295 0x1f80  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
20:18:51.0297 0x1f80  HidUsb - ok
20:18:51.0315 0x1f80  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
20:18:51.0320 0x1f80  hkmsvc - ok
20:18:51.0350 0x1f80  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
20:18:51.0365 0x1f80  HpCISSs - ok
20:18:51.0419 0x1f80  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
20:18:51.0434 0x1f80  HTTP - ok
20:18:51.0466 0x1f80  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
20:18:51.0469 0x1f80  i2omp - ok
20:18:51.0505 0x1f80  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
20:18:51.0508 0x1f80  i8042prt - ok
20:18:51.0575 0x1f80  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
20:18:51.0585 0x1f80  iaStorV - ok
20:18:51.0721 0x1f80  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
20:18:51.0725 0x1f80  IDriverT - ok
20:18:51.0833 0x1f80  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:18:51.0863 0x1f80  idsvc - ok
20:18:51.0887 0x1f80  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
20:18:51.0889 0x1f80  iirsp - ok
20:18:51.0957 0x1f80  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
20:18:51.0974 0x1f80  IKEEXT - ok
20:18:52.0022 0x1f80  [ 59B00EFB24EAD979BECF413703BB1FAC, CC094DF02F2D894DCE31AB21CA3A90AB93AF9782535FBDE8B383CAD48BAB13DF ] intelide        C:\Windows\system32\drivers\intelide.sys
20:18:52.0024 0x1f80  intelide - ok
20:18:52.0055 0x1f80  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
20:18:52.0058 0x1f80  intelppm - ok
20:18:52.0087 0x1f80  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
20:18:52.0092 0x1f80  IPBusEnum - ok
20:18:52.0124 0x1f80  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:18:52.0126 0x1f80  IpFilterDriver - ok
20:18:52.0130 0x1f80  IpInIp - ok
20:18:52.0147 0x1f80  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
20:18:52.0151 0x1f80  IPMIDRV - ok
20:18:52.0202 0x1f80  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
20:18:52.0206 0x1f80  IPNAT - ok
20:18:52.0268 0x1f80  [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:18:52.0288 0x1f80  iPod Service - ok
20:18:52.0323 0x1f80  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
20:18:52.0324 0x1f80  IRENUM - ok
20:18:52.0375 0x1f80  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
20:18:52.0377 0x1f80  isapnp - ok
20:18:52.0433 0x1f80  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
20:18:52.0440 0x1f80  iScsiPrt - ok
20:18:52.0475 0x1f80  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
20:18:52.0477 0x1f80  iteatapi - ok
20:18:52.0515 0x1f80  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
20:18:52.0517 0x1f80  iteraid - ok
20:18:52.0620 0x1f80  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
20:18:52.0629 0x1f80  kbdclass - ok
20:18:52.0693 0x1f80  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
20:18:52.0697 0x1f80  kbdhid - ok
20:18:52.0757 0x1f80  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] KeyIso          C:\Windows\system32\lsass.exe
20:18:52.0761 0x1f80  KeyIso - ok
20:18:52.0826 0x1f80  [ 86165728AF9BF72D6442A894FDFB4F8B, 97A95C1856C761C93F43B177995749E45FA066C7FF6E93E6C3F34C1593ED2FB7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
20:18:52.0846 0x1f80  KSecDD - ok
20:18:52.0907 0x1f80  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
20:18:52.0921 0x1f80  KtmRm - ok
20:18:52.0970 0x1f80  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
20:18:52.0983 0x1f80  LanmanServer - ok
20:18:53.0114 0x1f80  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:18:53.0131 0x1f80  LanmanWorkstation - ok
20:18:53.0180 0x1f80  [ 8CCF9ED46D52AF1375875F74A91FFACF, 43A38AE17D054C88176C7F1527CAA0D45AB0AC429C1C0440D9F2DECE0F90C058 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
20:18:53.0183 0x1f80  lirsgt - ok
20:18:53.0264 0x1f80  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
20:18:53.0267 0x1f80  lltdio - ok
20:18:53.0310 0x1f80  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
20:18:53.0318 0x1f80  lltdsvc - ok
20:18:53.0372 0x1f80  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
20:18:53.0376 0x1f80  lmhosts - ok
20:18:53.0438 0x1f80  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
20:18:53.0442 0x1f80  LSI_FC - ok
20:18:53.0477 0x1f80  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
20:18:53.0481 0x1f80  LSI_SAS - ok
20:18:53.0532 0x1f80  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
20:18:53.0557 0x1f80  LSI_SCSI - ok
20:18:53.0603 0x1f80  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
20:18:53.0608 0x1f80  luafv - ok
20:18:53.0656 0x1f80  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
20:18:53.0659 0x1f80  MBAMSwissArmy - ok
20:18:53.0692 0x1f80  MCSTRM - ok
20:18:53.0732 0x1f80  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
20:18:53.0736 0x1f80  Mcx2Svc - ok
20:18:53.0767 0x1f80  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
20:18:53.0769 0x1f80  megasas - ok
20:18:53.0801 0x1f80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
20:18:53.0806 0x1f80  MMCSS - ok
20:18:53.0831 0x1f80  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
20:18:53.0833 0x1f80  Modem - ok
20:18:53.0869 0x1f80  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
20:18:53.0871 0x1f80  monitor - ok
20:18:53.0896 0x1f80  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
20:18:53.0899 0x1f80  mouclass - ok
20:18:53.0930 0x1f80  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
20:18:53.0942 0x1f80  mouhid - ok
20:18:53.0979 0x1f80  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
20:18:53.0983 0x1f80  MountMgr - ok
20:18:54.0041 0x1f80  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:18:54.0047 0x1f80  MozillaMaintenance - ok
20:18:54.0101 0x1f80  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
20:18:54.0105 0x1f80  mpio - ok
20:18:54.0180 0x1f80  [ A252ADB815E5186382D79E19DD7A486B, A3031877ED2BD7FDBF38F1D9524336666424D5D694D7EC4E7EBD644F19F08427 ] MPRIFL          C:\Windows\system32\DRIVERS\MPRIFL.SYS
20:18:54.0181 0x1f80  MPRIFL - ok
20:18:54.0208 0x1f80  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
20:18:54.0212 0x1f80  mpsdrv - ok
20:18:54.0250 0x1f80  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
20:18:54.0263 0x1f80  MpsSvc - ok
20:18:54.0280 0x1f80  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
20:18:54.0283 0x1f80  Mraid35x - ok
20:18:54.0306 0x1f80  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
20:18:54.0311 0x1f80  MRxDAV - ok
20:18:54.0378 0x1f80  [ 5FE5CF325F5B02EBC60832D3440CB414, F3039AD1D890994D06F68DFF6B265B0109732A44C9924190FEC3479B279A1E6E ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
20:18:54.0383 0x1f80  mrxsmb - ok
20:18:54.0405 0x1f80  [ 30B9C769446AF379A2AFB72B0392604D, D98DA01AE03C93F2E0A8F3EB5CD44BC92699F0353AB04DBE73E4CADEB4710A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:18:54.0413 0x1f80  mrxsmb10 - ok
20:18:54.0421 0x1f80  [ FEA239B3EC4877E2B7E23204AF589DDF, 94610722161880D4AC7C6B17823860C4B3A576AC4B6D21456F585EE2E970B6F6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:18:54.0425 0x1f80  mrxsmb20 - ok
20:18:54.0446 0x1f80  [ 2681302B63B318CBEA6C82902AC5428C, B3E243E8582AE92568231C197FC1CB2BA60EDDCBCAA7F404C4012D2A803B7A8E ] msahci          C:\Windows\system32\drivers\msahci.sys
20:18:54.0448 0x1f80  msahci - ok
20:18:54.0479 0x1f80  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
20:18:54.0483 0x1f80  msdsm - ok
20:18:54.0529 0x1f80  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
20:18:54.0536 0x1f80  MSDTC - ok
20:18:54.0569 0x1f80  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
20:18:54.0572 0x1f80  Msfs - ok
20:18:54.0597 0x1f80  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
20:18:54.0599 0x1f80  msisadrv - ok
20:18:54.0630 0x1f80  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
20:18:54.0636 0x1f80  MSiSCSI - ok
20:18:54.0642 0x1f80  msiserver - ok
20:18:54.0677 0x1f80  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
20:18:54.0679 0x1f80  MSKSSRV - ok
20:18:54.0718 0x1f80  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
20:18:54.0742 0x1f80  MSPCLOCK - ok
20:18:54.0759 0x1f80  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
20:18:54.0761 0x1f80  MSPQM - ok
20:18:54.0794 0x1f80  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
20:18:54.0801 0x1f80  MsRPC - ok
20:18:54.0818 0x1f80  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
20:18:54.0819 0x1f80  mssmbios - ok
20:18:54.0833 0x1f80  MSSQL$BWDATOOLSET - ok
20:18:54.0900 0x1f80  [ C06EA83F6FC2959E897C117255B6B1D5, 012C6E5AA61BAAED47CB0E59E2F3E6E87941F555C5581ECAC7DF1051795AF681 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
20:18:54.0903 0x1f80  MSSQLServerADHelper - ok
20:18:54.0940 0x1f80  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
20:18:54.0941 0x1f80  MSTEE - ok
20:18:54.0949 0x1f80  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
20:18:54.0952 0x1f80  Mup - ok
20:18:55.0000 0x1f80  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
20:18:55.0014 0x1f80  napagent - ok
20:18:55.0060 0x1f80  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
20:18:55.0066 0x1f80  NativeWifiP - ok
20:18:55.0114 0x1f80  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
20:18:55.0137 0x1f80  NDIS - ok
20:18:55.0167 0x1f80  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
20:18:55.0169 0x1f80  NdisTapi - ok
20:18:55.0196 0x1f80  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
20:18:55.0198 0x1f80  Ndisuio - ok
20:18:55.0233 0x1f80  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
20:18:55.0239 0x1f80  NdisWan - ok
20:18:55.0261 0x1f80  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
20:18:55.0264 0x1f80  NDProxy - ok
20:18:55.0279 0x1f80  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
20:18:55.0282 0x1f80  NetBIOS - ok
20:18:55.0320 0x1f80  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
20:18:55.0328 0x1f80  netbt - ok
20:18:55.0333 0x1f80  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] Netlogon        C:\Windows\system32\lsass.exe
20:18:55.0336 0x1f80  Netlogon - ok
20:18:55.0409 0x1f80  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
20:18:55.0421 0x1f80  Netman - ok
20:18:55.0439 0x1f80  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
20:18:55.0450 0x1f80  netprofm - ok
20:18:55.0594 0x1f80  [ 4D531DB50BBE43DACFF57ED20E25BE7F, FC71CB8708B03825DD8F3FE739538E695478C6818FC382A836F61AE0BED15B41 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
20:18:55.0636 0x1f80  netr28u - ok
20:18:55.0715 0x1f80  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:18:55.0728 0x1f80  NetTcpPortSharing - ok
20:18:55.0768 0x1f80  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
20:18:55.0771 0x1f80  nfrd960 - ok
20:18:55.0855 0x1f80  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
20:18:55.0866 0x1f80  NlaSvc - ok
20:18:55.0905 0x1f80  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
20:18:55.0909 0x1f80  Npfs - ok
20:18:55.0931 0x1f80  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
20:18:55.0935 0x1f80  nsi - ok
20:18:55.0970 0x1f80  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
20:18:55.0975 0x1f80  nsiproxy - ok
20:18:56.0065 0x1f80  [ 6A4A98CEE84CF9E99564510DDA4BAA47, 18C3D8C0F12761D3B7FC43D9413CF4C4CEBF8CA9BEC521381F40D241B35EA779 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
20:18:56.0112 0x1f80  Ntfs - ok
20:18:56.0137 0x1f80  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
20:18:56.0140 0x1f80  ntrigdigi - ok
20:18:56.0188 0x1f80  nTuneService - ok
20:18:56.0195 0x1f80  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
20:18:56.0199 0x1f80  Null - ok
20:18:56.0249 0x1f80  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
20:18:56.0263 0x1f80  NVENETFD - ok
20:18:56.0340 0x1f80  [ 77F9F9A199B87FE3F852E12F5419240B, BE9C05F2AC12BB41EC71A596039F2116E5A0F454D32E5A618112296721001473 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
20:18:56.0346 0x1f80  NVHDA - ok
20:18:56.0854 0x1f80  [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:18:57.0277 0x1f80  nvlddmkm - ok
20:18:57.0357 0x1f80  [ 812F257ED1CD53FCB1F9F9CC910F4809, 253979B87378397566B4594283086DF0E541D838A29D540D93091F41438BD160 ] NVR0Dev         C:\Windows\nvoclock.sys
20:18:57.0359 0x1f80  NVR0Dev - ok
20:18:57.0388 0x1f80  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
20:18:57.0392 0x1f80  nvraid - ok
20:18:57.0430 0x1f80  [ 049E81B6FB41C73619ED3FE4DF7D8638, A31AF5271A36356148BF60952C40584652A1F4B8A06B027E9C3E7E4BEFFC3A8B ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
20:18:57.0435 0x1f80  nvrd32 - ok
20:18:57.0453 0x1f80  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
20:18:57.0455 0x1f80  nvstor - ok
20:18:57.0473 0x1f80  [ 7EBA6C9A0A295B1559EFB9062E701218, AB890B1CE155ABA6E633B9A4D422BFF42322D1CB067C237A926F36C8A5ADC8A2 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
20:18:57.0478 0x1f80  nvstor32 - ok
20:18:57.0559 0x1f80  [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] NVSvc           C:\Windows\system32\nvvsvc.exe
20:18:57.0605 0x1f80  NVSvc - ok
20:18:57.0705 0x1f80  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
20:18:57.0746 0x1f80  nvUpdatusService - ok
20:18:57.0775 0x1f80  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
20:18:57.0779 0x1f80  nv_agp - ok
20:18:57.0784 0x1f80  NwlnkFlt - ok
20:18:57.0789 0x1f80  NwlnkFwd - ok
20:18:57.0901 0x1f80  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
20:18:57.0917 0x1f80  odserv - ok
20:18:57.0960 0x1f80  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
20:18:57.0963 0x1f80  ohci1394 - ok
20:18:58.0001 0x1f80  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:18:58.0007 0x1f80  ose - ok
20:18:58.0046 0x1f80  [ 720204068066A2E25B53045FE34670BB, B45D0A425F56947A6780AD018BB3F4867C24F364F6A6A710F57743767FFBD23C ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
20:18:58.0052 0x1f80  ossrv - ok
20:18:58.0114 0x1f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
20:18:58.0138 0x1f80  p2pimsvc - ok
20:18:58.0165 0x1f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
20:18:58.0186 0x1f80  p2psvc - ok
20:18:58.0210 0x1f80  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
20:18:58.0214 0x1f80  Parport - ok
20:18:58.0242 0x1f80  [ 57389FA59A36D96B3EB09D0CB91E9CDC, 05A3E2B155789990517CCFDC57FC3D1E9A596E4F31D86350B8BF0C043DE5EE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
20:18:58.0244 0x1f80  partmgr - ok
20:18:58.0257 0x1f80  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
20:18:58.0259 0x1f80  Parvdm - ok
20:18:58.0292 0x1f80  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
20:18:58.0297 0x1f80  PcaSvc - ok
20:18:58.0352 0x1f80  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
20:18:58.0359 0x1f80  pci - ok
20:18:58.0366 0x1f80  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
20:18:58.0369 0x1f80  pciide - ok
20:18:58.0401 0x1f80  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
20:18:58.0408 0x1f80  pcmcia - ok
20:18:58.0478 0x1f80  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
20:18:58.0508 0x1f80  PEAUTH - ok
20:18:58.0603 0x1f80  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
20:18:58.0656 0x1f80  pla - ok
20:18:58.0703 0x1f80  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
20:18:58.0714 0x1f80  PlugPlay - ok
20:18:58.0790 0x1f80  [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
20:18:58.0812 0x1f80  PnkBstrA - ok
20:18:58.0899 0x1f80  [ 27F1BE4A53441C9F1F48B9ADC145B0A5, 8E2A136C508FE5C602BB9140462541A3882E751983DA56498B5EFA3777E68D99 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
20:18:58.0927 0x1f80  PnkBstrB - ok
20:18:58.0980 0x1f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
20:18:59.0002 0x1f80  PNRPAutoReg - ok
20:18:59.0043 0x1f80  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
20:18:59.0064 0x1f80  PNRPsvc - ok
20:18:59.0108 0x1f80  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
20:18:59.0122 0x1f80  PolicyAgent - ok
20:18:59.0146 0x1f80  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
20:18:59.0149 0x1f80  PptpMiniport - ok
20:18:59.0195 0x1f80  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
20:18:59.0198 0x1f80  Processor - ok
20:18:59.0270 0x1f80  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
20:18:59.0278 0x1f80  ProfSvc - ok
20:18:59.0336 0x1f80  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:18:59.0338 0x1f80  ProtectedStorage - ok
20:18:59.0363 0x1f80  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
20:18:59.0366 0x1f80  PSched - ok
20:18:59.0389 0x1f80  [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
20:18:59.0392 0x1f80  PxHelp20 - ok
20:18:59.0455 0x1f80  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
20:18:59.0486 0x1f80  ql2300 - ok
20:18:59.0504 0x1f80  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
20:18:59.0509 0x1f80  ql40xx - ok
20:18:59.0552 0x1f80  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
20:18:59.0563 0x1f80  QWAVE - ok
20:18:59.0584 0x1f80  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
20:18:59.0587 0x1f80  QWAVEdrv - ok
20:18:59.0697 0x1f80  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
20:18:59.0765 0x1f80  R300 - ok
20:18:59.0890 0x1f80  [ 37C3272E58976598BEF1CDF321019209, 1DCADE8B172A7E87E932573157666BC43E8296544E73E2BB0D0F0A6A9485A249 ] RalinkRegistryWriter C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe
20:18:59.0904 0x1f80  RalinkRegistryWriter - ok
20:18:59.0975 0x1f80  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
20:18:59.0999 0x1f80  RasAcd - ok
20:19:00.0041 0x1f80  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
20:19:00.0048 0x1f80  RasAuto - ok
20:19:00.0084 0x1f80  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
20:19:00.0089 0x1f80  Rasl2tp - ok
20:19:00.0210 0x1f80  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
20:19:00.0223 0x1f80  RasMan - ok
20:19:00.0251 0x1f80  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
20:19:00.0254 0x1f80  RasPppoe - ok
20:19:00.0270 0x1f80  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
20:19:00.0274 0x1f80  RasSstp - ok
20:19:00.0306 0x1f80  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
20:19:00.0314 0x1f80  rdbss - ok
20:19:00.0323 0x1f80  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
20:19:00.0325 0x1f80  RDPCDD - ok
20:19:00.0353 0x1f80  [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
20:19:00.0362 0x1f80  rdpdr - ok
20:19:00.0378 0x1f80  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
20:19:00.0380 0x1f80  RDPENCDD - ok
20:19:00.0443 0x1f80  [ 30BFBDFB7F95559EDE971F9DDB9A00BA, 1BDD3FD0ABCF5EA2C4D2618E76AC782894E5A7132700BA4C4226E1F9C7CE547B ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
20:19:00.0450 0x1f80  RDPWD - ok
20:19:00.0489 0x1f80  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
20:19:00.0494 0x1f80  RemoteAccess - ok
20:19:00.0526 0x1f80  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
20:19:00.0533 0x1f80  RemoteRegistry - ok
20:19:00.0634 0x1f80  [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
20:19:00.0664 0x1f80  RoxMediaDB9 - ok
20:19:00.0720 0x1f80  [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
20:19:00.0727 0x1f80  RoxWatch9 - ok
20:19:00.0765 0x1f80  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
20:19:00.0768 0x1f80  RpcLocator - ok
20:19:00.0821 0x1f80  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] RpcSs           C:\Windows\system32\rpcss.dll
20:19:00.0852 0x1f80  RpcSs - ok
20:19:00.0887 0x1f80  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
20:19:00.0891 0x1f80  rspndr - ok
20:19:00.0896 0x1f80  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] SamSs           C:\Windows\system32\lsass.exe
20:19:00.0899 0x1f80  SamSs - ok
20:19:00.0932 0x1f80  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
20:19:00.0936 0x1f80  sbp2port - ok
20:19:00.0956 0x1f80  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
20:19:00.0963 0x1f80  SCardSvr - ok
20:19:01.0002 0x1f80  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
20:19:01.0026 0x1f80  Schedule - ok
20:19:01.0050 0x1f80  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
20:19:01.0053 0x1f80  SCPolicySvc - ok
20:19:01.0078 0x1f80  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
20:19:01.0095 0x1f80  SDRSVC - ok
20:19:01.0111 0x1f80  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
20:19:01.0114 0x1f80  secdrv - ok
20:19:01.0173 0x1f80  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
20:19:01.0177 0x1f80  seclogon - ok
20:19:01.0271 0x1f80  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
20:19:01.0276 0x1f80  SENS - ok
20:19:01.0292 0x1f80  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
20:19:01.0294 0x1f80  Serenum - ok
20:19:01.0331 0x1f80  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
20:19:01.0336 0x1f80  Serial - ok
20:19:01.0379 0x1f80  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
20:19:01.0381 0x1f80  sermouse - ok
20:19:01.0414 0x1f80  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
20:19:01.0421 0x1f80  SessionEnv - ok
20:19:01.0438 0x1f80  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
20:19:01.0440 0x1f80  sffdisk - ok
20:19:01.0453 0x1f80  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
20:19:01.0455 0x1f80  sffp_mmc - ok
20:19:01.0469 0x1f80  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
20:19:01.0471 0x1f80  sffp_sd - ok
20:19:01.0484 0x1f80  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
20:19:01.0486 0x1f80  sfloppy - ok
20:19:01.0532 0x1f80  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
20:19:01.0543 0x1f80  SharedAccess - ok
20:19:01.0576 0x1f80  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:19:01.0588 0x1f80  ShellHWDetection - ok
20:19:01.0626 0x1f80  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
20:19:01.0628 0x1f80  sisagp - ok
20:19:01.0652 0x1f80  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
20:19:01.0655 0x1f80  SiSRaid2 - ok
20:19:01.0690 0x1f80  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
20:19:01.0694 0x1f80  SiSRaid4 - ok
20:19:01.0781 0x1f80  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
20:19:01.0787 0x1f80  SkypeUpdate - ok
20:19:01.0976 0x1f80  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
20:19:02.0092 0x1f80  slsvc - ok
20:19:02.0160 0x1f80  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
20:19:02.0166 0x1f80  SLUINotify - ok
20:19:02.0194 0x1f80  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
20:19:02.0202 0x1f80  Smb - ok
20:19:02.0229 0x1f80  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
20:19:02.0242 0x1f80  SNMPTRAP - ok
20:19:02.0262 0x1f80  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
20:19:02.0265 0x1f80  spldr - ok
20:19:02.0307 0x1f80  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
20:19:02.0316 0x1f80  Spooler - ok
20:19:02.0366 0x1f80  [ B2EC3E1DEAC5F0A764BD3486D213A0AF, 77597D6AF90BF0FD50AF7271C800D84BE69E288760116B7A252FB8B068614A52 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:19:02.0373 0x1f80  SQLBrowser - ok
20:19:02.0378 0x1f80  SQLWriter - ok
20:19:02.0428 0x1f80  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
20:19:02.0439 0x1f80  srv - ok
20:19:02.0458 0x1f80  [ A5940CA32ED206F90BE9FABDF6E92DE4, 3FA6120BE2380F85C0A7DCAA3D7D158494AA4C5B6587EF9F4135FE9B644B6029 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
20:19:02.0464 0x1f80  srv2 - ok
20:19:02.0527 0x1f80  [ 37AA1D560D5FA486C4B11C2F276ADA61, 53A54A45FE40E82F7BE481EFE5A8B14A5540398946B87AC0B1AB0F8253E2F1D8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
20:19:02.0533 0x1f80  srvnet - ok
20:19:02.0604 0x1f80  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
20:19:02.0614 0x1f80  SSDPSRV - ok
20:19:02.0640 0x1f80  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
20:19:02.0648 0x1f80  SstpSvc - ok
20:19:02.0755 0x1f80  [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:19:02.0766 0x1f80  Stereo Service - ok
20:19:02.0844 0x1f80  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
20:19:02.0863 0x1f80  stisvc - ok
20:19:02.0930 0x1f80  [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
20:19:02.0934 0x1f80  stllssvr - ok
20:19:02.0975 0x1f80  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
20:19:02.0977 0x1f80  swenum - ok
20:19:03.0060 0x1f80  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
20:19:03.0074 0x1f80  swprv - ok
20:19:03.0097 0x1f80  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
20:19:03.0100 0x1f80  Symc8xx - ok
20:19:03.0107 0x1f80  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
20:19:03.0109 0x1f80  Sym_hi - ok
20:19:03.0117 0x1f80  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
20:19:03.0120 0x1f80  Sym_u3 - ok
20:19:03.0187 0x1f80  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
20:19:03.0210 0x1f80  SysMain - ok
20:19:03.0235 0x1f80  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:19:03.0242 0x1f80  TabletInputService - ok
20:19:03.0296 0x1f80  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
20:19:03.0311 0x1f80  TapiSrv - ok
20:19:03.0337 0x1f80  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
20:19:03.0352 0x1f80  TBS - ok
20:19:03.0416 0x1f80  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
20:19:03.0447 0x1f80  Tcpip - ok
20:19:03.0484 0x1f80  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
20:19:03.0510 0x1f80  Tcpip6 - ok
20:19:03.0575 0x1f80  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
20:19:03.0577 0x1f80  tcpipreg - ok
20:19:03.0596 0x1f80  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
20:19:03.0598 0x1f80  TDPIPE - ok
20:19:03.0615 0x1f80  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
20:19:03.0618 0x1f80  TDTCP - ok
20:19:03.0645 0x1f80  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
20:19:03.0649 0x1f80  tdx - ok
20:19:03.0688 0x1f80  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
20:19:03.0691 0x1f80  TermDD - ok
20:19:03.0770 0x1f80  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
20:19:03.0789 0x1f80  TermService - ok
20:19:03.0809 0x1f80  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
20:19:03.0819 0x1f80  Themes - ok
20:19:03.0834 0x1f80  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
20:19:03.0837 0x1f80  THREADORDER - ok
20:19:03.0848 0x1f80  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
20:19:03.0855 0x1f80  TrkWks - ok
20:19:03.0890 0x1f80  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:19:03.0892 0x1f80  TrustedInstaller - ok
20:19:03.0919 0x1f80  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
20:19:03.0921 0x1f80  tssecsrv - ok
20:19:03.0950 0x1f80  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
20:19:03.0952 0x1f80  tunmp - ok
20:19:04.0018 0x1f80  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
20:19:04.0021 0x1f80  tunnel - ok
20:19:04.0057 0x1f80  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
20:19:04.0060 0x1f80  uagp35 - ok
20:19:04.0109 0x1f80  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
20:19:04.0116 0x1f80  udfs - ok
20:19:04.0166 0x1f80  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
20:19:04.0172 0x1f80  UI0Detect - ok
20:19:04.0191 0x1f80  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
20:19:04.0194 0x1f80  uliagpkx - ok
20:19:04.0232 0x1f80  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
20:19:04.0239 0x1f80  uliahci - ok
20:19:04.0263 0x1f80  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
20:19:04.0267 0x1f80  UlSata - ok
20:19:04.0297 0x1f80  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
20:19:04.0301 0x1f80  ulsata2 - ok
20:19:04.0343 0x1f80  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
20:19:04.0346 0x1f80  umbus - ok
20:19:04.0442 0x1f80  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
20:19:04.0483 0x1f80  upnphost - ok
20:19:04.0510 0x1f80  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
20:19:04.0512 0x1f80  USBAAPL - ok
20:19:04.0552 0x1f80  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
20:19:04.0555 0x1f80  usbccgp - ok
20:19:04.0586 0x1f80  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
20:19:04.0588 0x1f80  usbcir - ok
20:19:04.0623 0x1f80  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
20:19:04.0625 0x1f80  usbehci - ok
20:19:04.0661 0x1f80  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
20:19:04.0667 0x1f80  usbhub - ok
20:19:04.0715 0x1f80  [ CE697FEE0D479290D89BEC80DFE793B7, D10F6BAD0467672CCE4F97C7F2E13437CE89AC754C895EAE05F0726B6DC617B1 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
20:19:04.0717 0x1f80  usbohci - ok
20:19:04.0737 0x1f80  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
20:19:04.0739 0x1f80  usbprint - ok
20:19:04.0756 0x1f80  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:19:04.0759 0x1f80  USBSTOR - ok
20:19:04.0772 0x1f80  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
20:19:04.0774 0x1f80  usbuhci - ok
20:19:04.0838 0x1f80  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
20:19:04.0843 0x1f80  UxSms - ok
20:19:04.0885 0x1f80  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
20:19:04.0902 0x1f80  vds - ok
20:19:04.0941 0x1f80  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
20:19:04.0944 0x1f80  vga - ok
20:19:04.0969 0x1f80  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
20:19:04.0971 0x1f80  VgaSave - ok
20:19:05.0008 0x1f80  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
20:19:05.0011 0x1f80  viaagp - ok
20:19:05.0053 0x1f80  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
20:19:05.0056 0x1f80  ViaC7 - ok
20:19:05.0085 0x1f80  [ 689547CE911998D1E0DA7A5992E025FC, F77F9732F2ACB7E227F692D582CD983C5B3AF3966204D5A6D6A580E3E2E3E084 ] viaide          C:\Windows\system32\drivers\viaide.sys
20:19:05.0088 0x1f80  viaide - ok
20:19:05.0105 0x1f80  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
20:19:05.0108 0x1f80  volmgr - ok
20:19:05.0147 0x1f80  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
20:19:05.0158 0x1f80  volmgrx - ok
20:19:05.0199 0x1f80  [ 147281C01FCB1DF9252DE2A10D5E7093, DF5DCF6FD472F21863DC10B62F7647420B9686607857D08286B618D585E50219 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
20:19:05.0208 0x1f80  volsnap - ok
20:19:05.0225 0x1f80  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
20:19:05.0229 0x1f80  vsmraid - ok
20:19:05.0300 0x1f80  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
20:19:05.0340 0x1f80  VSS - ok
20:19:05.0616 0x1f80  [ 29CC39577CA273CA0E75FD562E66AE96, FA4A597CBFB918280C36EFBD11E73F9A2285C1A9B00913BDDDA546F3DCD310CF ] vToolbarUpdater18.0.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
20:19:05.0665 0x1f80  vToolbarUpdater18.0.5 - ok
20:19:05.0755 0x1f80  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
20:19:05.0768 0x1f80  W32Time - ok
20:19:05.0785 0x1f80  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
20:19:05.0787 0x1f80  WacomPen - ok
20:19:05.0808 0x1f80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
20:19:05.0811 0x1f80  Wanarp - ok
20:19:05.0819 0x1f80  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
20:19:05.0822 0x1f80  Wanarpv6 - ok
20:19:05.0859 0x1f80  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
20:19:05.0877 0x1f80  wcncsvc - ok
20:19:05.0899 0x1f80  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:19:05.0905 0x1f80  WcsPlugInService - ok
20:19:05.0939 0x1f80  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
20:19:05.0941 0x1f80  Wd - ok
20:19:05.0998 0x1f80  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
20:19:06.0016 0x1f80  Wdf01000 - ok
20:19:06.0040 0x1f80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
20:19:06.0047 0x1f80  WdiServiceHost - ok
20:19:06.0053 0x1f80  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
20:19:06.0060 0x1f80  WdiSystemHost - ok
20:19:06.0094 0x1f80  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
20:19:06.0105 0x1f80  WebClient - ok
20:19:06.0164 0x1f80  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
20:19:06.0173 0x1f80  Wecsvc - ok
20:19:06.0214 0x1f80  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
20:19:06.0220 0x1f80  wercplsupport - ok
20:19:06.0289 0x1f80  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
20:19:06.0298 0x1f80  WerSvc - ok
20:19:06.0306 0x1f80  WinHttpAutoProxySvc - ok
20:19:06.0370 0x1f80  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
20:19:06.0376 0x1f80  Winmgmt - ok
20:19:06.0442 0x1f80  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
20:19:06.0486 0x1f80  WinRM - ok
20:19:06.0539 0x1f80  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
20:19:06.0559 0x1f80  Wlansvc - ok
20:19:06.0584 0x1f80  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
20:19:06.0586 0x1f80  WmiAcpi - ok
20:19:06.0622 0x1f80  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
20:19:06.0627 0x1f80  wmiApSrv - ok
20:19:06.0705 0x1f80  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
20:19:06.0736 0x1f80  WMPNetworkSvc - ok
20:19:06.0767 0x1f80  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
20:19:06.0776 0x1f80  WPCSvc - ok
20:19:06.0849 0x1f80  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
20:19:06.0856 0x1f80  WPDBusEnum - ok
20:19:06.0889 0x1f80  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
20:19:06.0891 0x1f80  WpdUsb - ok
20:19:06.0983 0x1f80  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
20:19:07.0009 0x1f80  WPFFontCache_v0400 - ok
20:19:07.0049 0x1f80  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
20:19:07.0051 0x1f80  ws2ifsl - ok
20:19:07.0090 0x1f80  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
20:19:07.0097 0x1f80  wscsvc - ok
20:19:07.0103 0x1f80  WSearch - ok
20:19:07.0171 0x1f80  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
20:19:07.0175 0x1f80  WUDFRd - ok
20:19:07.0267 0x1f80  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
20:19:07.0274 0x1f80  wudfsvc - ok
20:19:07.0320 0x1f80  ================ Scan global ===============================
20:19:07.0355 0x1f80  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
20:19:07.0495 0x1f80  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
20:19:07.0535 0x1f80  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
20:19:07.0590 0x1f80  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
20:19:07.0619 0x1f80  [ Global ] - ok
20:19:07.0620 0x1f80  ================ Scan MBR ==================================
20:19:07.0644 0x1f80  [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0
20:19:07.0678 0x1f80  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a ( 0 )
20:19:07.0678 0x1f80  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
20:19:10.0235 0x1f80  Have new async UDS detects: 2
20:19:10.0238 0x1f80  DcomLaunch - detected UDS:DangerousObject.Multi.Generic ( 0 )
20:19:10.0339 0x1f80  Object is SCO, delete is not allowed
20:19:10.0339 0x1f80  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - infected
20:19:10.0339 0x1f80  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
20:19:15.0712 0x1f80  Object send P2P result: true
20:19:29.0276 0x1f80  RpcSs - detected UDS:DangerousObject.Multi.Generic ( 0 )
20:19:29.0276 0x1f80  Object is SCO, delete is not allowed
20:19:29.0276 0x1f80  RpcSs ( UDS:DangerousObject.Multi.Generic ) - infected
20:19:29.0276 0x1f80  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
20:19:32.0073 0x1f80  Object send P2P result: true
20:19:34.0633 0x1f80  [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
20:19:34.0639 0x1f80  \Device\Harddisk1\DR1 - ok
20:19:34.0639 0x1f80  ================ Scan VBR ==================================
20:19:34.0662 0x1f80  [ 16D6AE6594CD9DAB8E6FECBD2CC03739 ] \Device\Harddisk0\DR0\Partition1
20:19:34.0686 0x1f80  \Device\Harddisk0\DR0\Partition1 - ok
20:19:34.0709 0x1f80  [ AA062BA183D7977D46E43AA638135E06 ] \Device\Harddisk0\DR0\Partition2
20:19:34.0760 0x1f80  \Device\Harddisk0\DR0\Partition2 - ok
20:19:34.0764 0x1f80  [ 997FBDE733E965D0CCCCA4242DB488A0 ] \Device\Harddisk1\DR1\Partition1
20:19:34.0765 0x1f80  \Device\Harddisk1\DR1\Partition1 - ok
20:19:34.0787 0x1f80  AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )
20:19:34.0794 0x1f80  Win FW state via NFP2: enabled
20:19:37.0350 0x1f80  ============================================================
20:19:37.0350 0x1f80  Scan finished
20:19:37.0350 0x1f80  ============================================================
20:19:37.0368 0x1fb8  Detected object count: 3
20:19:37.0368 0x1fb8  Actual detected object count: 3
20:21:05.0728 0x1fb8  \Device\Harddisk0\DR0\# - copied to quarantine
20:21:05.0729 0x1fb8  \Device\Harddisk0\DR0 - copied to quarantine
20:21:05.0729 0x1fb8  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Quarantine
20:21:05.0851 0x1fb8  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - User select action: Quarantine
20:21:05.0991 0x1fb8  RpcSs ( UDS:DangerousObject.Multi.Generic ) - User select action: Quarantine
 



#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 28 March 2014 - 04:51 AM

Please rescan with TDSS-Killer and post the log.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 28 March 2014 - 07:51 AM

07:50:12.0508 0x17bc  TDSS rootkit removing tool 3.0.0.26 Mar 24 2014 07:28:43
07:50:15.0007 0x17bc  ============================================================
07:50:15.0007 0x17bc  Current date / time: 2014/03/28 07:50:15.0007
07:50:15.0007 0x17bc  SystemInfo:
07:50:15.0007 0x17bc  
07:50:15.0007 0x17bc  OS Version: 6.0.6002 ServicePack: 2.0
07:50:15.0007 0x17bc  Product type: Workstation
07:50:15.0007 0x17bc  ComputerName: DAVE-PC
07:50:15.0008 0x17bc  UserName: Dave
07:50:15.0008 0x17bc  Windows directory: C:\Windows
07:50:15.0008 0x17bc  System windows directory: C:\Windows
07:50:15.0008 0x17bc  Processor architecture: Intel x86
07:50:15.0008 0x17bc  Number of processors: 4
07:50:15.0008 0x17bc  Page size: 0x1000
07:50:15.0008 0x17bc  Boot type: Normal boot
07:50:15.0008 0x17bc  ============================================================
07:50:15.0149 0x17bc  KLMD registered as C:\Windows\system32\drivers\03758236.sys
07:50:15.0237 0x17bc  System UUID: {16EB2CB0-2660-395B-9D3E-8D3E4D317369}
07:50:15.0862 0x17bc  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
07:50:15.0866 0x17bc  Drive \Device\Harddisk1\DR1 - Size: 0xEF5FFE00 (3.74 Gb), SectorSize: 0x200, Cylinders: 0x1E8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
07:50:15.0867 0x17bc  ============================================================
07:50:15.0867 0x17bc  \Device\Harddisk0\DR0:
07:50:15.0867 0x17bc  MBR partitions:
07:50:15.0867 0x17bc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1B800, BlocksNum 0x1400000
07:50:15.0867 0x17bc  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x141B800, BlocksNum 0x38F6A000
07:50:15.0867 0x17bc  \Device\Harddisk1\DR1:
07:50:15.0868 0x17bc  MBR partitions:
07:50:15.0868 0x17bc  \Device\Harddisk1\DR1\Partition1: MBR, Type 0xB, StartLBA 0x26, BlocksNum 0x779FC2
07:50:15.0868 0x17bc  ============================================================
07:50:15.0940 0x17bc  C: <-> \Device\Harddisk0\DR0\Partition2
07:50:15.0966 0x17bc  D: <-> \Device\Harddisk0\DR0\Partition1
07:50:15.0966 0x17bc  ============================================================
07:50:15.0966 0x17bc  Initialize success
07:50:15.0966 0x17bc  ============================================================
07:50:17.0280 0x19d4  ============================================================
07:50:17.0280 0x19d4  Scan started
07:50:17.0280 0x19d4  Mode: Manual;
07:50:17.0280 0x19d4  ============================================================
07:50:17.0281 0x19d4  KSN ping started
07:50:30.0876 0x19d4  KSN ping finished: true
07:50:32.0043 0x19d4  ================ Scan system memory ========================
07:50:32.0043 0x19d4  System memory - ok
07:50:32.0045 0x19d4  ================ Scan services =============================
07:50:32.0288 0x19d4  [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI            C:\Windows\system32\drivers\acpi.sys
07:50:32.0297 0x19d4  ACPI - ok
07:50:32.0392 0x19d4  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
07:50:32.0400 0x19d4  AdobeFlashPlayerUpdateSvc - ok
07:50:32.0470 0x19d4  [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
07:50:32.0483 0x19d4  adp94xx - ok
07:50:32.0524 0x19d4  [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
07:50:32.0532 0x19d4  adpahci - ok
07:50:32.0560 0x19d4  [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m        C:\Windows\system32\drivers\adpu160m.sys
07:50:32.0564 0x19d4  adpu160m - ok
07:50:32.0621 0x19d4  [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
07:50:32.0626 0x19d4  adpu320 - ok
07:50:32.0676 0x19d4  [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
07:50:32.0677 0x19d4  AeLookupSvc - ok
07:50:32.0759 0x19d4  [ A201207363AA900ABF1A388468688570, C772D8546BBA93553AFCD553B7CF50C252B1F8B45A4A415014B48308F1D7ECD6 ] AFD             C:\Windows\system32\drivers\afd.sys
07:50:32.0767 0x19d4  AFD - ok
07:50:32.0906 0x19d4  [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440          C:\Windows\system32\drivers\agp440.sys
07:50:32.0925 0x19d4  agp440 - ok
07:50:33.0010 0x19d4  [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
07:50:33.0014 0x19d4  aic78xx - ok
07:50:33.0097 0x19d4  [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG             C:\Windows\System32\alg.exe
07:50:33.0099 0x19d4  ALG - ok
07:50:33.0106 0x19d4  [ E32A92E1574A467F7C762922F6162D76, 8FFDB6DF3DCA371BF0252BA42A4D9E67D6CC08B67C9008F6992646156E3DDAF7 ] aliide          C:\Windows\system32\drivers\aliide.sys
07:50:33.0107 0x19d4  aliide - ok
07:50:33.0176 0x19d4  [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
07:50:33.0178 0x19d4  amdagp - ok
07:50:33.0235 0x19d4  [ B52B576CB0099A62F87214F371031561, E11C1FC16CF8D7B26856EB07E59537EFF5D2AFBB83B4A18CCFA3909DC8FD3196 ] amdide          C:\Windows\system32\drivers\amdide.sys
07:50:33.0245 0x19d4  amdide - ok
07:50:33.0323 0x19d4  [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7           C:\Windows\system32\drivers\amdk7.sys
07:50:33.0325 0x19d4  AmdK7 - ok
07:50:33.0352 0x19d4  [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
07:50:33.0354 0x19d4  AmdK8 - ok
07:50:33.0381 0x19d4  [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo         C:\Windows\System32\appinfo.dll
07:50:33.0384 0x19d4  Appinfo - ok
07:50:33.0617 0x19d4  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
07:50:33.0629 0x19d4  Apple Mobile Device - ok
07:50:33.0771 0x19d4  [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc             C:\Windows\system32\drivers\arc.sys
07:50:33.0774 0x19d4  arc - ok
07:50:33.0813 0x19d4  [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
07:50:33.0817 0x19d4  arcsas - ok
07:50:33.0872 0x19d4  [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
07:50:33.0874 0x19d4  AsyncMac - ok
07:50:33.0945 0x19d4  [ 1F05B78AB91C9075565A9D8A4B880BC4, 737BE9F9376DAB0CCDFED93EA6D67F0C432367EA63CD772A453485BE769AF3BD ] atapi           C:\Windows\system32\drivers\atapi.sys
07:50:33.0958 0x19d4  atapi - ok
07:50:34.0051 0x19d4  [ F9C24D25D9FF29F894995A64812B4D85, 3430E4EE1F7D185E269AF220C96BCA55143BA7C3A28262240F4D30DD1810A38C ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
07:50:34.0060 0x19d4  atksgt - ok
07:50:34.0142 0x19d4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
07:50:34.0152 0x19d4  AudioEndpointBuilder - ok
07:50:34.0165 0x19d4  [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
07:50:34.0174 0x19d4  Audiosrv - ok
07:50:34.0490 0x19d4  [ 4DB93F4DB7077801D2D82013506AC1D0, 3D71655D1557021D5D828E37EAFDBA35C631061E48D64B9D376746F8FCC760B3 ] AVGIDSAgent     C:\Program Files\AVG\AVG2013\avgidsagent.exe
07:50:34.0629 0x19d4  AVGIDSAgent - ok
07:50:34.0744 0x19d4  [ 5BCAE36134162830ED283F4C3D88476A, A47EE816A88A8C18458BA721AB829E49D492128BA8D5BF6FF317C2B5A1FFA60F ] AVGIDSDriver    C:\Windows\system32\DRIVERS\avgidsdriverx.sys
07:50:34.0751 0x19d4  AVGIDSDriver - ok
07:50:34.0818 0x19d4  [ 7C8E88549BCDAAC965B1B724C175F7A9, 86240BF965C60FFAF381879D1B2DD7190FAD597E7534AEE9A9E48A2BDEC119BA ] AVGIDSHX        C:\Windows\system32\DRIVERS\avgidshx.sys
07:50:34.0821 0x19d4  AVGIDSHX - ok
07:50:34.0885 0x19d4  [ F8D2E76EA51B3B4119DF3D6A7A6D99F3, 417E05BA987345ED48223404DEBC10043A18CBC749462186CC3EE9C20F47C86D ] AVGIDSShim      C:\Windows\system32\DRIVERS\avgidsshimx.sys
07:50:34.0887 0x19d4  AVGIDSShim - ok
07:50:34.0912 0x19d4  [ 2018C4E9A40B122408763A5635CF14D9, E0BF5D5C7CFDD078F8BBA9627F1F8E0434B38A23FA9E039B37A22D7E1AD4EFFA ] Avgldx86        C:\Windows\system32\DRIVERS\avgldx86.sys
07:50:34.0918 0x19d4  Avgldx86 - ok
07:50:34.0950 0x19d4  [ E2B9CF2CF787C6978E7CC898E9684E48, 73D5D8514EF1BF3BCC64DC158C68189D07B3940641F1155823C6822D03BC761B ] Avglogx         C:\Windows\system32\DRIVERS\avglogx.sys
07:50:34.0959 0x19d4  Avglogx - ok
07:50:34.0969 0x19d4  [ 3F59750A3AA55C46663801E7C2FD1E2B, F748EB6552889974CB1FC6F666F2D78F654CAA990A339C741255355295CD46E8 ] Avgmfx86        C:\Windows\system32\DRIVERS\avgmfx86.sys
07:50:34.0973 0x19d4  Avgmfx86 - ok
07:50:35.0002 0x19d4  [ 90FA3A4BB1039701D68FD1CC2ED3EE22, 5842AECBF76163BCAEE19DED708291DD8402E2D24DD48453E6067A9AE5BABB11 ] Avgrkx86        C:\Windows\system32\DRIVERS\avgrkx86.sys
07:50:35.0004 0x19d4  Avgrkx86 - ok
07:50:35.0027 0x19d4  [ 14370FB29526F593C04FA48B5D69F7F0, EE5BBE674210AC3BC4103B6D43BABDCCCE681F3B0E93075F93CD453730C316B8 ] Avgtdix         C:\Windows\system32\DRIVERS\avgtdix.sys
07:50:35.0033 0x19d4  Avgtdix - ok
07:50:35.0062 0x19d4  [ 06AEB065AC25A2CFF80E1DF0303EC55B, EE913D669741B3F844AFEEFCF232D2D2C94081BCB39F79D81D7A7133DBC57252 ] avgtp           C:\Windows\system32\drivers\avgtpx86.sys
07:50:35.0064 0x19d4  avgtp - ok
07:50:35.0136 0x19d4  [ D646FA5135A1CD795877AFE9D17FA9ED, 2F97FBCD7BD75727A77C17D75D2482AE819D5D2EB9760D96412F9C20AA7D9473 ] avgwd           C:\Program Files\AVG\AVG2013\avgwdsvc.exe
07:50:35.0145 0x19d4  avgwd - ok
07:50:35.0167 0x19d4  [ BF9D39CE8C5FFA38502E542C834809D3, A279458C8EEBCD835D38EF0037BB6D56399055DB233E023C9D0F0E2C2512240E ] AX88178         C:\Windows\system32\DRIVERS\ax88178.sys
07:50:35.0170 0x19d4  AX88178 - ok
07:50:35.0221 0x19d4  [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep            C:\Windows\system32\drivers\Beep.sys
07:50:35.0222 0x19d4  Beep - ok
07:50:35.0280 0x19d4  [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE             C:\Windows\System32\bfe.dll
07:50:35.0290 0x19d4  BFE - ok
07:50:35.0296 0x19d4  blbdrive - ok
07:50:35.0373 0x19d4  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
07:50:35.0384 0x19d4  Bonjour Service - ok
07:50:35.0441 0x19d4  [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
07:50:35.0444 0x19d4  bowser - ok
07:50:35.0485 0x19d4  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\brfiltlo.sys
07:50:35.0486 0x19d4  BrFiltLo - ok
07:50:35.0521 0x19d4  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\brfiltup.sys
07:50:35.0522 0x19d4  BrFiltUp - ok
07:50:35.0565 0x19d4  [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser         C:\Windows\System32\browser.dll
07:50:35.0568 0x19d4  Browser - ok
07:50:35.0595 0x19d4  [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid         C:\Windows\system32\drivers\brserid.sys
07:50:35.0598 0x19d4  Brserid - ok
07:50:35.0640 0x19d4  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\system32\drivers\brserwdm.sys
07:50:35.0643 0x19d4  BrSerWdm - ok
07:50:35.0688 0x19d4  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\system32\drivers\brusbmdm.sys
07:50:35.0690 0x19d4  BrUsbMdm - ok
07:50:35.0733 0x19d4  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\system32\drivers\brusbser.sys
07:50:35.0734 0x19d4  BrUsbSer - ok
07:50:36.0012 0x19d4  [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
07:50:36.0014 0x19d4  BTHMODEM - ok
07:50:36.0029 0x19d4  catchme - ok
07:50:36.0064 0x19d4  [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
07:50:36.0067 0x19d4  cdfs - ok
07:50:36.0095 0x19d4  [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
07:50:36.0099 0x19d4  cdrom - ok
07:50:36.0131 0x19d4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc     C:\Windows\System32\certprop.dll
07:50:36.0133 0x19d4  CertPropSvc - ok
07:50:36.0153 0x19d4  [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass        C:\Windows\system32\drivers\circlass.sys
07:50:36.0157 0x19d4  circlass - ok
07:50:36.0196 0x19d4  [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS            C:\Windows\system32\CLFS.sys
07:50:36.0222 0x19d4  CLFS - ok
07:50:36.0285 0x19d4  [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
07:50:36.0288 0x19d4  clr_optimization_v2.0.50727_32 - ok
07:50:36.0375 0x19d4  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
07:50:36.0380 0x19d4  clr_optimization_v4.0.30319_32 - ok
07:50:36.0422 0x19d4  [ C177DD90B5DC1DCAA96CCECE752E6F0F, 4469A32BFE9D0207A55AB222E4AF111D8780FCDB3E2D0BFB24742B4CE9040BA7 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
07:50:36.0423 0x19d4  cmdide - ok
07:50:36.0452 0x19d4  [ 722936AFB75A7F509662B69B5632F48A, C386EA5E933C5D3F3FE162AE91F7D81C7C0765A1F790B1FF7B396A9DBDB4AD33 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
07:50:36.0453 0x19d4  Compbatt - ok
07:50:36.0475 0x19d4  COMSysApp - ok
07:50:36.0485 0x19d4  [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
07:50:36.0486 0x19d4  crcdisk - ok
07:50:36.0501 0x19d4  [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe          C:\Windows\system32\drivers\crusoe.sys
07:50:36.0504 0x19d4  Crusoe - ok
07:50:36.0544 0x19d4  [ FB27772BEAF8E1D28CCD825C09DA939B, D074A314FB3E6B2248F2DB0A734B98A110F618804449E055B4178BF414826982 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
07:50:36.0548 0x19d4  CryptSvc - ok
07:50:36.0578 0x19d4  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT         C:\Windows\system32\drivers\CT20XUT.SYS
07:50:36.0585 0x19d4  CT20XUT - ok
07:50:36.0595 0x19d4  CT20XUT.DLL - ok
07:50:36.0606 0x19d4  [ 0D97DE0AB31066AF0CABC9DA8452A19F, B83B07BC28ACAEDD707857CAFE1C4F63C75BE22949019C1490B201F0DC949AEB ] CT20XUT.SYS     C:\Windows\System32\drivers\CT20XUT.SYS
07:50:36.0612 0x19d4  CT20XUT.SYS - ok
07:50:36.0666 0x19d4  [ BBEA62C1E79CB60AEBCEBE3C652A65AF, E0C609D168C789FD78537BC399C8C455CFC01503FF782DE8BCE931053E9A7A5E ] ctac32k         C:\Windows\system32\drivers\ctac32k.sys
07:50:36.0685 0x19d4  ctac32k - ok
07:50:36.0729 0x19d4  [ 9E9E32BEB19C84DB63DD06190F815883, 93A4A8DD27F39E0B86D06CC4DD2E90EF17768F4C424761E1E14D65E52B1129BE ] ctaud2k         C:\Windows\system32\drivers\ctaud2k.sys
07:50:36.0745 0x19d4  ctaud2k - ok
07:50:36.0855 0x19d4  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX        C:\Windows\system32\drivers\CTEXFIFX.SYS
07:50:37.0092 0x19d4  CTEXFIFX - ok
07:50:37.0130 0x19d4  CTEXFIFX.DLL - ok
07:50:37.0204 0x19d4  [ AEA993B080D39179064EE9110B98EA06, B5F6087E56C0505BB14C7CD9B7A37ABF96B9DF47B207DD3762FB61924606F7B5 ] CTEXFIFX.SYS    C:\Windows\System32\drivers\CTEXFIFX.SYS
07:50:37.0269 0x19d4  CTEXFIFX.SYS - ok
07:50:37.0303 0x19d4  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT         C:\Windows\system32\drivers\CTHWIUT.SYS
07:50:37.0307 0x19d4  CTHWIUT - ok
07:50:37.0312 0x19d4  CTHWIUT.DLL - ok
07:50:37.0318 0x19d4  [ 40598BB83B52ADD86311E288B156B8A7, 6E2CF43ABA62A91D0EA6F3DAFF926602E4CBF37DB91CE9933AF301082A0E61E1 ] CTHWIUT.SYS     C:\Windows\System32\drivers\CTHWIUT.SYS
07:50:37.0322 0x19d4  CTHWIUT.SYS - ok
07:50:37.0362 0x19d4  [ 9AB033A33B89E845AF5DA2BD11591111, F1B448B116B426B5AEE669D03B63221E20692BC052CB352CD83D81B174BF3666 ] ctprxy2k        C:\Windows\system32\drivers\ctprxy2k.sys
07:50:37.0364 0x19d4  ctprxy2k - ok
07:50:37.0384 0x19d4  [ 421903C220773310E64107E636D79C4C, 8297D1EAD43B7D4B2E3300ECD95D2A8D7A78222C46F8A2E9A657CF77A4C289CE ] ctsfm2k         C:\Windows\system32\drivers\ctsfm2k.sys
07:50:37.0391 0x19d4  ctsfm2k - ok
07:50:37.0485 0x19d4  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] DcomLaunch      C:\Windows\system32\rpcss.dll
07:50:37.0521 0x19d4  DcomLaunch - ok
07:50:37.0590 0x19d4  [ 218D8AE46C88E82014F5D73D0236D9B2, D404EE45EFC2557182DDD9C1B7244C10FC5AD3080A57CDFBF2C9D3B890F78852 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
07:50:37.0593 0x19d4  DfsC - ok
07:50:37.0803 0x19d4  [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR            C:\Windows\system32\DFSR.exe
07:50:37.0916 0x19d4  DFSR - ok
07:50:38.0012 0x19d4  [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp            C:\Windows\System32\dhcpcsvc.dll
07:50:38.0020 0x19d4  Dhcp - ok
07:50:38.0133 0x19d4  [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk            C:\Windows\system32\drivers\disk.sys
07:50:38.0136 0x19d4  disk - ok
07:50:38.0225 0x19d4  [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache        C:\Windows\System32\dnsrslvr.dll
07:50:38.0229 0x19d4  Dnscache - ok
07:50:38.0275 0x19d4  [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc         C:\Windows\System32\dot3svc.dll
07:50:38.0281 0x19d4  dot3svc - ok
07:50:38.0328 0x19d4  [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS             C:\Windows\system32\dps.dll
07:50:38.0333 0x19d4  DPS - ok
07:50:38.0372 0x19d4  [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
07:50:38.0373 0x19d4  drmkaud - ok
07:50:38.0473 0x19d4  [ C68AC676B0EF30CFBB1080ADCE49EB1F, 62A808F2BB22507B66AE825315BBB655776AFEFD9E7DE33795DD308ACE87F0CD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
07:50:38.0492 0x19d4  DXGKrnl - ok
07:50:38.0570 0x19d4  [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express       C:\Windows\system32\DRIVERS\e1e6032.sys
07:50:38.0577 0x19d4  e1express - ok
07:50:38.0644 0x19d4  [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60           C:\Windows\system32\DRIVERS\E1G60I32.sys
07:50:38.0648 0x19d4  E1G60 - ok
07:50:38.0719 0x19d4  [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost         C:\Windows\System32\eapsvc.dll
07:50:38.0723 0x19d4  EapHost - ok
07:50:38.0771 0x19d4  [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache          C:\Windows\system32\drivers\ecache.sys
07:50:38.0776 0x19d4  Ecache - ok
07:50:38.0865 0x19d4  [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
07:50:38.0874 0x19d4  ehRecvr - ok
07:50:38.0923 0x19d4  [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched         C:\Windows\ehome\ehsched.exe
07:50:38.0927 0x19d4  ehSched - ok
07:50:38.0970 0x19d4  [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart         C:\Windows\ehome\ehstart.dll
07:50:38.0971 0x19d4  ehstart - ok
07:50:38.0996 0x19d4  [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
07:50:39.0005 0x19d4  elxstor - ok
07:50:39.0075 0x19d4  [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt         C:\Windows\system32\emdmgmt.dll
07:50:39.0092 0x19d4  EMDMgmt - ok
07:50:39.0138 0x19d4  [ DCD7FCC11D9A2CFC0C51E2BC0F6877B9, AF84EEF436B679BD4333BE5FBB17EF71044A914F9A81EB85A0F57F3EBED84E47 ] emupia          C:\Windows\system32\drivers\emupia2k.sys
07:50:39.0142 0x19d4  emupia - ok
07:50:39.0293 0x19d4  [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem     C:\Windows\system32\es.dll
07:50:39.0305 0x19d4  EventSystem - ok
07:50:39.0419 0x19d4  [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat           C:\Windows\system32\drivers\exfat.sys
07:50:39.0427 0x19d4  exfat - ok
07:50:39.0505 0x19d4  [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
07:50:39.0514 0x19d4  fastfat - ok
07:50:39.0577 0x19d4  [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
07:50:39.0580 0x19d4  fdc - ok
07:50:39.0651 0x19d4  [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost         C:\Windows\system32\fdPHost.dll
07:50:39.0656 0x19d4  fdPHost - ok
07:50:39.0685 0x19d4  [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub        C:\Windows\system32\fdrespub.dll
07:50:39.0688 0x19d4  FDResPub - ok
07:50:39.0731 0x19d4  [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
07:50:39.0735 0x19d4  FileInfo - ok
07:50:39.0761 0x19d4  [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
07:50:39.0763 0x19d4  Filetrace - ok
07:50:39.0785 0x19d4  [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
07:50:39.0788 0x19d4  flpydisk - ok
07:50:39.0848 0x19d4  [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
07:50:39.0860 0x19d4  FltMgr - ok
07:50:39.0966 0x19d4  [ 8CE364388C8ECA59B14B539179276D44, AD37AD512412A1A0955218A3DA0D6FBE1E30F373153CAF5912EFC076D348FED8 ] FontCache       C:\Windows\system32\FntCache.dll
07:50:40.0007 0x19d4  FontCache - ok
07:50:40.0093 0x19d4  [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
07:50:40.0100 0x19d4  FontCache3.0.0.0 - ok
07:50:40.0156 0x19d4  [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
07:50:40.0164 0x19d4  Fs_Rec - ok
07:50:40.0200 0x19d4  [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
07:50:40.0212 0x19d4  gagp30kx - ok
07:50:40.0335 0x19d4  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\Windows\system32\Drivers\GEARAspiWDM.sys
07:50:40.0338 0x19d4  GEARAspiWDM - ok
07:50:40.0422 0x19d4  [ D3316F6E3C011435F36E3D6E49B3196C, 941DF52BA26603A146ED6B65A696DB87153868ED0469EF9C2EB09AC7E63525B7 ] GoToAssist      C:\Program Files\Citrix\GoToAssist\514\g2aservice.exe
07:50:40.0424 0x19d4  GoToAssist - ok
07:50:40.0489 0x19d4  [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc           C:\Windows\System32\gpsvc.dll
07:50:40.0520 0x19d4  gpsvc - ok
07:50:40.0624 0x19d4  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdate1c9de69ecb1b563 C:\Program Files\Google\Update\GoogleUpdate.exe
07:50:40.0633 0x19d4  gupdate1c9de69ecb1b563 - ok
07:50:40.0714 0x19d4  [ 626A24ED1228580B9518C01930936DF9, CBD94AB1E5477D7288799D17528CC43D572E711DA0F2B0C784A0B9FE105BF0F4 ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
07:50:40.0719 0x19d4  gupdatem - ok
07:50:40.0828 0x19d4  [ 408DDD80EEDE47175F6844817B90213E, 836822885D90DAFFD25A7D7EE363F4DACD41AA4B59095243E2798B137DC55FE3 ] gusvc           C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
07:50:40.0836 0x19d4  gusvc - ok
07:50:40.0968 0x19d4  [ C663D5A459EE96B51D3FF49E70ABD143, 728F176249D7E21004CFBECF9127A8B91650AD2C6F352E370DACB20A7BB34538 ] ha20x22k        C:\Windows\system32\drivers\ha20x22k.sys
07:50:41.0071 0x19d4  ha20x22k - ok
07:50:41.0212 0x19d4  [ 435AFF96BA20997F684145C93A0D555F, A6AD23F51D2BB26CB525E98583148BA5D917265E2B7A78A9FF4C5D80353CB6F6 ] ha20x2k         C:\Windows\system32\drivers\ha20x2k.sys
07:50:41.0255 0x19d4  ha20x2k - ok
07:50:41.0382 0x19d4  [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
07:50:41.0391 0x19d4  HdAudAddService - ok
07:50:41.0461 0x19d4  [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
07:50:41.0482 0x19d4  HDAudBus - ok
07:50:41.0536 0x19d4  [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth          C:\Windows\system32\drivers\hidbth.sys
07:50:41.0558 0x19d4  HidBth - ok
07:50:41.0596 0x19d4  [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr           C:\Windows\system32\drivers\hidir.sys
07:50:41.0598 0x19d4  HidIr - ok
07:50:41.0653 0x19d4  [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv         C:\Windows\system32\hidserv.dll
07:50:41.0655 0x19d4  hidserv - ok
07:50:41.0716 0x19d4  [ CCA4B519B17E23A00B826C55716809CC, 91AD0758A6185B0FBBE383BDB1B457FFB850477AFF8DE040DE9527A97D28EF62 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
07:50:41.0718 0x19d4  HidUsb - ok
07:50:41.0787 0x19d4  [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc          C:\Windows\system32\kmsvc.dll
07:50:41.0792 0x19d4  hkmsvc - ok
07:50:41.0821 0x19d4  [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs         C:\Windows\system32\drivers\hpcisss.sys
07:50:41.0824 0x19d4  HpCISSs - ok
07:50:41.0899 0x19d4  [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
07:50:41.0917 0x19d4  HTTP - ok
07:50:41.0971 0x19d4  [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp           C:\Windows\system32\drivers\i2omp.sys
07:50:41.0995 0x19d4  i2omp - ok
07:50:42.0050 0x19d4  [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
07:50:42.0053 0x19d4  i8042prt - ok
07:50:42.0106 0x19d4  [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV         C:\Windows\system32\drivers\iastorv.sys
07:50:42.0116 0x19d4  iaStorV - ok
07:50:42.0234 0x19d4  [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT        C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
07:50:42.0241 0x19d4  IDriverT - ok
07:50:42.0416 0x19d4  [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
07:50:42.0450 0x19d4  idsvc - ok
07:50:42.0508 0x19d4  [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp           C:\Windows\system32\drivers\iirsp.sys
07:50:42.0516 0x19d4  iirsp - ok
07:50:42.0596 0x19d4  [ 9908D8A397B76CD8D31D0D383C5773C9, FFA6996BE9F11A81CB63C849C2400EB44A07706D1EEB7A3502D4110DAC3684A2 ] IKEEXT          C:\Windows\System32\ikeext.dll
07:50:42.0621 0x19d4  IKEEXT - ok
07:50:42.0685 0x19d4  [ 59B00EFB24EAD979BECF413703BB1FAC, CC094DF02F2D894DCE31AB21CA3A90AB93AF9782535FBDE8B383CAD48BAB13DF ] intelide        C:\Windows\system32\drivers\intelide.sys
07:50:42.0687 0x19d4  intelide - ok
07:50:42.0719 0x19d4  [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
07:50:42.0727 0x19d4  intelppm - ok
07:50:42.0792 0x19d4  [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
07:50:42.0799 0x19d4  IPBusEnum - ok
07:50:42.0836 0x19d4  [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
07:50:42.0840 0x19d4  IpFilterDriver - ok
07:50:42.0848 0x19d4  IpInIp - ok
07:50:42.0868 0x19d4  [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV         C:\Windows\system32\drivers\ipmidrv.sys
07:50:42.0872 0x19d4  IPMIDRV - ok
07:50:42.0923 0x19d4  [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT           C:\Windows\system32\DRIVERS\ipnat.sys
07:50:42.0928 0x19d4  IPNAT - ok
07:50:42.0983 0x19d4  [ 061614179585BE398A73B9B3AF111310, BE715790531CBF3E038C6C2083A0802FA492D1DCAB3ACFE035DF72E3D6A4B83B ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
07:50:43.0005 0x19d4  iPod Service - ok
07:50:43.0035 0x19d4  [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
07:50:43.0037 0x19d4  IRENUM - ok
07:50:43.0062 0x19d4  [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp          C:\Windows\system32\drivers\isapnp.sys
07:50:43.0066 0x19d4  isapnp - ok
07:50:43.0121 0x19d4  [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt        C:\Windows\system32\DRIVERS\msiscsi.sys
07:50:43.0131 0x19d4  iScsiPrt - ok
07:50:43.0162 0x19d4  [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi        C:\Windows\system32\drivers\iteatapi.sys
07:50:43.0165 0x19d4  iteatapi - ok
07:50:43.0194 0x19d4  [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid         C:\Windows\system32\drivers\iteraid.sys
07:50:43.0196 0x19d4  iteraid - ok
07:50:43.0224 0x19d4  [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
07:50:43.0226 0x19d4  kbdclass - ok
07:50:43.0256 0x19d4  [ EDE59EC70E25C24581ADD1FBEC7325F7, 41B37778E9A12675FC0DF74606AAF18C652EB88513B3C4889C5C512E14587CEE ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
07:50:43.0258 0x19d4  kbdhid - ok
07:50:43.0294 0x19d4  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] KeyIso          C:\Windows\system32\lsass.exe
07:50:43.0297 0x19d4  KeyIso - ok
07:50:43.0355 0x19d4  [ 86165728AF9BF72D6442A894FDFB4F8B, 97A95C1856C761C93F43B177995749E45FA066C7FF6E93E6C3F34C1593ED2FB7 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
07:50:43.0371 0x19d4  KSecDD - ok
07:50:43.0461 0x19d4  [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm           C:\Windows\system32\msdtckrm.dll
07:50:43.0486 0x19d4  KtmRm - ok
07:50:43.0516 0x19d4  [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer    C:\Windows\System32\srvsvc.dll
07:50:43.0524 0x19d4  LanmanServer - ok
07:50:43.0592 0x19d4  [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
07:50:43.0603 0x19d4  LanmanWorkstation - ok
07:50:43.0635 0x19d4  [ 8CCF9ED46D52AF1375875F74A91FFACF, 43A38AE17D054C88176C7F1527CAA0D45AB0AC429C1C0440D9F2DECE0F90C058 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
07:50:43.0637 0x19d4  lirsgt - ok
07:50:43.0660 0x19d4  [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
07:50:43.0662 0x19d4  lltdio - ok
07:50:43.0707 0x19d4  [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
07:50:43.0744 0x19d4  lltdsvc - ok
07:50:43.0769 0x19d4  [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts         C:\Windows\System32\lmhsvc.dll
07:50:43.0772 0x19d4  lmhosts - ok
07:50:43.0809 0x19d4  [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
07:50:43.0833 0x19d4  LSI_FC - ok
07:50:43.0856 0x19d4  [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
07:50:43.0862 0x19d4  LSI_SAS - ok
07:50:43.0886 0x19d4  [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
07:50:43.0890 0x19d4  LSI_SCSI - ok
07:50:43.0916 0x19d4  [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv           C:\Windows\system32\drivers\luafv.sys
07:50:43.0921 0x19d4  luafv - ok
07:50:43.0977 0x19d4  [ 0DB7527DB188C7D967A37BB51BBF3963, 3812E26626EC49BE61B0B8DA5FE6E838C0FEF8A08363C239F64E6CCA0BA949D5 ] MBAMSwissArmy   C:\Windows\system32\drivers\mbamswissarmy.sys
07:50:44.0003 0x19d4  MBAMSwissArmy - ok
07:50:44.0038 0x19d4  MCSTRM - ok
07:50:44.0078 0x19d4  [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
07:50:44.0082 0x19d4  Mcx2Svc - ok
07:50:44.0113 0x19d4  [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas         C:\Windows\system32\drivers\megasas.sys
07:50:44.0115 0x19d4  megasas - ok
07:50:44.0148 0x19d4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS           C:\Windows\system32\mmcss.dll
07:50:44.0152 0x19d4  MMCSS - ok
07:50:44.0177 0x19d4  [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem           C:\Windows\system32\drivers\modem.sys
07:50:44.0191 0x19d4  Modem - ok
07:50:44.0232 0x19d4  [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
07:50:44.0234 0x19d4  monitor - ok
07:50:44.0268 0x19d4  [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
07:50:44.0328 0x19d4  mouclass - ok
07:50:44.0376 0x19d4  [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
07:50:44.0390 0x19d4  mouhid - ok
07:50:44.0417 0x19d4  [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr        C:\Windows\system32\drivers\mountmgr.sys
07:50:44.0434 0x19d4  MountMgr - ok
07:50:44.0488 0x19d4  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
07:50:44.0497 0x19d4  MozillaMaintenance - ok
07:50:44.0547 0x19d4  [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio            C:\Windows\system32\drivers\mpio.sys
07:50:44.0555 0x19d4  mpio - ok
07:50:44.0618 0x19d4  [ A252ADB815E5186382D79E19DD7A486B, A3031877ED2BD7FDBF38F1D9524336666424D5D694D7EC4E7EBD644F19F08427 ] MPRIFL          C:\Windows\system32\DRIVERS\MPRIFL.SYS
07:50:44.0627 0x19d4  MPRIFL - ok
07:50:44.0654 0x19d4  [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
07:50:44.0658 0x19d4  mpsdrv - ok
07:50:44.0721 0x19d4  [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc          C:\Windows\system32\mpssvc.dll
07:50:44.0737 0x19d4  MpsSvc - ok
07:50:44.0768 0x19d4  [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x        C:\Windows\system32\drivers\mraid35x.sys
07:50:44.0776 0x19d4  Mraid35x - ok
07:50:44.0806 0x19d4  [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
07:50:44.0814 0x19d4  MRxDAV - ok
07:50:44.0883 0x19d4  [ 5FE5CF325F5B02EBC60832D3440CB414, F3039AD1D890994D06F68DFF6B265B0109732A44C9924190FEC3479B279A1E6E ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
07:50:44.0888 0x19d4  mrxsmb - ok
07:50:44.0910 0x19d4  [ 30B9C769446AF379A2AFB72B0392604D, D98DA01AE03C93F2E0A8F3EB5CD44BC92699F0353AB04DBE73E4CADEB4710A02 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
07:50:44.0920 0x19d4  mrxsmb10 - ok
07:50:44.0928 0x19d4  [ FEA239B3EC4877E2B7E23204AF589DDF, 94610722161880D4AC7C6B17823860C4B3A576AC4B6D21456F585EE2E970B6F6 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
07:50:44.0933 0x19d4  mrxsmb20 - ok
07:50:44.0950 0x19d4  [ 2681302B63B318CBEA6C82902AC5428C, B3E243E8582AE92568231C197FC1CB2BA60EDDCBCAA7F404C4012D2A803B7A8E ] msahci          C:\Windows\system32\drivers\msahci.sys
07:50:44.0952 0x19d4  msahci - ok
07:50:44.0984 0x19d4  [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm           C:\Windows\system32\drivers\msdsm.sys
07:50:44.0989 0x19d4  msdsm - ok
07:50:45.0034 0x19d4  [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC           C:\Windows\System32\msdtc.exe
07:50:45.0041 0x19d4  MSDTC - ok
07:50:45.0074 0x19d4  [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
07:50:45.0077 0x19d4  Msfs - ok
07:50:45.0101 0x19d4  [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
07:50:45.0103 0x19d4  msisadrv - ok
07:50:45.0135 0x19d4  [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
07:50:45.0142 0x19d4  MSiSCSI - ok
07:50:45.0147 0x19d4  msiserver - ok
07:50:45.0181 0x19d4  [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
07:50:45.0183 0x19d4  MSKSSRV - ok
07:50:45.0206 0x19d4  [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
07:50:45.0207 0x19d4  MSPCLOCK - ok
07:50:45.0230 0x19d4  [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
07:50:45.0232 0x19d4  MSPQM - ok
07:50:45.0300 0x19d4  [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
07:50:45.0309 0x19d4  MsRPC - ok
07:50:45.0339 0x19d4  [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
07:50:45.0341 0x19d4  mssmbios - ok
07:50:45.0363 0x19d4  MSSQL$BWDATOOLSET - ok
07:50:45.0446 0x19d4  [ C06EA83F6FC2959E897C117255B6B1D5, 012C6E5AA61BAAED47CB0E59E2F3E6E87941F555C5581ECAC7DF1051795AF681 ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
07:50:45.0449 0x19d4  MSSQLServerADHelper - ok
07:50:45.0486 0x19d4  [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
07:50:45.0487 0x19d4  MSTEE - ok
07:50:45.0494 0x19d4  [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup             C:\Windows\system32\Drivers\mup.sys
07:50:45.0497 0x19d4  Mup - ok
07:50:45.0562 0x19d4  [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent        C:\Windows\system32\qagentRT.dll
07:50:45.0577 0x19d4  napagent - ok
07:50:45.0677 0x19d4  [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
07:50:45.0683 0x19d4  NativeWifiP - ok
07:50:45.0727 0x19d4  [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS            C:\Windows\system32\drivers\ndis.sys
07:50:45.0747 0x19d4  NDIS - ok
07:50:45.0796 0x19d4  [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
07:50:45.0799 0x19d4  NdisTapi - ok
07:50:45.0826 0x19d4  [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
07:50:45.0827 0x19d4  Ndisuio - ok
07:50:45.0863 0x19d4  [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
07:50:45.0868 0x19d4  NdisWan - ok
07:50:45.0890 0x19d4  [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
07:50:45.0894 0x19d4  NDProxy - ok
07:50:45.0909 0x19d4  [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
07:50:45.0911 0x19d4  NetBIOS - ok
07:50:45.0950 0x19d4  [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt           C:\Windows\system32\DRIVERS\netbt.sys
07:50:45.0964 0x19d4  netbt - ok
07:50:45.0970 0x19d4  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] Netlogon        C:\Windows\system32\lsass.exe
07:50:45.0973 0x19d4  Netlogon - ok
07:50:46.0039 0x19d4  [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman          C:\Windows\System32\netman.dll
07:50:46.0052 0x19d4  Netman - ok
07:50:46.0078 0x19d4  [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm        C:\Windows\System32\netprofm.dll
07:50:46.0090 0x19d4  netprofm - ok
07:50:46.0236 0x19d4  [ 4D531DB50BBE43DACFF57ED20E25BE7F, FC71CB8708B03825DD8F3FE739538E695478C6818FC382A836F61AE0BED15B41 ] netr28u         C:\Windows\system32\DRIVERS\netr28u.sys
07:50:46.0336 0x19d4  netr28u - ok
07:50:46.0411 0x19d4  [ D6C4E4A39A36029AC0813D476FBD0248, A0907D98580D1CD3007365CBBB53E84BEF39001E05912776F68EB0564B54B6EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
07:50:46.0417 0x19d4  NetTcpPortSharing - ok
07:50:46.0456 0x19d4  [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
07:50:46.0458 0x19d4  nfrd960 - ok
07:50:46.0534 0x19d4  [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc          C:\Windows\System32\nlasvc.dll
07:50:46.0542 0x19d4  NlaSvc - ok
07:50:46.0568 0x19d4  [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
07:50:46.0571 0x19d4  Npfs - ok
07:50:46.0585 0x19d4  [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi             C:\Windows\system32\nsisvc.dll
07:50:46.0589 0x19d4  nsi - ok
07:50:46.0608 0x19d4  [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
07:50:46.0609 0x19d4  nsiproxy - ok
07:50:46.0681 0x19d4  [ 6A4A98CEE84CF9E99564510DDA4BAA47, 18C3D8C0F12761D3B7FC43D9413CF4C4CEBF8CA9BEC521381F40D241B35EA779 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
07:50:46.0718 0x19d4  Ntfs - ok
07:50:46.0741 0x19d4  [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi       C:\Windows\system32\drivers\ntrigdigi.sys
07:50:46.0743 0x19d4  ntrigdigi - ok
07:50:46.0784 0x19d4  nTuneService - ok
07:50:46.0790 0x19d4  [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null            C:\Windows\system32\drivers\Null.sys
07:50:46.0792 0x19d4  Null - ok
07:50:46.0853 0x19d4  [ 1657F3FBD9061526C14FF37E79306F98, 8A3378E7A3D3314380EC76D21542B9A8A7AB0191338729B830AB6BEF786297BC ] NVENETFD        C:\Windows\system32\DRIVERS\nvm60x32.sys
07:50:46.0868 0x19d4  NVENETFD - ok
07:50:46.0952 0x19d4  [ 77F9F9A199B87FE3F852E12F5419240B, BE9C05F2AC12BB41EC71A596039F2116E5A0F454D32E5A618112296721001473 ] NVHDA           C:\Windows\system32\drivers\nvhda32v.sys
07:50:46.0959 0x19d4  NVHDA - ok
07:50:47.0446 0x19d4  [ 0A1B502CBC8230DA74BEFBAADDB58916, 14BDE0A5829D1CC7E93B60676243DD0641D5FA08CE46936450CD3A67F94EA560 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
07:50:47.0936 0x19d4  nvlddmkm - ok
07:50:48.0070 0x19d4  [ 812F257ED1CD53FCB1F9F9CC910F4809, 253979B87378397566B4594283086DF0E541D838A29D540D93091F41438BD160 ] NVR0Dev         C:\Windows\nvoclock.sys
07:50:48.0072 0x19d4  NVR0Dev - ok
07:50:48.0100 0x19d4  [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid          C:\Windows\system32\drivers\nvraid.sys
07:50:48.0105 0x19d4  nvraid - ok
07:50:48.0151 0x19d4  [ 049E81B6FB41C73619ED3FE4DF7D8638, A31AF5271A36356148BF60952C40584652A1F4B8A06B027E9C3E7E4BEFFC3A8B ] nvrd32          C:\Windows\system32\drivers\nvrd32.sys
07:50:48.0156 0x19d4  nvrd32 - ok
07:50:48.0174 0x19d4  [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
07:50:48.0176 0x19d4  nvstor - ok
07:50:48.0203 0x19d4  [ 7EBA6C9A0A295B1559EFB9062E701218, AB890B1CE155ABA6E633B9A4D422BFF42322D1CB067C237A926F36C8A5ADC8A2 ] nvstor32        C:\Windows\system32\drivers\nvstor32.sys
07:50:48.0207 0x19d4  nvstor32 - ok
07:50:48.0294 0x19d4  [ EB5A13F9139F20AD71ADF4BF79C3AA29, D473E03B3B69AC0A35FF1CD8B85C088DCCCBAA5DA52C18737B6AC873EF1F1BC7 ] NVSvc           C:\Windows\system32\nvvsvc.exe
07:50:48.0319 0x19d4  NVSvc - ok
07:50:48.0435 0x19d4  [ 0629259E3AF6BB0534FCECA208973404, E5DDA62D5D21D5D11A711BBFC5B839B59E336997C0C9A32A0B04AC9FBB6472D4 ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
07:50:48.0479 0x19d4  nvUpdatusService - ok
07:50:48.0521 0x19d4  [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
07:50:48.0528 0x19d4  nv_agp - ok
07:50:48.0541 0x19d4  NwlnkFlt - ok
07:50:48.0546 0x19d4  NwlnkFwd - ok
07:50:48.0631 0x19d4  [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv          C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
07:50:48.0648 0x19d4  odserv - ok
07:50:48.0715 0x19d4  [ 6F310E890D46E246E0E261A63D9B36B4, 7050B0C43CC0DF2DDAD3EB8D2FF9EEE425A627C68654CBB154D55A4B1A47AA08 ] ohci1394        C:\Windows\system32\DRIVERS\ohci1394.sys
07:50:48.0718 0x19d4  ohci1394 - ok
07:50:48.0764 0x19d4  [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
07:50:48.0770 0x19d4  ose - ok
07:50:48.0817 0x19d4  [ 720204068066A2E25B53045FE34670BB, B45D0A425F56947A6780AD018BB3F4867C24F364F6A6A710F57743767FFBD23C ] ossrv           C:\Windows\system32\drivers\ctoss2k.sys
07:50:48.0823 0x19d4  ossrv - ok
07:50:48.0918 0x19d4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc        C:\Windows\system32\p2psvc.dll
07:50:48.0948 0x19d4  p2pimsvc - ok
07:50:48.0984 0x19d4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc          C:\Windows\system32\p2psvc.dll
07:50:49.0005 0x19d4  p2psvc - ok
07:50:49.0031 0x19d4  [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport         C:\Windows\system32\drivers\parport.sys
07:50:49.0036 0x19d4  Parport - ok
07:50:49.0071 0x19d4  [ 57389FA59A36D96B3EB09D0CB91E9CDC, 05A3E2B155789990517CCFDC57FC3D1E9A596E4F31D86350B8BF0C043DE5EE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
07:50:49.0074 0x19d4  partmgr - ok
07:50:49.0095 0x19d4  [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
07:50:49.0096 0x19d4  Parvdm - ok
07:50:49.0130 0x19d4  [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc          C:\Windows\System32\pcasvc.dll
07:50:49.0135 0x19d4  PcaSvc - ok
07:50:49.0190 0x19d4  [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci             C:\Windows\system32\drivers\pci.sys
07:50:49.0197 0x19d4  pci - ok
07:50:49.0204 0x19d4  [ 1636D43F10416AEB483BC6001097B26C, 36E61A993693A46538FE0F726D67BB28886F61D53384AD600D1282296A27662E ] pciide          C:\Windows\system32\drivers\pciide.sys
07:50:49.0206 0x19d4  pciide - ok
07:50:49.0239 0x19d4  [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
07:50:49.0245 0x19d4  pcmcia - ok
07:50:49.0398 0x19d4  [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
07:50:49.0446 0x19d4  PEAUTH - ok
07:50:49.0742 0x19d4  [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla             C:\Windows\system32\pla.dll
07:50:49.0800 0x19d4  pla - ok
07:50:49.0874 0x19d4  [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
07:50:49.0890 0x19d4  PlugPlay - ok
07:50:49.0970 0x19d4  [ A1DD33D16F277CE34124EE52AB2C0F14, DB5215409D0B6C378567A6399C0170226CB1E2FE74D96B16C97A761D487C613F ] PnkBstrA        C:\Windows\system32\PnkBstrA.exe
07:50:49.0977 0x19d4  PnkBstrA - ok
07:50:49.0995 0x19d4  [ 27F1BE4A53441C9F1F48B9ADC145B0A5, 8E2A136C508FE5C602BB9140462541A3882E751983DA56498B5EFA3777E68D99 ] PnkBstrB        C:\Windows\system32\PnkBstrB.exe
07:50:50.0007 0x19d4  PnkBstrB - ok
07:50:50.0048 0x19d4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg     C:\Windows\system32\p2psvc.dll
07:50:50.0077 0x19d4  PNRPAutoReg - ok
07:50:50.0112 0x19d4  [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc         C:\Windows\system32\p2psvc.dll
07:50:50.0136 0x19d4  PNRPsvc - ok
07:50:50.0179 0x19d4  [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
07:50:50.0194 0x19d4  PolicyAgent - ok
07:50:50.0225 0x19d4  [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
07:50:50.0229 0x19d4  PptpMiniport - ok
07:50:50.0267 0x19d4  [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor       C:\Windows\system32\drivers\processr.sys
07:50:50.0273 0x19d4  Processor - ok
07:50:50.0316 0x19d4  [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc         C:\Windows\system32\profsvc.dll
07:50:50.0325 0x19d4  ProfSvc - ok
07:50:50.0356 0x19d4  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] ProtectedStorage C:\Windows\system32\lsass.exe
07:50:50.0361 0x19d4  ProtectedStorage - ok
07:50:50.0442 0x19d4  [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched          C:\Windows\system32\DRIVERS\pacer.sys
07:50:50.0445 0x19d4  PSched - ok
07:50:50.0468 0x19d4  [ FEFFCFDC528764A04C8ED63D5FA6E711, BECC9174DA5860FCF011957CB6A12DE5074A770DC14076C0C94E63AD42ECF19E ] PxHelp20        C:\Windows\system32\Drivers\PxHelp20.sys
07:50:50.0471 0x19d4  PxHelp20 - ok
07:50:50.0535 0x19d4  [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300          C:\Windows\system32\drivers\ql2300.sys
07:50:50.0587 0x19d4  ql2300 - ok
07:50:50.0650 0x19d4  [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
07:50:50.0656 0x19d4  ql40xx - ok
07:50:50.0723 0x19d4  [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE           C:\Windows\system32\qwave.dll
07:50:50.0743 0x19d4  QWAVE - ok
07:50:50.0780 0x19d4  [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
07:50:50.0783 0x19d4  QWAVEdrv - ok
07:50:50.0925 0x19d4  [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300            C:\Windows\system32\DRIVERS\atikmdag.sys
07:50:51.0013 0x19d4  R300 - ok
07:50:51.0146 0x19d4  [ 37C3272E58976598BEF1CDF321019209, 1DCADE8B172A7E87E932573157666BC43E8296544E73E2BB0D0F0A6A9485A249 ] RalinkRegistryWriter C:\Program Files\NETGEAR\WNDA4100\Service\RaRegistry.exe
07:50:51.0161 0x19d4  RalinkRegistryWriter - ok
07:50:51.0179 0x19d4  [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
07:50:51.0181 0x19d4  RasAcd - ok
07:50:51.0212 0x19d4  [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto         C:\Windows\System32\rasauto.dll
07:50:51.0221 0x19d4  RasAuto - ok
07:50:51.0256 0x19d4  [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
07:50:51.0265 0x19d4  Rasl2tp - ok
07:50:51.0358 0x19d4  [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan          C:\Windows\System32\rasmans.dll
07:50:51.0374 0x19d4  RasMan - ok
07:50:51.0422 0x19d4  [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
07:50:51.0425 0x19d4  RasPppoe - ok
07:50:51.0466 0x19d4  [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
07:50:51.0470 0x19d4  RasSstp - ok
07:50:51.0551 0x19d4  [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
07:50:51.0560 0x19d4  rdbss - ok
07:50:51.0594 0x19d4  [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
07:50:51.0610 0x19d4  RDPCDD - ok
07:50:51.0683 0x19d4  [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr           C:\Windows\system32\drivers\rdpdr.sys
07:50:51.0741 0x19d4  rdpdr - ok
07:50:51.0782 0x19d4  [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
07:50:51.0826 0x19d4  RDPENCDD - ok
07:50:51.0939 0x19d4  [ 30BFBDFB7F95559EDE971F9DDB9A00BA, 1BDD3FD0ABCF5EA2C4D2618E76AC782894E5A7132700BA4C4226E1F9C7CE547B ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
07:50:51.0961 0x19d4  RDPWD - ok
07:50:51.0993 0x19d4  [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess    C:\Windows\System32\mprdim.dll
07:50:52.0007 0x19d4  RemoteAccess - ok
07:50:52.0040 0x19d4  [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
07:50:52.0047 0x19d4  RemoteRegistry - ok
07:50:52.0158 0x19d4  [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9     C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
07:50:52.0192 0x19d4  RoxMediaDB9 - ok
07:50:52.0251 0x19d4  [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9       C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
07:50:52.0299 0x19d4  RoxWatch9 - ok
07:50:52.0352 0x19d4  [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator      C:\Windows\system32\locator.exe
07:50:52.0356 0x19d4  RpcLocator - ok
07:50:52.0414 0x19d4  [ 2FD53BB60438AD6EEA8EF26D05C28FCF, D72B6B91F078A06548F103357EDE8FD95DB50BC76B907364C9A2B5B9BF0AAD7C ] RpcSs           C:\Windows\system32\rpcss.dll
07:50:52.0453 0x19d4  RpcSs - ok
07:50:52.0492 0x19d4  [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
07:50:52.0496 0x19d4  rspndr - ok
07:50:52.0503 0x19d4  [ 3978F3540329E16C0AC3BCF677E5669F, 2CC9F1C9D9E33F8A0DA72490D74BED9E746FB142EDF78DE2F2A33A34B76D9868 ] SamSs           C:\Windows\system32\lsass.exe
07:50:52.0507 0x19d4  SamSs - ok
07:50:52.0562 0x19d4  [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
07:50:52.0567 0x19d4  sbp2port - ok
07:50:52.0618 0x19d4  [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
07:50:52.0625 0x19d4  SCardSvr - ok
07:50:52.0689 0x19d4  [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule        C:\Windows\system32\schedsvc.dll
07:50:52.0714 0x19d4  Schedule - ok
07:50:52.0763 0x19d4  [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc     C:\Windows\System32\certprop.dll
07:50:52.0765 0x19d4  SCPolicySvc - ok
07:50:52.0791 0x19d4  [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
07:50:52.0798 0x19d4  SDRSVC - ok
07:50:52.0815 0x19d4  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
07:50:52.0818 0x19d4  secdrv - ok
07:50:52.0843 0x19d4  [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon        C:\Windows\system32\seclogon.dll
07:50:52.0848 0x19d4  seclogon - ok
07:50:52.0908 0x19d4  [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS            C:\Windows\system32\sens.dll
07:50:52.0921 0x19d4  SENS - ok
07:50:52.0938 0x19d4  [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum         C:\Windows\system32\drivers\serenum.sys
07:50:52.0940 0x19d4  Serenum - ok
07:50:52.0994 0x19d4  [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial          C:\Windows\system32\drivers\serial.sys
07:50:53.0013 0x19d4  Serial - ok
07:50:53.0058 0x19d4  [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
07:50:53.0060 0x19d4  sermouse - ok
07:50:53.0101 0x19d4  [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv      C:\Windows\system32\sessenv.dll
07:50:53.0109 0x19d4  SessionEnv - ok
07:50:53.0127 0x19d4  [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
07:50:53.0129 0x19d4  sffdisk - ok
07:50:53.0141 0x19d4  [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
07:50:53.0144 0x19d4  sffp_mmc - ok
07:50:53.0156 0x19d4  [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
07:50:53.0158 0x19d4  sffp_sd - ok
07:50:53.0171 0x19d4  [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
07:50:53.0173 0x19d4  sfloppy - ok
07:50:53.0211 0x19d4  [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
07:50:53.0222 0x19d4  SharedAccess - ok
07:50:53.0255 0x19d4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
07:50:53.0321 0x19d4  ShellHWDetection - ok
07:50:53.0397 0x19d4  [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp          C:\Windows\system32\drivers\sisagp.sys
07:50:53.0399 0x19d4  sisagp - ok
07:50:53.0465 0x19d4  [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2        C:\Windows\system32\drivers\sisraid2.sys
07:50:53.0467 0x19d4  SiSRaid2 - ok
07:50:53.0511 0x19d4  [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
07:50:53.0515 0x19d4  SiSRaid4 - ok
07:50:53.0618 0x19d4  [ 8C4F0DCC6A5100D48F9B2F950CDD220F, 7B66C259BEBFEA527BFEC2B69E8224EE2277CB736EF9E0F5A92C932657EC8351 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
07:50:53.0625 0x19d4  SkypeUpdate - ok
07:50:53.0833 0x19d4  [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc           C:\Windows\system32\SLsvc.exe
07:50:53.0955 0x19d4  slsvc - ok
07:50:54.0022 0x19d4  [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify      C:\Windows\system32\SLUINotify.dll
07:50:54.0038 0x19d4  SLUINotify - ok
07:50:54.0074 0x19d4  [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb             C:\Windows\system32\DRIVERS\smb.sys
07:50:54.0079 0x19d4  Smb - ok
07:50:54.0109 0x19d4  [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
07:50:54.0114 0x19d4  SNMPTRAP - ok
07:50:54.0135 0x19d4  [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr           C:\Windows\system32\drivers\spldr.sys
07:50:54.0183 0x19d4  spldr - ok
07:50:54.0221 0x19d4  [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler         C:\Windows\System32\spoolsv.exe
07:50:54.0230 0x19d4  Spooler - ok
07:50:54.0348 0x19d4  [ B2EC3E1DEAC5F0A764BD3486D213A0AF, 77597D6AF90BF0FD50AF7271C800D84BE69E288760116B7A252FB8B068614A52 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
07:50:54.0359 0x19d4  SQLBrowser - ok
07:50:54.0372 0x19d4  SQLWriter - ok
07:50:54.0469 0x19d4  [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv             C:\Windows\system32\DRIVERS\srv.sys
07:50:54.0488 0x19d4  srv - ok
07:50:54.0514 0x19d4  [ A5940CA32ED206F90BE9FABDF6E92DE4, 3FA6120BE2380F85C0A7DCAA3D7D158494AA4C5B6587EF9F4135FE9B644B6029 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
07:50:54.0524 0x19d4  srv2 - ok
07:50:54.0590 0x19d4  [ 37AA1D560D5FA486C4B11C2F276ADA61, 53A54A45FE40E82F7BE481EFE5A8B14A5540398946B87AC0B1AB0F8253E2F1D8 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
07:50:54.0598 0x19d4  srvnet - ok
07:50:54.0677 0x19d4  [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
07:50:54.0692 0x19d4  SSDPSRV - ok
07:50:54.0730 0x19d4  [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc         C:\Windows\system32\sstpsvc.dll
07:50:54.0739 0x19d4  SstpSvc - ok
07:50:54.0848 0x19d4  [ F0359F7CE712D69ACEF0886BDB4792ED, 0E638A3F56B1C431A472469E2F47DABD0ABE1CC043FD1673B4CA6E984FE980CF ] Stereo Service  C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
07:50:54.0895 0x19d4  Stereo Service - ok
07:50:54.0987 0x19d4  [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc          C:\Windows\System32\wiaservc.dll
07:50:55.0014 0x19d4  stisvc - ok
07:50:55.0076 0x19d4  [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr        C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
07:50:55.0100 0x19d4  stllssvr - ok
07:50:55.0137 0x19d4  [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
07:50:55.0139 0x19d4  swenum - ok
07:50:55.0214 0x19d4  [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv           C:\Windows\System32\swprv.dll
07:50:55.0228 0x19d4  swprv - ok
07:50:55.0252 0x19d4  [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx         C:\Windows\system32\drivers\symc8xx.sys
07:50:55.0254 0x19d4  Symc8xx - ok
07:50:55.0270 0x19d4  [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi          C:\Windows\system32\drivers\sym_hi.sys
07:50:55.0272 0x19d4  Sym_hi - ok
07:50:55.0304 0x19d4  [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3          C:\Windows\system32\drivers\sym_u3.sys
07:50:55.0310 0x19d4  Sym_u3 - ok
07:50:55.0369 0x19d4  [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain         C:\Windows\system32\sysmain.dll
07:50:55.0393 0x19d4  SysMain - ok
07:50:55.0423 0x19d4  [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
07:50:55.0429 0x19d4  TabletInputService - ok
07:50:55.0477 0x19d4  [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv         C:\Windows\System32\tapisrv.dll
07:50:55.0489 0x19d4  TapiSrv - ok
07:50:55.0542 0x19d4  [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS             C:\Windows\System32\tbssvc.dll
07:50:55.0549 0x19d4  TBS - ok
07:50:55.0622 0x19d4  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
07:50:55.0654 0x19d4  Tcpip - ok
07:50:55.0693 0x19d4  [ A474879AFA4A596B3A531F3E69730DBF, 54D6810BC6A4C50D1E5F081E2499C7A409C9A0E3D03B5B12782457635BDA8A07 ] Tcpip6          C:\Windows\system32\DRIVERS\tcpip.sys
07:50:55.0719 0x19d4  Tcpip6 - ok
07:50:55.0779 0x19d4  [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
07:50:55.0782 0x19d4  tcpipreg - ok
07:50:55.0800 0x19d4  [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
07:50:55.0802 0x19d4  TDPIPE - ok
07:50:55.0819 0x19d4  [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
07:50:55.0822 0x19d4  TDTCP - ok
07:50:55.0849 0x19d4  [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
07:50:55.0853 0x19d4  tdx - ok
07:50:55.0867 0x19d4  [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
07:50:55.0870 0x19d4  TermDD - ok
07:50:55.0950 0x19d4  [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService     C:\Windows\System32\termsrv.dll
07:50:55.0969 0x19d4  TermService - ok
07:50:55.0988 0x19d4  [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes          C:\Windows\system32\shsvcs.dll
07:50:56.0000 0x19d4  Themes - ok
07:50:56.0013 0x19d4  [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER     C:\Windows\system32\mmcss.dll
07:50:56.0017 0x19d4  THREADORDER - ok
07:50:56.0028 0x19d4  [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks          C:\Windows\System32\trkwks.dll
07:50:56.0035 0x19d4  TrkWks - ok
07:50:56.0110 0x19d4  [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
07:50:56.0124 0x19d4  TrustedInstaller - ok
07:50:56.0182 0x19d4  [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
07:50:56.0184 0x19d4  tssecsrv - ok
07:50:56.0212 0x19d4  [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp           C:\Windows\system32\DRIVERS\tunmp.sys
07:50:56.0215 0x19d4  tunmp - ok
07:50:56.0289 0x19d4  [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
07:50:56.0295 0x19d4  tunnel - ok
07:50:56.0336 0x19d4  [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35          C:\Windows\system32\drivers\uagp35.sys
07:50:56.0339 0x19d4  uagp35 - ok
07:50:56.0405 0x19d4  [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
07:50:56.0413 0x19d4  udfs - ok
07:50:56.0470 0x19d4  [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
07:50:56.0476 0x19d4  UI0Detect - ok
07:50:56.0496 0x19d4  [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
07:50:56.0498 0x19d4  uliagpkx - ok
07:50:56.0544 0x19d4  [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci         C:\Windows\system32\drivers\uliahci.sys
07:50:56.0552 0x19d4  uliahci - ok
07:50:56.0601 0x19d4  [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata          C:\Windows\system32\drivers\ulsata.sys
07:50:56.0604 0x19d4  UlSata - ok
07:50:56.0634 0x19d4  [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2         C:\Windows\system32\drivers\ulsata2.sys
07:50:56.0638 0x19d4  ulsata2 - ok
07:50:56.0689 0x19d4  [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
07:50:56.0691 0x19d4  umbus - ok
07:50:56.0780 0x19d4  [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost        C:\Windows\System32\upnphost.dll
07:50:56.0793 0x19d4  upnphost - ok
07:50:56.0856 0x19d4  [ 6E421CCC57059B0186C6259CA3B6DFC9, E348BF23CCD6C14FD10C1689BBDC77E125245331F97BFE60D4C8FD9A8711CB59 ] USBAAPL         C:\Windows\system32\Drivers\usbaapl.sys
07:50:56.0859 0x19d4  USBAAPL - ok
07:50:56.0897 0x19d4  [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
07:50:56.0901 0x19d4  usbccgp - ok
07:50:56.0981 0x19d4  [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
07:50:56.0984 0x19d4  usbcir - ok
07:50:57.0027 0x19d4  [ 79E96C23A97CE7B8F14D310DA2DB0C9B, EB441D3B93965CD927E0C181031AD1082F59F9885BF35CABFDCA08C6C76B0DAF ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
07:50:57.0029 0x19d4  usbehci - ok
07:50:57.0081 0x19d4  [ 4673BBCB006AF60E7ABDDBE7A130BA42, 0B7DED0D887A3530AA5497FDBCB69389486FB9E2B6FAE3163E33713256D575BA ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
07:50:57.0088 0x19d4  usbhub - ok
07:50:57.0128 0x19d4  [ CE697FEE0D479290D89BEC80DFE793B7, D10F6BAD0467672CCE4F97C7F2E13437CE89AC754C895EAE05F0726B6DC617B1 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
07:50:57.0130 0x19d4  usbohci - ok
07:50:57.0174 0x19d4  [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
07:50:57.0177 0x19d4  usbprint - ok
07:50:57.0210 0x19d4  [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
07:50:57.0214 0x19d4  USBSTOR - ok
07:50:57.0268 0x19d4  [ 325DBBACB8A36AF9988CCF40EAC228CC, 22FE5658A12296634FBE9D8565485BEE8CB200C47182F70DC9D2B0442E10C4AA ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
07:50:57.0293 0x19d4  usbuhci - ok
07:50:57.0360 0x19d4  [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms           C:\Windows\System32\uxsms.dll
07:50:57.0371 0x19d4  UxSms - ok
07:50:57.0434 0x19d4  [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds             C:\Windows\System32\vds.exe
07:50:57.0454 0x19d4  vds - ok
07:50:57.0562 0x19d4  [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
07:50:57.0565 0x19d4  vga - ok
07:50:57.0616 0x19d4  [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave         C:\Windows\System32\drivers\vga.sys
07:50:57.0635 0x19d4  VgaSave - ok
07:50:57.0713 0x19d4  [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp          C:\Windows\system32\drivers\viaagp.sys
07:50:57.0749 0x19d4  viaagp - ok
07:50:57.0792 0x19d4  [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7           C:\Windows\system32\drivers\viac7.sys
07:50:57.0797 0x19d4  ViaC7 - ok
07:50:57.0848 0x19d4  [ 689547CE911998D1E0DA7A5992E025FC, F77F9732F2ACB7E227F692D582CD983C5B3AF3966204D5A6D6A580E3E2E3E084 ] viaide          C:\Windows\system32\drivers\viaide.sys
07:50:57.0863 0x19d4  viaide - ok
07:50:57.0885 0x19d4  [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
07:50:57.0924 0x19d4  volmgr - ok
07:50:57.0978 0x19d4  [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
07:50:57.0990 0x19d4  volmgrx - ok
07:50:58.0081 0x19d4  [ 147281C01FCB1DF9252DE2A10D5E7093, DF5DCF6FD472F21863DC10B62F7647420B9686607857D08286B618D585E50219 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
07:50:58.0114 0x19d4  volsnap - ok
07:50:58.0146 0x19d4  [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
07:50:58.0150 0x19d4  vsmraid - ok
07:50:58.0410 0x19d4  [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS             C:\Windows\system32\vssvc.exe
07:50:58.0451 0x19d4  VSS - ok
07:50:58.0796 0x19d4  [ 29CC39577CA273CA0E75FD562E66AE96, FA4A597CBFB918280C36EFBD11E73F9A2285C1A9B00913BDDDA546F3DCD310CF ] vToolbarUpdater18.0.5 C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.0.5\ToolbarUpdater.exe
07:50:58.0846 0x19d4  vToolbarUpdater18.0.5 - ok
07:50:58.0955 0x19d4  [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time         C:\Windows\system32\w32time.dll
07:50:58.0970 0x19d4  W32Time - ok
07:50:59.0039 0x19d4  [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
07:50:59.0042 0x19d4  WacomPen - ok
07:50:59.0063 0x19d4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp          C:\Windows\system32\DRIVERS\wanarp.sys
07:50:59.0066 0x19d4  Wanarp - ok
07:50:59.0073 0x19d4  [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
07:50:59.0076 0x19d4  Wanarpv6 - ok
07:50:59.0134 0x19d4  [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
07:50:59.0152 0x19d4  wcncsvc - ok
07:50:59.0178 0x19d4  [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
07:50:59.0184 0x19d4  WcsPlugInService - ok
07:50:59.0218 0x19d4  [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd              C:\Windows\system32\drivers\wd.sys
07:50:59.0220 0x19d4  Wd - ok
07:50:59.0277 0x19d4  [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
07:50:59.0331 0x19d4  Wdf01000 - ok
07:50:59.0402 0x19d4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost  C:\Windows\system32\wdi.dll
07:50:59.0409 0x19d4  WdiServiceHost - ok
07:50:59.0416 0x19d4  [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost   C:\Windows\system32\wdi.dll
07:50:59.0422 0x19d4  WdiSystemHost - ok
07:50:59.0482 0x19d4  [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient       C:\Windows\System32\webclnt.dll
07:50:59.0492 0x19d4  WebClient - ok
07:50:59.0561 0x19d4  [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
07:50:59.0570 0x19d4  Wecsvc - ok
07:50:59.0593 0x19d4  [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport   C:\Windows\System32\wercplsupport.dll
07:50:59.0599 0x19d4  wercplsupport - ok
07:50:59.0618 0x19d4  [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc          C:\Windows\System32\WerSvc.dll
07:50:59.0627 0x19d4  WerSvc - ok
07:50:59.0633 0x19d4  WinHttpAutoProxySvc - ok
07:50:59.0675 0x19d4  [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
07:50:59.0680 0x19d4  Winmgmt - ok
07:50:59.0755 0x19d4  [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM           C:\Windows\system32\WsmSvc.dll
07:50:59.0799 0x19d4  WinRM - ok
07:50:59.0860 0x19d4  [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc         C:\Windows\System32\wlansvc.dll
07:50:59.0903 0x19d4  Wlansvc - ok
07:50:59.0938 0x19d4  [ 17EAC0D023A65FA9B02114CC2BAACAD5, CD5856326959DA58B18E2AFD235552E25A410AC6F23F437E7708350833AD8657 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
07:50:59.0940 0x19d4  WmiAcpi - ok
07:50:59.0992 0x19d4  [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
07:50:59.0996 0x19d4  wmiApSrv - ok
07:51:00.0078 0x19d4  [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
07:51:00.0108 0x19d4  WMPNetworkSvc - ok
07:51:00.0155 0x19d4  [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
07:51:00.0165 0x19d4  WPCSvc - ok
07:51:00.0236 0x19d4  [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
07:51:00.0243 0x19d4  WPDBusEnum - ok
07:51:00.0277 0x19d4  [ DE9D36F91A4DF3D911626643DEBF11EA, 8029ECE76E29276BFB6ED3387AC560A9A779AAF683A4416E96334FAF7BDBADA0 ] WpdUsb          C:\Windows\system32\DRIVERS\wpdusb.sys
07:51:00.0279 0x19d4  WpdUsb - ok
07:51:00.0458 0x19d4  [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
07:51:00.0484 0x19d4  WPFFontCache_v0400 - ok
07:51:00.0528 0x19d4  [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
07:51:00.0556 0x19d4  ws2ifsl - ok
07:51:00.0601 0x19d4  [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc          C:\Windows\System32\wscsvc.dll
07:51:00.0609 0x19d4  wscsvc - ok
07:51:00.0615 0x19d4  WSearch - ok
07:51:00.0684 0x19d4  [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
07:51:00.0707 0x19d4  WUDFRd - ok
07:51:00.0771 0x19d4  [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
07:51:00.0777 0x19d4  wudfsvc - ok
07:51:00.0809 0x19d4  ================ Scan global ===============================
07:51:00.0842 0x19d4  [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
07:51:00.0933 0x19d4  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
07:51:00.0977 0x19d4  [ 40864DA48A14EBC68A0D6BFD08BA21EB, EF311D4A937ADE53216949CB2E690582883C30B70BFCB89F82433CA2FBF1E24E ] C:\Windows\system32\winsrv.dll
07:51:01.0036 0x19d4  [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
07:51:01.0051 0x19d4  [ Global ] - ok
07:51:01.0052 0x19d4  ================ Scan MBR ==================================
07:51:01.0065 0x19d4  [ 9C603BC3977968C891DE319283E1E7AF ] \Device\Harddisk0\DR0
07:51:01.0099 0x19d4  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Wistler.a ( 0 )
07:51:01.0099 0x19d4  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - infected
07:51:03.0663 0x19d4  Have new async UDS detects: 2
07:51:03.0665 0x19d4  DcomLaunch - detected UDS:DangerousObject.Multi.Generic ( 0 )
07:51:03.0763 0x19d4  Object is SCO, delete is not allowed
07:51:03.0763 0x19d4  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - infected
07:51:03.0763 0x19d4  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
07:51:06.0563 0x19d4  Object send P2P result: true
07:51:09.0157 0x19d4  RpcSs - detected UDS:DangerousObject.Multi.Generic ( 0 )
07:51:09.0157 0x19d4  Object is SCO, delete is not allowed
07:51:09.0157 0x19d4  RpcSs ( UDS:DangerousObject.Multi.Generic ) - infected
07:51:09.0157 0x19d4  Force sending object to P2P due to detect: C:\Windows\system32\rpcss.dll
07:51:12.0349 0x19d4  Object send P2P result: true
07:51:14.0909 0x19d4  [ 8CB37AFC263A219EBB7586F9C495114E ] \Device\Harddisk1\DR1
07:51:14.0915 0x19d4  \Device\Harddisk1\DR1 - ok
07:51:14.0915 0x19d4  ================ Scan VBR ==================================
07:51:14.0942 0x19d4  [ 16D6AE6594CD9DAB8E6FECBD2CC03739 ] \Device\Harddisk0\DR0\Partition1
07:51:14.0966 0x19d4  \Device\Harddisk0\DR0\Partition1 - ok
07:51:14.0982 0x19d4  [ AA062BA183D7977D46E43AA638135E06 ] \Device\Harddisk0\DR0\Partition2
07:51:15.0010 0x19d4  \Device\Harddisk0\DR0\Partition2 - ok
07:51:15.0014 0x19d4  [ 997FBDE733E965D0CCCCA4242DB488A0 ] \Device\Harddisk1\DR1\Partition1
07:51:15.0016 0x19d4  \Device\Harddisk1\DR1\Partition1 - ok
07:51:15.0042 0x19d4  AV detected via SS2: AVG AntiVirus Free Edition 2013, C:\Program Files\AVG\AVG2013\avgwsc.exe ( 13.0.0.3300 ), 0x41000 ( enabled : updated )
07:51:15.0049 0x19d4  Win FW state via NFP2: enabled
07:51:17.0602 0x19d4  ============================================================
07:51:17.0602 0x19d4  Scan finished
07:51:17.0602 0x19d4  ============================================================
07:51:17.0619 0x1c50  Detected object count: 3
07:51:17.0619 0x1c50  Actual detected object count: 3
07:51:25.0317 0x1c50  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - skipped by user
07:51:25.0318 0x1c50  \Device\Harddisk0\DR0 ( Rootkit.Boot.Wistler.a ) - User select action: Skip
07:51:25.0320 0x1c50  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - skipped by user
07:51:25.0320 0x1c50  DcomLaunch ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
07:51:25.0322 0x1c50  RpcSs ( UDS:DangerousObject.Multi.Generic ) - skipped by user
07:51:25.0322 0x1c50  RpcSs ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
07:51:27.0729 0x1958  Deinitialize success
 



#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 28 March 2014 - 08:33 AM

Combofix

Combofix should only be run when adviced by a team member!

Link


Important - Save the file to your desktop!


  • Deactivate any and all of your antivirus programs /spyware scanners - they can prevent CF from doing its work.
  • Run Combofix.exe


When finished, Combofix creates a log file named C:\Combofix.txt. Please post its content in your next reply.

Note: When receiving an error message containing ""Illegal operation attempted on a registry key that has been marked for deletion" simply restart your computer to fix this.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 28 March 2014 - 11:39 AM

I tried to run ComboFix three times, but every time it crashes and gives me the blue screen.  The message is BAD_POOL_HEADER, 0X00000019.

 

I have disabled/deactivated AVG, and ended the process in the Task Manager.  



#10 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 30 March 2014 - 08:57 PM

I was able to run ComboFix in Safe Mode, if that helps.  Here is the log:

 

ComboFix 14-03-24.01 - Dave 03/30/2014  20:31:17.2.4 - x86 NETWORK
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3325.2754 [GMT -5:00]
Running from: c:\users\Dave\Desktop\ComboFix.exe
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\users\Dave\AppData\Roaming\81760E
c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Internet Explorer.lnk
c:\users\Dave\Documents\~WRL0001.tmp
c:\windows\isRS-000.tmp
c:\windows\system32\uxt9511.tmp
c:\windows\system32\windrv.sys
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-28 to 2014-03-31  )))))))))))))))))))))))))))))))
.
.
2014-03-31 01:40 . 2014-03-31 01:40    --------    d-----w-    c:\users\Dave\AppData\Local\temp
2014-03-31 01:40 . 2014-03-31 01:40    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-03-31 01:40 . 2014-03-31 01:40    --------    d-----w-    c:\users\Public\AppData\Local\temp
2014-03-31 01:40 . 2014-03-31 01:40    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-03-31 01:40 . 2014-03-31 01:40    --------    d-----w-    c:\users\Dave2\AppData\Local\temp
2014-03-31 01:01 . 2014-03-31 01:06    --------    d-----w-    C:\AdwCleaner
2014-03-30 23:48 . 2014-03-30 23:48    --------    d-----w-    C:\Everything but FRST
2014-03-28 01:21 . 2014-03-28 01:21    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-03-27 00:51 . 2014-03-27 01:11    --------    d-----w-    c:\users\Dave\AppData\Local\CrashDumps
2014-03-26 23:30 . 2014-03-31 01:22    --------    d-----w-    c:\windows\system32\wbem\repository
2014-03-26 22:57 . 2014-03-26 23:33    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2014-03-26 22:54 . 2014-03-26 22:54    --------    d-----w-    C:\RegBackup
2014-03-26 22:52 . 2014-03-26 22:52    --------    d-----w-    c:\program files\Tweaking.com
2014-03-26 13:03 . 2014-03-30 23:48    --------    d-----w-    C:\FRST
2014-03-26 06:03 . 2014-03-26 06:15    69632    ----a-w-    c:\windows\system32\blzblk.exe
2014-03-26 05:27 . 2014-03-26 05:27    12872    ----a-w-    c:\windows\system32\bootdelete.exe
2014-03-26 05:15 . 2014-03-26 05:27    --------    d-----w-    c:\programdata\HitmanPro
2014-03-26 01:30 . 2014-03-26 01:30    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-08 14:57 . 2014-03-10 18:07    --------    d-----w-    c:\program files\RIFT
2014-03-03 00:41 . 2014-03-03 00:42    --------    d-----w-    c:\program files\Gloria Victis
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-20 23:58 . 2012-10-11 06:16    42272    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 02:01 . 2012-06-30 19:13    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 02:01 . 2012-06-30 19:13    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-01-15 106496]
"Spotify Web Helper"="c:\users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-15 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-10-26 184352]
"CTxfiHlp"="CTXFIHLP.EXE" [2009-02-19 24576]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" [2009-02-19 47104]
.
c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2009-1-5 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA4100 Genie.lnk - c:\program files\NETGEAR\WNDA4100\WNDA4100.EXE [2013-1-9 4989656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-04-28 00:13    10536    ----a-w-    c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 06:04    39792    ----a-w-    c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-14 00:51    59720    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 17:44    16384    ----a-w-    c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-02-29 04:18    17920    ----a-w-    c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flockbox]
2007-12-14 22:59    1071472    ----a-w-    c:\program files\My Lockbox\flockbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37    81920    ----a-w-    c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-10-01 07:23    152392    ----a-w-    c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
2012-02-23 18:30    59240    ----a-w-    c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 20:28    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 18:59    18705664    ----a-r-    c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-01-15 02:38    1171968    ----a-w-    c:\users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-06-21 17:20    185896    ----a-w-    c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1476140692-2942969376-4239267129-1000]
"EnableNotificationsRef"=dword:00000001
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ECACHE
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:30    1150280    ----a-w-    c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 02:01]
.
2014-03-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-28 03:17]
.
2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 01:24]
.
2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 01:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\xfw7x17s.default-1347322367210\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=012213&q=
.
- - - - ORPHANS REMOVED - - - -
.
MSConfigStartUp-RegistryMechanic - c:\program files\Registry Mechanic\RMTray.exe
AddRemove-Registry Mechanic_is1 - c:\program files\Registry Mechanic\unins000.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2014-03-30 20:40
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CTxfiHlp = CTXFIHLP.EXE?
.
scanning hidden files ...  
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
Completion time: 2014-03-30  20:44:30
ComboFix-quarantined-files.txt  2014-03-31 01:44
ComboFix2.txt  2009-08-30 19:56
.
Pre-Run: 156,592,021,504 bytes free
Post-Run: 157,309,362,176 bytes free
.
- - End Of File - - 5E7AB097D361F6EE1929928639F7373E
9C603BC3977968C891DE319283E1E7AF
 



#11 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 31 March 2014 - 03:11 AM

Combofix scripting

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Download the attached CFScript.txt and save it to the location where Combofix is saved to.


CFScriptB-4.gif


Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.

 

 

 

 

Full System Scan with Malwarebytes Antimalware
 

  • If not existing, please download Malwarebytes Anti-Malware to your desktop.
  • Double-click mb3-setup-1878.1878-3.5.1.2522.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.

If the program is already installed:

  • Run Malwarebytes Antimalware
  • On the Dashboard, click the 'Update Now >>' link
  • After the update completes, click the 'Scan Now >>' button.
  • Or, on the Dashboard, click the Scan Now >> button.
  • If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
  • In most cases, a restart will be required.
  • Wait for the prompt to restart the computer to appear, then click on Yes.

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

Attached Files


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#12 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 31 March 2014 - 09:03 PM

Thank you.  Here is the ComboFix Log:

 

ComboFix 14-03-24.01 - Dave 03/31/2014   8:00.2.4 - x86
Microsoft® Windows Vista™ Home Premium   6.0.6002.2.1252.1.1033.18.3325.2248 [GMT -5:00]
Running from: c:\users\Dave\Desktop\ComboFix.exe
Command switches used :: c:\users\Dave\Desktop\CFScript.txt
AV: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: AVG AntiVirus Free Edition 2013 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
file zipped: c:\windows\system32\blzblk.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-02-28 to 2014-03-31  )))))))))))))))))))))))))))))))
.
.
2014-03-31 13:10 . 2014-03-31 13:13    --------    d-----w-    c:\users\Dave\AppData\Local\temp
2014-03-31 13:10 . 2014-03-31 13:10    --------    d-----w-    c:\users\UpdatusUser\AppData\Local\temp
2014-03-31 13:10 . 2014-03-31 13:10    --------    d-----w-    c:\users\Public\AppData\Local\temp
2014-03-31 13:10 . 2014-03-31 13:10    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-03-31 13:10 . 2014-03-31 13:10    --------    d-----w-    c:\users\Dave2\AppData\Local\temp
2014-03-31 01:01 . 2014-03-31 01:06    --------    d-----w-    C:\AdwCleaner
2014-03-30 23:48 . 2014-03-30 23:48    --------    d-----w-    C:\Everything but FRST
2014-03-28 01:21 . 2014-03-28 01:21    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-03-27 00:51 . 2014-03-27 01:11    --------    d-----w-    c:\users\Dave\AppData\Local\CrashDumps
2014-03-26 23:30 . 2014-03-31 13:11    --------    d-----w-    c:\windows\system32\wbem\repository
2014-03-26 22:57 . 2014-03-26 23:33    181064    ----a-w-    c:\windows\PSEXESVC.EXE
2014-03-26 22:54 . 2014-03-26 22:54    --------    d-----w-    C:\RegBackup
2014-03-26 22:52 . 2014-03-26 22:52    --------    d-----w-    c:\program files\Tweaking.com
2014-03-26 13:03 . 2014-03-30 23:48    --------    d-----w-    C:\FRST
2014-03-26 06:03 . 2014-03-31 12:59    69632    ----a-w-    c:\windows\system32\blzblk.exe
2014-03-26 05:27 . 2014-03-26 05:27    12872    ----a-w-    c:\windows\system32\bootdelete.exe
2014-03-26 05:15 . 2014-03-26 05:27    --------    d-----w-    c:\programdata\HitmanPro
2014-03-26 01:30 . 2014-03-26 01:30    40776    ----a-w-    c:\windows\system32\drivers\mbamswissarmy.sys
2014-03-08 14:57 . 2014-03-10 18:07    --------    d-----w-    c:\program files\RIFT
2014-03-03 00:41 . 2014-03-03 00:42    --------    d-----w-    c:\program files\Gloria Victis
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-20 23:58 . 2012-10-11 06:16    42272    ----a-w-    c:\windows\system32\drivers\avgtpx86.sys
2014-03-12 02:01 . 2012-06-30 19:13    71048    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-03-12 02:01 . 2012-06-30 19:13    692616    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NVIDIA nTune"="c:\program files\NVIDIA Corporation\nTune\nTuneCmd.exe" [2008-01-15 106496]
"Spotify Web Helper"="c:\users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-01-15 1171968]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VolPanel"="c:\program files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" [2007-04-17 184320]
"NVRaidService"="c:\windows\system32\nvraidservice.exe" [2007-10-26 184352]
"CTxfiHlp"="CTXFIHLP.EXE" [2009-02-19 24576]
"AVG_UI"="c:\program files\AVG\AVG2013\avgui.exe" [2013-11-20 4411952]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CtxfiReg"="CTXFIREG.exe" [2009-02-19 47104]
.
c:\users\Dave\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote Table Of Contents.onetoc2 [2009-1-5 3656]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
NETGEAR WNDA4100 Genie.lnk - c:\program files\NETGEAR\WNDA4100\WNDA4100.EXE [2013-1-9 4989656]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\GoToAssist]
2008-04-28 00:13    10536    ----a-w-    c:\program files\Citrix\GoToAssist\514\g2awinlogon.dll
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKLM\~\startupfolder\C:^Users^Dave^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk]
backup=c:\windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
backupExtension=.Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
2008-10-15 06:04    39792    ----a-w-    c:\program files\Adobe\Reader 8.0\Reader\reader_sl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2013-09-14 00:51    59720    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dscactivate]
2008-03-11 17:44    16384    ----a-w-    c:\program files\Dell Support Center\gs_agent\custom\dsca.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ECenter]
2008-02-29 04:18    17920    ----a-w-    c:\dell\E-Center\EULALauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\flockbox]
2007-12-14 22:59    1071472    ----a-w-    c:\program files\My Lockbox\flockbox.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2006-10-03 16:37    81920    ----a-w-    c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2013-10-01 07:23    152392    ----a-w-    c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileDocuments]
2012-02-23 18:30    59240    ----a-w-    c:\program files\Common Files\Apple\Internet Services\ubd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2011-10-24 20:28    421888    ----a-w-    c:\program files\QuickTime\QTTask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2013-01-08 18:59    18705664    ----a-r-    c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper]
2014-01-15 02:38    1171968    ----a-w-    c:\users\Dave\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
2008-06-21 17:20    185896    ----a-w-    c:\program files\Common Files\Real\Update_OB\realsched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"UpdReg"=c:\windows\UpdReg.EXE
"SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe"
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\S-1-5-21-1476140692-2942969376-4239267129-1000]
"EnableNotificationsRef"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceAndNoImpersonation    REG_MULTI_SZ       FontCache
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-03-15 19:30    1150280    ----a-w-    c:\program files\Google\Chrome\Application\33.0.1750.154\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-03-31 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-30 02:01]
.
2014-03-30 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-04-28 03:17]
.
2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 01:24]
.
2014-03-31 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-05-27 01:24]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: real.com\rhap-app-4-0
Trusted Zone: real.com\rhapreg
TCP: DhcpNameServer = 192.168.1.254
FF - ProfilePath - c:\users\Dave\AppData\Roaming\Mozilla\Firefox\Profiles\xfw7x17s.default-1347322367210\
FF - prefs.js: browser.startup.homepage - www.google.com
FF - prefs.js: keyword.URL - hxxp://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=012213&q=
.
.
**************************************************************************
scanning hidden processes ...  
.
scanning hidden autostart entries ...
.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
  CTxfiHlp = CTXFIHLP.EXE?
.
scanning hidden files ...  
.
scan completed successfully
hidden files:
.
**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
c:\program files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\AVG\AVG2013\avgwdsvc.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\NVIDIA Corporation\nTune\nTuneService.exe
c:\windows\system32\PnkBstrA.exe
c:\windows\system32\PnkBstrB.exe
c:\program files\NETGEAR\WNDA4100\Service\RaRegistry.exe
c:\windows\system32\WUDFHost.exe
c:\program files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\SYSTEM32\CTXFISPI.EXE
c:\program files\Windows Media Player\wmpnscfg.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\System32\wbem\unsecapp.exe
c:\program files\AVG\AVG2013\avgcfgex.exe
.
**************************************************************************
.
Completion time: 2014-03-31  08:21:05 - machine was rebooted
ComboFix-quarantined-files.txt  2014-03-31 13:21
ComboFix2.txt  2014-03-31 01:44
ComboFix3.txt  2009-08-30 19:56
.
Pre-Run: 157,287,792,640 bytes free
Post-Run: 157,323,051,008 bytes free
.
- - End Of File - - F8850EA75245ECECC254831F461DE951
9C603BC3977968C891DE319283E1E7AF
 

 

============================================================================================================

 

Here is the Malwarebytes log:

 

Malwarebytes Anti-Malware (Trial) 1.75.0.1300
www.malwarebytes.org

Database version: v2014.03.31.05

Windows Vista Service Pack 2 x86 NTFS
Internet Explorer 9.0.8112.16421
Dave :: DAVE-PC [administrator]

Protection: Enabled

3/31/2014 8:27:00 AM
mbam-log-2014-03-31 (08-27-00).txt

Scan type: Full scan (C:\|D:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 493279
Time elapsed: 2 hour(s), 26 minute(s), 3 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)
 



#13 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 01 April 2014 - 02:54 AM

Please upload c:\windows\system32\blzblk.exe here: http://www.bleepingcomputer.com/submit-malware.php?channel=156


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#14 Birdhouse247

Birdhouse247
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:02:17 AM

Posted 01 April 2014 - 05:24 AM

Done.



#15 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:17 AM

Posted 01 April 2014 - 06:33 AM

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users