Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

How do i know if im infected with a rootkit?


  • Please log in to reply
4 replies to this topic

#1 hitom

hitom

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 05 August 2014 - 02:44 AM

Hi

Yesterday earlier i had to shut down my computer because it was frozen. After that i turned it on i was stuck in "system repair" section loop, i didnt try anything like to open command prompt or aynthing, i couldnt even get to the logging in part to my windows 7 account.  Then i decided to reinstall my OS then look up on the internet what may be causing it. So i did my research on what caused my computer not to boot up normally because i had faced the exact same thing about a year ago but it had never appeared again - until now. Then i saw that there is a new fresh rootkit thing called TDL4 i think, which creates this whole pile of mess and its kind of hard to remove for regular computer users. So i got to reinstalling my OS, everything seems to be fine right now everything is fast and cool, even i checked the partition window and i saw there is an "Unallocated space" of 1MB, but they said its fine because thats what i need for booting in with an install disc or something like that, but that still left me nervous about this because im not sure whether they were right about that unallocated space stuff because i read that the rootkit does the exact same thing with the exact same amount space (they said they need about 1 - 2MB), so right now everything is smooth and fine i have an unallocated space of exactly 1MB, but im still curious if that rootkit is still there, im probably sure that it is still there, because i know this type of thing will not disappear if i just reinstall the OS. So how do i know if its still lurking out there?


Edited by hitom, 05 August 2014 - 03:25 AM.


BC AdBot (Login to Remove)

 


m

#2 hitom

hitom
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 05 August 2014 - 03:17 AM

 i scanned my computer with a few tools (Kaspersky TDSSKiller, GMER, aswmbr) and here are the results:

 

 

Kaspersky TDSSKiller: Found nothing

 

 

 

GMER (quick scan):

 

GMER 2.1.19357 - http://www.gmer.net

Rootkit scan 2014-08-05 10:16:09
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HD250HJ rev.FH100-06 232.89GB
Running: obd8iyce.exe; Driver: C:\Users\Tom\AppData\Local\Temp\uwldipow.sys
 
 
---- Threads - GMER 2.1 ----
 
Thread  C:\Program Files\Windows Media Player\wmpnetwk.exe [200:2496]  000007fefb8b2ab8
Thread  C:\Windows\System32\svchost.exe [2548:2740]                    000007fef41b9688
Thread  C:\Windows\system32\mmc.exe [2112:2824]                        000007fef057472c
Thread  C:\Windows\system32\mmc.exe [2112:2768]                        000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:1112]                        000007fefb8b2ab8
Thread  C:\Windows\system32\mmc.exe [2112:588]                         000007fef1071748
Thread  C:\Windows\system32\mmc.exe [2112:1460]                        000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:1068]                        000007fef06c1cfc
Thread  C:\Windows\system32\mmc.exe [2112:632]                         000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:940]                         000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:1500]                        000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:1464]                        000007fef05a1564
Thread  C:\Windows\system32\mmc.exe [2112:1128]                        000007fef06b80ec
Thread  C:\Windows\system32\mmc.exe [2112:1780]                        000007feec3cbce8
 
---- EOF - GMER 2.1 ----
 
 
GMER (scanned C:\):
 
GMER 2.1.19357 - http://www.gmer.net
Rootkit scan 2014-08-05 10:29:09
Windows 6.1.7601 Service Pack 1 x64 \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3 SAMSUNG_HD250HJ rev.FH100-06 232.89GB
Running: obd8iyce.exe; Driver: C:\Users\Tom\AppData\Local\Temp\uwldipow.sys
 
 
---- Devices - GMER 2.1 ----
 
Device   \Driver\aswVmm \Device\AswVmm                                                                                                                                                          fffff880039a5750
Device   \Driver\aswMBR \Device\aswMBR                                                                                                                                                          fffff8800398c408
 
---- Threads - GMER 2.1 ----
 
Thread   C:\Program Files\Windows Media Player\wmpnetwk.exe [200:2496]                                                                                                                          000007fefb8b2ab8
Thread   C:\Windows\System32\svchost.exe [2548:2740]                                                                                                                                            000007fef41b9688
Thread   C:\Windows\system32\mmc.exe [2112:2824]                                                                                                                                                000007fef057472c
Thread   C:\Windows\system32\mmc.exe [2112:2768]                                                                                                                                                000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:1112]                                                                                                                                                000007fefb8b2ab8
Thread   C:\Windows\system32\mmc.exe [2112:588]                                                                                                                                                 000007fef1071748
Thread   C:\Windows\system32\mmc.exe [2112:1460]                                                                                                                                                000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:1068]                                                                                                                                                000007fef06c1cfc
Thread   C:\Windows\system32\mmc.exe [2112:632]                                                                                                                                                 000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:940]                                                                                                                                                 000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:1500]                                                                                                                                                000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:1464]                                                                                                                                                000007fef05a1564
Thread   C:\Windows\system32\mmc.exe [2112:1128]                                                                                                                                                000007fef06b80ec
Thread   C:\Windows\system32\mmc.exe [2112:1780]                                                                                                                                                000007feec3cbce8
---- Processes - GMER 2.1 ----
 
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{89EB00A2-2E5C-4EB0-9E8E-C90C77641ED1}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006cba0000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{489D43EB-6C1E-4AFA-9AE6-59542FDF8C02}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006cb70000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{79E58EAB-C447-4DFE-AC80-DE6925EEC91E}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006cb10000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{7832AEE8-7A08-4D1E-A128-D1AD65200D89}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006cad0000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{BDA919BD-0025-41C5-9CC3-DD8EB7869C69}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006ca30000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{A6E9DA86-D7AB-4F2E-904D-5176FEC5F129}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006c9d0000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{92E610FA-66B0-4620-9A02-A3101EEBFE5F}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006c9a0000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{D2C3147A-1C33-4F01-A8F4-CC0922DD47E2}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006c8f0000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{361D11C2-7DDB-4FFB-8F7E-953F63387C6C}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006c890000
Library  C:\Users\Tom\AppData\Local\Temp\{A94ED141-6078-4E55-BE29-997657BF6308}\{63CAD22E-EC07-48F3-93DA-A604806960C1}.tmp (*** suspicious ***) @ C:\Users\Tom\Downloads\tdsskiller.exe [2296]  000000006c840000
 
---- EOF - GMER 2.1 ----
 
 
 
 
 
aswmbr:
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-05 09:58:12
-----------------------------
09:58:12.150    OS Version: Windows x64 6.1.7601 Service Pack 1
09:58:12.150    Number of processors: 2 586 0x4303
09:58:12.152    ComputerName: TOM-PC  UserName: Tom
09:58:12.561    Initialize success
09:58:12.583    VM: initialized successfully
09:58:12.585    VM: Amd CPU virtualization not supported 
10:00:44.776    AVAST engine defs: 14080401
10:01:09.704    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP2T0L0-3
10:01:09.706    Disk 0 Vendor: SAMSUNG_HD250HJ FH100-06 Size: 238475MB BusType: 3
10:01:09.807    Disk 0 MBR read successfully
10:01:09.809    Disk 0 MBR scan
10:01:09.813    Disk 0 Windows 7 default MBR code
10:01:09.816    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       238472 MB offset 22
10:01:09.818    Disk 0 Boot: NTFS     code=2
10:01:09.842    Disk 0 scanning C:\Windows\system32\drivers
10:01:14.462    Service scanning
10:01:26.820    Modules scanning
10:01:26.826    Disk 0 trace - called modules:
10:01:26.836    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys PCIIDEX.SYS hal.dll atapi.sys 
10:01:26.840    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80033d15c0]
10:01:26.844    3 CLASSPNP.SYS[fffff8800165143f] -> nt!IofCallDriver -> [0xfffffa8002eb1520]
10:01:26.848    5 ACPI.sys[fffff88000ea17a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP2T0L0-3[0xfffffa8002eb0060]
10:01:26.853    Scan finished successfully
10:01:38.980    Disk 0 MBR has been saved successfully to "C:\Users\Tom\Desktop\MBR.dat"
10:01:39.015    The log file has been saved successfully to "C:\Users\Tom\Desktop\aswMBR.txt"
 
------------------------------------------------------------------------
 
 
I don't understand any of that stuff so please tell me if anything looks suspicious, thank you!

Edited by hitom, 05 August 2014 - 03:30 AM.


#3 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 05 August 2014 - 03:47 AM

G'day hitom, and :welcome: to BC.

 

The tools whose logs you have shown here are not allowed in the 'Am I Infected " forum, so I am not familiar with their content.

 

However...They do appear to be ok...nothing stands out to me.

 

You mentioned that you scanned with TDSS killer.

 

Do you have the log?

 

If so...copy and paste it to your next reply.

 

If you do not still have the log, please run the following scan First, and then rerun the TDSS scan

 

 

Please download and runRKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

 

Important: Do not reboot your computer until you complete the next step.

 

TDSS
Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 


#4 hitom

hitom
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:09:16 AM

Posted 05 August 2014 - 03:57 AM

G'day hitom, and :welcome: to BC.

 

The tools whose logs you have shown here are not allowed in the 'Am I Infected " forum, so I am not familiar with their content.

 

However...They do appear to be ok...nothing stands out to me.

 

You mentioned that you scanned with TDSS killer.

 

Do you have the log?

 

If so...copy and paste it to your next reply.

 

If you do not still have the log, please run the following scan First, and then rerun the TDSS scan

 

 

Please download and runRKill by Grinler.
 A black DOS box will appear for a short time and then disappear.
 This is normal and indicates the tool ran successfully.
 At most the tool will usually run for about 2 minutes
 Please Copy / Paste the small log back here.

 

Important: Do not reboot your computer until you complete the next step.

 

TDSS
Download TDSSKiller and save it to your desktop.
* Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.

Im sorry about pasting that code here didnt know about it my apologies, should i delete them?

 

RKill:

 

Rkill 2.6.7 by Lawrence Abrams (Grinler)

Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 08/05/2014 10:51:15 AM in x64 mode.
Windows Version: Windows 7 Ultimate Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * No issues found.
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * No issues found.
 
Program finished at: 08/05/2014 10:51:52 AM
Execution time: 0 hours(s), 0 minute(s), and 36 seconds(s)
 
 
---------------------
 
TDSSKiller:
 
 
10:53:58.0878 0x04c8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
10:54:00.0777 0x04c8  ============================================================
10:54:00.0777 0x04c8  Current date / time: 2014/08/05 10:54:00.0777
10:54:00.0777 0x04c8  SystemInfo:
10:54:00.0777 0x04c8  
10:54:00.0777 0x04c8  OS Version: 6.1.7601 ServicePack: 1.0
10:54:00.0777 0x04c8  Product type: Workstation
10:54:00.0777 0x04c8  ComputerName: TOM-PC
10:54:00.0777 0x04c8  UserName: Tom
10:54:00.0777 0x04c8  Windows directory: C:\Windows
10:54:00.0777 0x04c8  System windows directory: C:\Windows
10:54:00.0778 0x04c8  Running under WOW64
10:54:00.0778 0x04c8  Processor architecture: Intel x64
10:54:00.0778 0x04c8  Number of processors: 2
10:54:00.0778 0x04c8  Page size: 0x1000
10:54:00.0778 0x04c8  Boot type: Normal boot
10:54:00.0778 0x04c8  ============================================================
10:54:02.0041 0x04c8  KLMD registered as C:\Windows\system32\drivers\94047651.sys
10:54:02.0231 0x04c8  System UUID: {1F423485-6176-F2A1-5D8E-9543E8CF0B10}
10:54:02.0578 0x04c8  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x54AF8F, SectorsPerTrack: 0x16, TracksPerCylinder: 0x4, Type 'K0', Flags 0x00000040
10:54:02.0580 0x04c8  ============================================================
10:54:02.0580 0x04c8  \Device\Harddisk0\DR0:
10:54:02.0580 0x04c8  MBR partitions:
10:54:02.0580 0x04c8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x16, BlocksNum 0x1D1C45E0
10:54:02.0581 0x04c8  ============================================================
10:54:02.0590 0x04c8  C: <-> \Device\Harddisk0\DR0\Partition1
10:54:02.0590 0x04c8  ============================================================
10:54:02.0590 0x04c8  Initialize success
10:54:02.0590 0x04c8  ============================================================
10:54:04.0906 0x0888  ============================================================
10:54:04.0906 0x0888  Scan started
10:54:04.0906 0x0888  Mode: Manual; 
10:54:04.0907 0x0888  ============================================================
10:54:04.0907 0x0888  KSN ping started
10:54:07.0566 0x0888  KSN ping finished: true
10:54:07.0982 0x0888  ================ Scan system memory ========================
10:54:07.0982 0x0888  System memory - ok
10:54:07.0983 0x0888  ================ Scan services =============================
10:54:08.0111 0x0888  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
10:54:08.0117 0x0888  1394ohci - ok
10:54:08.0166 0x0888  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
10:54:08.0172 0x0888  ACPI - ok
10:54:08.0197 0x0888  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
10:54:08.0198 0x0888  AcpiPmi - ok
10:54:08.0255 0x0888  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
10:54:08.0267 0x0888  adp94xx - ok
10:54:08.0285 0x0888  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
10:54:08.0293 0x0888  adpahci - ok
10:54:08.0338 0x0888  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
10:54:08.0343 0x0888  adpu320 - ok
10:54:08.0370 0x0888  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
10:54:08.0373 0x0888  AeLookupSvc - ok
10:54:08.0439 0x0888  [ D31DC7A16DEA4A9BAF179F3D6FBDB38C, 532678D86E3E667F2E789C4873565E0B92C549A93F10802BB6D5B505CA3238CE ] AFD             C:\Windows\system32\drivers\afd.sys
10:54:08.0449 0x0888  AFD - ok
10:54:08.0468 0x0888  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
10:54:08.0470 0x0888  agp440 - ok
10:54:08.0486 0x0888  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
10:54:08.0488 0x0888  ALG - ok
10:54:08.0495 0x0888  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
10:54:08.0496 0x0888  aliide - ok
10:54:08.0501 0x0888  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
10:54:08.0502 0x0888  amdide - ok
10:54:08.0519 0x0888  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
10:54:08.0520 0x0888  AmdK8 - ok
10:54:08.0538 0x0888  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
10:54:08.0540 0x0888  AmdPPM - ok
10:54:08.0555 0x0888  [ 6EC6D772EAE38DC17C14AED9B178D24B, B4FB936B31B1265B8CC6B426C64965C34D0CCF1638E645ACD65E88F4AFFC57A6 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
10:54:08.0559 0x0888  amdsata - ok
10:54:08.0572 0x0888  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
10:54:08.0578 0x0888  amdsbs - ok
10:54:08.0583 0x0888  [ 1142A21DB581A84EA5597B03A26EBAA0, F94EB140D0CD068760D7EB081FF75154C75DAC75E5E24B6DE4E4F9CE65A70343 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
10:54:08.0584 0x0888  amdxata - ok
10:54:08.0603 0x0888  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID           C:\Windows\system32\drivers\appid.sys
10:54:08.0605 0x0888  AppID - ok
10:54:08.0631 0x0888  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
10:54:08.0632 0x0888  AppIDSvc - ok
10:54:08.0641 0x0888  [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo         C:\Windows\System32\appinfo.dll
10:54:08.0643 0x0888  Appinfo - ok
10:54:08.0671 0x0888  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
10:54:08.0675 0x0888  AppMgmt - ok
10:54:08.0683 0x0888  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
10:54:08.0686 0x0888  arc - ok
10:54:08.0693 0x0888  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
10:54:08.0696 0x0888  arcsas - ok
10:54:08.0722 0x0888  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
10:54:08.0723 0x0888  AsyncMac - ok
10:54:08.0729 0x0888  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
10:54:08.0729 0x0888  atapi - ok
10:54:08.0899 0x0888  [ 3EFD964D52221360AF0673CD61C2F4F5, 76D636CAF2E4FEDAAC6B0D958865A901340CF836EE4FCE59F1D5291E3BEC9F1E ] atikmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
10:54:09.0016 0x0888  atikmdag - ok
10:54:09.0087 0x0888  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:54:09.0104 0x0888  AudioEndpointBuilder - ok
10:54:09.0125 0x0888  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
10:54:09.0138 0x0888  AudioSrv - ok
10:54:09.0157 0x0888  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
10:54:09.0161 0x0888  AxInstSV - ok
10:54:09.0218 0x0888  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
10:54:09.0230 0x0888  b06bdrv - ok
10:54:09.0266 0x0888  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
10:54:09.0273 0x0888  b57nd60a - ok
10:54:09.0295 0x0888  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
10:54:09.0299 0x0888  BDESVC - ok
10:54:09.0324 0x0888  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
10:54:09.0325 0x0888  Beep - ok
10:54:09.0373 0x0888  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
10:54:09.0390 0x0888  BFE - ok
10:54:09.0445 0x0888  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
10:54:09.0462 0x0888  BITS - ok
10:54:09.0478 0x0888  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
10:54:09.0480 0x0888  blbdrive - ok
10:54:09.0487 0x0888  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
10:54:09.0489 0x0888  bowser - ok
10:54:09.0496 0x0888  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
10:54:09.0497 0x0888  BrFiltLo - ok
10:54:09.0514 0x0888  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
10:54:09.0515 0x0888  BrFiltUp - ok
10:54:09.0532 0x0888  [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser         C:\Windows\System32\browser.dll
10:54:09.0535 0x0888  Browser - ok
10:54:09.0559 0x0888  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
10:54:09.0567 0x0888  Brserid - ok
10:54:09.0573 0x0888  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
10:54:09.0575 0x0888  BrSerWdm - ok
10:54:09.0581 0x0888  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
10:54:09.0583 0x0888  BrUsbMdm - ok
10:54:09.0588 0x0888  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
10:54:09.0589 0x0888  BrUsbSer - ok
10:54:09.0596 0x0888  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
10:54:09.0598 0x0888  BTHMODEM - ok
10:54:09.0608 0x0888  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
10:54:09.0611 0x0888  bthserv - ok
10:54:09.0627 0x0888  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
10:54:09.0629 0x0888  cdfs - ok
10:54:09.0656 0x0888  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
10:54:09.0659 0x0888  cdrom - ok
10:54:09.0681 0x0888  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
10:54:09.0684 0x0888  CertPropSvc - ok
10:54:09.0705 0x0888  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
10:54:09.0707 0x0888  circlass - ok
10:54:09.0730 0x0888  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
10:54:09.0739 0x0888  CLFS - ok
10:54:09.0794 0x0888  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:54:09.0796 0x0888  clr_optimization_v2.0.50727_32 - ok
10:54:09.0835 0x0888  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:54:09.0837 0x0888  clr_optimization_v2.0.50727_64 - ok
10:54:09.0847 0x0888  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
10:54:09.0848 0x0888  CmBatt - ok
10:54:09.0854 0x0888  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
10:54:09.0855 0x0888  cmdide - ok
10:54:09.0875 0x0888  [ D5FEA92400F12412B3922087C09DA6A5, C8CD9215D26D3295FE487C96A4FC3F4C8AFED764AE9445D9858D7489823A8A2B ] CNG             C:\Windows\system32\Drivers\cng.sys
10:54:09.0887 0x0888  CNG - ok
10:54:09.0896 0x0888  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
10:54:09.0896 0x0888  Compbatt - ok
10:54:09.0916 0x0888  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
10:54:09.0916 0x0888  CompositeBus - ok
10:54:09.0930 0x0888  COMSysApp - ok
10:54:09.0942 0x0888  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
10:54:09.0944 0x0888  crcdisk - ok
10:54:10.0003 0x0888  [ 15597883FBE9B056F276ADA3AD87D9AF, B347E0B11228E38313C59C8ED984253A8A1FF482ED137CF5F488C4AFD6B08857 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
10:54:10.0007 0x0888  CryptSvc - ok
10:54:10.0033 0x0888  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
10:54:10.0045 0x0888  CSC - ok
10:54:10.0075 0x0888  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
10:54:10.0092 0x0888  CscService - ok
10:54:10.0129 0x0888  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
10:54:10.0140 0x0888  DcomLaunch - ok
10:54:10.0171 0x0888  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
10:54:10.0179 0x0888  defragsvc - ok
10:54:10.0198 0x0888  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
10:54:10.0214 0x0888  DfsC - ok
10:54:10.0304 0x0888  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
10:54:10.0313 0x0888  Dhcp - ok
10:54:10.0320 0x0888  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
10:54:10.0321 0x0888  discache - ok
10:54:10.0335 0x0888  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
10:54:10.0337 0x0888  Disk - ok
10:54:10.0357 0x0888  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
10:54:10.0359 0x0888  dmvsc - ok
10:54:10.0389 0x0888  [ CD55F5355D8F55D44C9F4ED875705BD6, 321C26E3CD9F376D30F05FBDF00E96399512ED705D867E8B14793D9CE69A1C1F ] Dnscache        C:\Windows\System32\dnsrslvr.dll
10:54:10.0394 0x0888  Dnscache - ok
10:54:10.0410 0x0888  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
10:54:10.0416 0x0888  dot3svc - ok
10:54:10.0426 0x0888  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
10:54:10.0430 0x0888  DPS - ok
10:54:10.0464 0x0888  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
10:54:10.0465 0x0888  drmkaud - ok
10:54:10.0509 0x0888  [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
10:54:10.0527 0x0888  DXGKrnl - ok
10:54:10.0543 0x0888  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
10:54:10.0547 0x0888  EapHost - ok
10:54:10.0660 0x0888  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
10:54:10.0738 0x0888  ebdrv - ok
10:54:10.0764 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS             C:\Windows\System32\lsass.exe
10:54:10.0765 0x0888  EFS - ok
10:54:10.0823 0x0888  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
10:54:10.0840 0x0888  ehRecvr - ok
10:54:10.0853 0x0888  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
10:54:10.0856 0x0888  ehSched - ok
10:54:10.0891 0x0888  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
10:54:10.0904 0x0888  elxstor - ok
10:54:10.0922 0x0888  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
10:54:10.0923 0x0888  ErrDev - ok
10:54:10.0982 0x0888  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
10:54:10.0990 0x0888  EventSystem - ok
10:54:11.0007 0x0888  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
10:54:11.0013 0x0888  exfat - ok
10:54:11.0023 0x0888  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
10:54:11.0027 0x0888  fastfat - ok
10:54:11.0078 0x0888  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
10:54:11.0095 0x0888  Fax - ok
10:54:11.0108 0x0888  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
10:54:11.0109 0x0888  fdc - ok
10:54:11.0131 0x0888  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
10:54:11.0133 0x0888  fdPHost - ok
10:54:11.0145 0x0888  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
10:54:11.0157 0x0888  FDResPub - ok
10:54:11.0164 0x0888  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
10:54:11.0166 0x0888  FileInfo - ok
10:54:11.0173 0x0888  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
10:54:11.0174 0x0888  Filetrace - ok
10:54:11.0194 0x0888  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
10:54:11.0195 0x0888  flpydisk - ok
10:54:11.0217 0x0888  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
10:54:11.0223 0x0888  FltMgr - ok
10:54:11.0269 0x0888  [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache       C:\Windows\system32\FntCache.dll
10:54:11.0296 0x0888  FontCache - ok
10:54:11.0326 0x0888  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:54:11.0328 0x0888  FontCache3.0.0.0 - ok
10:54:11.0333 0x0888  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
10:54:11.0335 0x0888  FsDepends - ok
10:54:11.0341 0x0888  [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
10:54:11.0342 0x0888  Fs_Rec - ok
10:54:11.0361 0x0888  [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
10:54:11.0367 0x0888  fvevol - ok
10:54:11.0392 0x0888  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
10:54:11.0394 0x0888  gagp30kx - ok
10:54:11.0432 0x0888  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
10:54:11.0453 0x0888  gpsvc - ok
10:54:11.0506 0x0888  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:54:11.0509 0x0888  gupdate - ok
10:54:11.0517 0x0888  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:54:11.0519 0x0888  gupdatem - ok
10:54:11.0532 0x0888  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
10:54:11.0534 0x0888  hcw85cir - ok
10:54:11.0575 0x0888  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
10:54:11.0584 0x0888  HdAudAddService - ok
10:54:11.0601 0x0888  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
10:54:11.0604 0x0888  HDAudBus - ok
10:54:11.0626 0x0888  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
10:54:11.0628 0x0888  HidBatt - ok
10:54:11.0641 0x0888  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
10:54:11.0644 0x0888  HidBth - ok
10:54:11.0658 0x0888  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
10:54:11.0660 0x0888  HidIr - ok
10:54:11.0684 0x0888  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
10:54:11.0686 0x0888  hidserv - ok
10:54:11.0703 0x0888  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
10:54:11.0704 0x0888  HidUsb - ok
10:54:11.0732 0x0888  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
10:54:11.0736 0x0888  hkmsvc - ok
10:54:11.0758 0x0888  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:54:11.0766 0x0888  HomeGroupListener - ok
10:54:11.0799 0x0888  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:54:11.0805 0x0888  HomeGroupProvider - ok
10:54:11.0812 0x0888  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
10:54:11.0817 0x0888  HpSAMD - ok
10:54:11.0854 0x0888  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
10:54:11.0868 0x0888  HTTP - ok
10:54:11.0875 0x0888  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
10:54:11.0875 0x0888  hwpolicy - ok
10:54:11.0893 0x0888  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
10:54:11.0895 0x0888  i8042prt - ok
10:54:11.0911 0x0888  [ 3DF4395A7CF8B7A72A5F4606366B8C2D, 483588B8FC6E05488ED631C4E1CFC398553FEBFA2CD2BB527B4DF12D19774F80 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
10:54:11.0920 0x0888  iaStorV - ok
10:54:11.0994 0x0888  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:54:12.0015 0x0888  idsvc - ok
10:54:12.0026 0x0888  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
10:54:12.0028 0x0888  iirsp - ok
10:54:12.0092 0x0888  [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT          C:\Windows\System32\ikeext.dll
10:54:12.0114 0x0888  IKEEXT - ok
10:54:12.0129 0x0888  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
10:54:12.0130 0x0888  intelide - ok
10:54:12.0160 0x0888  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
10:54:12.0161 0x0888  intelppm - ok
10:54:12.0179 0x0888  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
10:54:12.0183 0x0888  IPBusEnum - ok
10:54:12.0198 0x0888  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:54:12.0200 0x0888  IpFilterDriver - ok
10:54:12.0236 0x0888  [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
10:54:12.0250 0x0888  iphlpsvc - ok
10:54:12.0259 0x0888  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
10:54:12.0262 0x0888  IPMIDRV - ok
10:54:12.0281 0x0888  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
10:54:12.0284 0x0888  IPNAT - ok
10:54:12.0292 0x0888  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
10:54:12.0295 0x0888  IRENUM - ok
10:54:12.0303 0x0888  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
10:54:12.0304 0x0888  isapnp - ok
10:54:12.0341 0x0888  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
10:54:12.0348 0x0888  iScsiPrt - ok
10:54:12.0355 0x0888  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
10:54:12.0356 0x0888  kbdclass - ok
10:54:12.0368 0x0888  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
10:54:12.0370 0x0888  kbdhid - ok
10:54:12.0381 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso          C:\Windows\system32\lsass.exe
10:54:12.0383 0x0888  KeyIso - ok
10:54:12.0399 0x0888  [ CCD53B5BD33CE0C889E830D839C8B66E, 51B7556DA7DAA0BC75E00E53099776016A55FAA115D5A4E6830E12A0A0869C10 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
10:54:12.0401 0x0888  KSecDD - ok
10:54:12.0413 0x0888  [ 9FF918A261752C12639E8AD4208D2C2F, B60F7A730C92F2BF7E85A6CA14DD7671AEECEE154CEC83B1E23EF268C25C9E5E ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
10:54:12.0417 0x0888  KSecPkg - ok
10:54:12.0422 0x0888  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
10:54:12.0424 0x0888  ksthunk - ok
10:54:12.0455 0x0888  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
10:54:12.0465 0x0888  KtmRm - ok
10:54:12.0492 0x0888  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
10:54:12.0500 0x0888  LanmanServer - ok
10:54:12.0522 0x0888  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:54:12.0526 0x0888  LanmanWorkstation - ok
10:54:12.0543 0x0888  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
10:54:12.0545 0x0888  lltdio - ok
10:54:12.0578 0x0888  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
10:54:12.0585 0x0888  lltdsvc - ok
10:54:12.0603 0x0888  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
10:54:12.0605 0x0888  lmhosts - ok
10:54:12.0627 0x0888  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
10:54:12.0631 0x0888  LSI_FC - ok
10:54:12.0639 0x0888  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
10:54:12.0643 0x0888  LSI_SAS - ok
10:54:12.0651 0x0888  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
10:54:12.0653 0x0888  LSI_SAS2 - ok
10:54:12.0664 0x0888  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
10:54:12.0667 0x0888  LSI_SCSI - ok
10:54:12.0683 0x0888  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
10:54:12.0686 0x0888  luafv - ok
10:54:12.0702 0x0888  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
10:54:12.0706 0x0888  Mcx2Svc - ok
10:54:12.0711 0x0888  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
10:54:12.0713 0x0888  megasas - ok
10:54:12.0737 0x0888  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
10:54:12.0745 0x0888  MegaSR - ok
10:54:12.0757 0x0888  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
10:54:12.0760 0x0888  MMCSS - ok
10:54:12.0775 0x0888  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
10:54:12.0776 0x0888  Modem - ok
10:54:12.0791 0x0888  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
10:54:12.0792 0x0888  monitor - ok
10:54:12.0799 0x0888  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
10:54:12.0800 0x0888  mouclass - ok
10:54:12.0807 0x0888  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
10:54:12.0808 0x0888  mouhid - ok
10:54:12.0815 0x0888  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
10:54:12.0818 0x0888  mountmgr - ok
10:54:12.0830 0x0888  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
10:54:12.0834 0x0888  mpio - ok
10:54:12.0850 0x0888  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
10:54:12.0852 0x0888  mpsdrv - ok
10:54:12.0893 0x0888  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
10:54:12.0914 0x0888  MpsSvc - ok
10:54:12.0936 0x0888  [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
10:54:12.0939 0x0888  MRxDAV - ok
10:54:12.0948 0x0888  [ FAF015B07E3A2874A790A39B7D2C579F, C614B0E80B38EBF7C670EEB833F5E476B33042097DA07206D6C5EE3E52B9A427 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
10:54:12.0952 0x0888  mrxsmb - ok
10:54:12.0978 0x0888  [ 08E2345DF129082BCDFFDC1440F9C00D, 2ADF69F49DF8C43D4440B6C8A62085C51518CA895A88D37264C60A0B4B1EC55F ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:54:12.0985 0x0888  mrxsmb10 - ok
10:54:12.0994 0x0888  [ 108D87409C5812EF47D81E22843E8C9D, CAE9B91B6BD1DF1552463BD63A06288F5D3E0B81B040BC1C7EC0C2A0119CCECA ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:54:12.0998 0x0888  mrxsmb20 - ok
10:54:13.0005 0x0888  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
10:54:13.0007 0x0888  msahci - ok
10:54:13.0021 0x0888  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
10:54:13.0026 0x0888  msdsm - ok
10:54:13.0044 0x0888  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
10:54:13.0049 0x0888  MSDTC - ok
10:54:13.0057 0x0888  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
10:54:13.0058 0x0888  Msfs - ok
10:54:13.0077 0x0888  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
10:54:13.0078 0x0888  mshidkmdf - ok
10:54:13.0083 0x0888  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
10:54:13.0084 0x0888  msisadrv - ok
10:54:13.0113 0x0888  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
10:54:13.0118 0x0888  MSiSCSI - ok
10:54:13.0123 0x0888  msiserver - ok
10:54:13.0150 0x0888  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
10:54:13.0151 0x0888  MSKSSRV - ok
10:54:13.0156 0x0888  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
10:54:13.0156 0x0888  MSPCLOCK - ok
10:54:13.0162 0x0888  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
10:54:13.0163 0x0888  MSPQM - ok
10:54:13.0178 0x0888  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
10:54:13.0188 0x0888  MsRPC - ok
10:54:13.0197 0x0888  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
10:54:13.0198 0x0888  mssmbios - ok
10:54:13.0216 0x0888  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
10:54:13.0217 0x0888  MSTEE - ok
10:54:13.0224 0x0888  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
10:54:13.0225 0x0888  MTConfig - ok
10:54:13.0232 0x0888  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
10:54:13.0234 0x0888  Mup - ok
10:54:13.0273 0x0888  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
10:54:13.0286 0x0888  napagent - ok
10:54:13.0322 0x0888  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
10:54:13.0331 0x0888  NativeWifiP - ok
10:54:13.0380 0x0888  [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS            C:\Windows\system32\drivers\ndis.sys
10:54:13.0399 0x0888  NDIS - ok
10:54:13.0418 0x0888  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
10:54:13.0420 0x0888  NdisCap - ok
10:54:13.0434 0x0888  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
10:54:13.0435 0x0888  NdisTapi - ok
10:54:13.0442 0x0888  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
10:54:13.0444 0x0888  Ndisuio - ok
10:54:13.0456 0x0888  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
10:54:13.0458 0x0888  NdisWan - ok
10:54:13.0467 0x0888  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
10:54:13.0468 0x0888  NDProxy - ok
10:54:13.0475 0x0888  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
10:54:13.0477 0x0888  NetBIOS - ok
10:54:13.0490 0x0888  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
10:54:13.0495 0x0888  NetBT - ok
10:54:13.0509 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon        C:\Windows\system32\lsass.exe
10:54:13.0511 0x0888  Netlogon - ok
10:54:13.0540 0x0888  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
10:54:13.0547 0x0888  Netman - ok
10:54:13.0574 0x0888  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
10:54:13.0586 0x0888  netprofm - ok
10:54:13.0617 0x0888  [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
10:54:13.0621 0x0888  NetTcpPortSharing - ok
10:54:13.0639 0x0888  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
10:54:13.0641 0x0888  nfrd960 - ok
10:54:13.0666 0x0888  [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc          C:\Windows\System32\nlasvc.dll
10:54:13.0679 0x0888  NlaSvc - ok
10:54:13.0689 0x0888  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
10:54:13.0690 0x0888  Npfs - ok
10:54:13.0708 0x0888  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
10:54:13.0709 0x0888  nsi - ok
10:54:13.0715 0x0888  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
10:54:13.0716 0x0888  nsiproxy - ok
10:54:13.0785 0x0888  [ 05D78AA5CB5F3F5C31160BDB955D0B7C, E3CD3FAF52ED11A8FB96D667510F1EDCA49053705AA3A13F560F8F6EC995CA45 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
10:54:13.0815 0x0888  Ntfs - ok
10:54:13.0834 0x0888  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
10:54:13.0835 0x0888  Null - ok
10:54:13.0844 0x0888  [ 5D9FD91F3D38DC9DA01E3CB5FA89CD48, 7738785DE8B50D69993F4408498B812D0283FEE5C04FF5B89C20F149B44E9737 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
10:54:13.0848 0x0888  nvraid - ok
10:54:13.0858 0x0888  [ F7CD50FE7139F07E77DA8AC8033D1832, DA96F4B15C8165E6AE1D00E03A062C66CA3A3089E4FF0E9E11CE00B154DD12EC ] nvstor          C:\Windows\system32\drivers\nvstor.sys
10:54:13.0862 0x0888  nvstor - ok
10:54:13.0878 0x0888  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
10:54:13.0882 0x0888  nv_agp - ok
10:54:13.0891 0x0888  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
10:54:13.0893 0x0888  ohci1394 - ok
10:54:13.0924 0x0888  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
10:54:13.0933 0x0888  p2pimsvc - ok
10:54:13.0955 0x0888  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
10:54:13.0966 0x0888  p2psvc - ok
10:54:13.0980 0x0888  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
10:54:13.0982 0x0888  Parport - ok
10:54:13.0990 0x0888  [ 871EADAC56B0A4C6512BBE32753CCF79, F9FD9DBA55274BB72B897550988DCDFD0F2D9367BE641DFDE07D240052DDC180 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
10:54:13.0991 0x0888  partmgr - ok
10:54:14.0000 0x0888  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
10:54:14.0006 0x0888  PcaSvc - ok
10:54:14.0025 0x0888  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
10:54:14.0029 0x0888  pci - ok
10:54:14.0034 0x0888  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
10:54:14.0037 0x0888  pciide - ok
10:54:14.0057 0x0888  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
10:54:14.0062 0x0888  pcmcia - ok
10:54:14.0069 0x0888  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
10:54:14.0071 0x0888  pcw - ok
10:54:14.0098 0x0888  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
10:54:14.0114 0x0888  PEAUTH - ok
10:54:14.0164 0x0888  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
10:54:14.0197 0x0888  PeerDistSvc - ok
10:54:14.0266 0x0888  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
10:54:14.0268 0x0888  PerfHost - ok
10:54:14.0340 0x0888  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
10:54:14.0375 0x0888  pla - ok
10:54:14.0424 0x0888  [ B806E50427511BCF4AD8E8239C3E25FA, AB89B48ECCF90F701B314D18BE531CDA5ABE1636C17B994A5E4BE5AAC136B4E3 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
10:54:14.0436 0x0888  PlugPlay - ok
10:54:14.0448 0x0888  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
10:54:14.0451 0x0888  PNRPAutoReg - ok
10:54:14.0471 0x0888  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
10:54:14.0479 0x0888  PNRPsvc - ok
10:54:14.0515 0x0888  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
10:54:14.0526 0x0888  PolicyAgent - ok
10:54:14.0550 0x0888  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
10:54:14.0556 0x0888  Power - ok
10:54:14.0590 0x0888  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
10:54:14.0592 0x0888  PptpMiniport - ok
10:54:14.0611 0x0888  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
10:54:14.0612 0x0888  Processor - ok
10:54:14.0630 0x0888  [ 5C78838B4D166D1A27DB3A8A820C799A, BBF7E1D0B6754CF06BF3936671FDF5BF6E845CA5678D0940EA54E9212B539B7F ] ProfSvc         C:\Windows\system32\profsvc.dll
10:54:14.0637 0x0888  ProfSvc - ok
10:54:14.0655 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
10:54:14.0656 0x0888  ProtectedStorage - ok
10:54:14.0673 0x0888  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
10:54:14.0677 0x0888  Psched - ok
10:54:14.0734 0x0888  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
10:54:14.0771 0x0888  ql2300 - ok
10:54:14.0783 0x0888  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
10:54:14.0787 0x0888  ql40xx - ok
10:54:14.0858 0x0888  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
10:54:14.0865 0x0888  QWAVE - ok
10:54:14.0872 0x0888  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
10:54:14.0874 0x0888  QWAVEdrv - ok
10:54:14.0891 0x0888  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
10:54:14.0892 0x0888  RasAcd - ok
10:54:14.0918 0x0888  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
10:54:14.0920 0x0888  RasAgileVpn - ok
10:54:14.0938 0x0888  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
10:54:14.0942 0x0888  RasAuto - ok
10:54:14.0950 0x0888  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
10:54:14.0953 0x0888  Rasl2tp - ok
10:54:14.0969 0x0888  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
10:54:14.0979 0x0888  RasMan - ok
10:54:14.0988 0x0888  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
10:54:14.0990 0x0888  RasPppoe - ok
10:54:15.0005 0x0888  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
10:54:15.0007 0x0888  RasSstp - ok
10:54:15.0020 0x0888  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
10:54:15.0026 0x0888  rdbss - ok
10:54:15.0040 0x0888  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
10:54:15.0041 0x0888  rdpbus - ok
10:54:15.0056 0x0888  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
10:54:15.0056 0x0888  RDPCDD - ok
10:54:15.0083 0x0888  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
10:54:15.0086 0x0888  RDPDR - ok
10:54:15.0101 0x0888  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
10:54:15.0102 0x0888  RDPENCDD - ok
10:54:15.0115 0x0888  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
10:54:15.0116 0x0888  RDPREFMP - ok
10:54:15.0125 0x0888  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:54:15.0126 0x0888  RdpVideoMiniport - ok
10:54:15.0137 0x0888  [ 15B66C206B5CB095BAB980553F38ED23, 3CA50786A8D3D6BAF145AFD22C1ED92C2EB39F5D6AF4F6B09B69610FDE0C5B24 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
10:54:15.0141 0x0888  RDPWD - ok
10:54:15.0189 0x0888  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
10:54:15.0195 0x0888  rdyboost - ok
10:54:15.0227 0x0888  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
10:54:15.0231 0x0888  RemoteAccess - ok
10:54:15.0260 0x0888  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
10:54:15.0265 0x0888  RemoteRegistry - ok
10:54:15.0288 0x0888  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
10:54:15.0291 0x0888  RpcEptMapper - ok
10:54:15.0305 0x0888  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
10:54:15.0307 0x0888  RpcLocator - ok
10:54:15.0338 0x0888  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
10:54:15.0350 0x0888  RpcSs - ok
10:54:15.0368 0x0888  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
10:54:15.0371 0x0888  rspndr - ok
10:54:15.0392 0x0888  [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
10:54:15.0397 0x0888  RTL8167 - ok
10:54:15.0415 0x0888  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
10:54:15.0416 0x0888  s3cap - ok
10:54:15.0434 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs           C:\Windows\system32\lsass.exe
10:54:15.0436 0x0888  SamSs - ok
10:54:15.0443 0x0888  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
10:54:15.0447 0x0888  sbp2port - ok
10:54:15.0471 0x0888  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
10:54:15.0478 0x0888  SCardSvr - ok
10:54:15.0484 0x0888  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
10:54:15.0486 0x0888  scfilter - ok
10:54:15.0524 0x0888  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
10:54:15.0545 0x0888  Schedule - ok
10:54:15.0562 0x0888  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
10:54:15.0564 0x0888  SCPolicySvc - ok
10:54:15.0579 0x0888  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
10:54:15.0584 0x0888  SDRSVC - ok
10:54:15.0593 0x0888  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
10:54:15.0595 0x0888  secdrv - ok
10:54:15.0605 0x0888  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
10:54:15.0607 0x0888  seclogon - ok
10:54:15.0622 0x0888  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
10:54:15.0625 0x0888  SENS - ok
10:54:15.0638 0x0888  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
10:54:15.0640 0x0888  SensrSvc - ok
10:54:15.0655 0x0888  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
10:54:15.0656 0x0888  Serenum - ok
10:54:15.0671 0x0888  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
10:54:15.0673 0x0888  Serial - ok
10:54:15.0688 0x0888  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
10:54:15.0690 0x0888  sermouse - ok
10:54:15.0714 0x0888  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
10:54:15.0719 0x0888  SessionEnv - ok
10:54:15.0725 0x0888  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
10:54:15.0726 0x0888  sffdisk - ok
10:54:15.0731 0x0888  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
10:54:15.0733 0x0888  sffp_mmc - ok
10:54:15.0739 0x0888  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
10:54:15.0740 0x0888  sffp_sd - ok
10:54:15.0745 0x0888  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
10:54:15.0747 0x0888  sfloppy - ok
10:54:15.0769 0x0888  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
10:54:15.0779 0x0888  SharedAccess - ok
10:54:15.0811 0x0888  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:54:15.0819 0x0888  ShellHWDetection - ok
10:54:15.0826 0x0888  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
10:54:15.0828 0x0888  SiSRaid2 - ok
10:54:15.0834 0x0888  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
10:54:15.0837 0x0888  SiSRaid4 - ok
10:54:15.0861 0x0888  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
10:54:15.0864 0x0888  Smb - ok
10:54:15.0882 0x0888  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
10:54:15.0884 0x0888  SNMPTRAP - ok
10:54:15.0890 0x0888  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
10:54:15.0891 0x0888  spldr - ok
10:54:15.0924 0x0888  [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler         C:\Windows\System32\spoolsv.exe
10:54:15.0936 0x0888  Spooler - ok
10:54:16.0045 0x0888  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
10:54:16.0130 0x0888  sppsvc - ok
10:54:16.0146 0x0888  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
10:54:16.0149 0x0888  sppuinotify - ok
10:54:16.0179 0x0888  [ 2098B8556D1CEC2ACA9A29CD479E3692, D5826407C64F18C16EB36E6F00787CFAFCD9B24B5BD8AD126AD01E6E4134966F ] srv             C:\Windows\system32\DRIVERS\srv.sys
10:54:16.0189 0x0888  srv - ok
10:54:16.0220 0x0888  [ D0F73A42040F21F92FD314B42AC5C9E7, A021C4318C9CFA594305458B2643BB0C22DDE1F3D51C93C9F3E7F7AB75B31278 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
10:54:16.0232 0x0888  srv2 - ok
10:54:16.0252 0x0888  [ 2BA8F3250828CCDB4204ECF2C6F40B6A, 22C4FBF9A87C46E69C48B681FF733D68D9CB7B7D73FB14C8C2A06E9009F9860E ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
10:54:16.0257 0x0888  srvnet - ok
10:54:16.0292 0x0888  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
10:54:16.0298 0x0888  SSDPSRV - ok
10:54:16.0309 0x0888  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
10:54:16.0317 0x0888  SstpSvc - ok
10:54:16.0324 0x0888  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
10:54:16.0340 0x0888  stexstor - ok
10:54:16.0432 0x0888  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
10:54:16.0445 0x0888  stisvc - ok
10:54:16.0460 0x0888  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
10:54:16.0462 0x0888  storflt - ok
10:54:16.0471 0x0888  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
10:54:16.0473 0x0888  storvsc - ok
10:54:16.0479 0x0888  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
10:54:16.0480 0x0888  swenum - ok
10:54:16.0510 0x0888  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
10:54:16.0524 0x0888  swprv - ok
10:54:16.0541 0x0888  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
10:54:16.0543 0x0888  Synth3dVsc - ok
10:54:16.0632 0x0888  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
10:54:16.0675 0x0888  SysMain - ok
10:54:16.0687 0x0888  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:54:16.0691 0x0888  TabletInputService - ok
10:54:16.0709 0x0888  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
10:54:16.0716 0x0888  TapiSrv - ok
10:54:16.0740 0x0888  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
10:54:16.0743 0x0888  TBS - ok
10:54:16.0810 0x0888  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
10:54:16.0846 0x0888  Tcpip - ok
10:54:16.0909 0x0888  [ 509383E505C973ED7534A06B3D19688D, 520AE434CCE1D365A45B2035283A4AD915E98D28D06BD73822F6FF865C2AE7DF ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
10:54:16.0944 0x0888  TCPIP6 - ok
10:54:16.0958 0x0888  [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
10:54:16.0959 0x0888  tcpipreg - ok
10:54:16.0984 0x0888  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
10:54:16.0985 0x0888  TDPIPE - ok
10:54:16.0991 0x0888  [ E4245BDA3190A582D55ED09E137401A9, F59C983882997D68CC7B1B2080AEE9EBE2AE90D478F877559BD2AAA97158A116 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
10:54:16.0992 0x0888  TDTCP - ok
10:54:17.0012 0x0888  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
10:54:17.0014 0x0888  tdx - ok
10:54:17.0020 0x0888  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
10:54:17.0022 0x0888  TermDD - ok
10:54:17.0057 0x0888  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
10:54:17.0059 0x0888  terminpt - ok
10:54:17.0110 0x0888  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService     C:\Windows\System32\termsrv.dll
10:54:17.0125 0x0888  TermService - ok
10:54:17.0132 0x0888  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
10:54:17.0135 0x0888  Themes - ok
10:54:17.0154 0x0888  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
10:54:17.0156 0x0888  THREADORDER - ok
10:54:17.0174 0x0888  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
10:54:17.0179 0x0888  TrkWks - ok
10:54:17.0223 0x0888  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:54:17.0228 0x0888  TrustedInstaller - ok
10:54:17.0237 0x0888  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
10:54:17.0239 0x0888  tssecsrv - ok
10:54:17.0254 0x0888  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
10:54:17.0256 0x0888  TsUsbFlt - ok
10:54:17.0262 0x0888  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
10:54:17.0264 0x0888  TsUsbGD - ok
10:54:17.0272 0x0888  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
10:54:17.0276 0x0888  tsusbhub - ok
10:54:17.0297 0x0888  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
10:54:17.0301 0x0888  tunnel - ok
10:54:17.0315 0x0888  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
10:54:17.0318 0x0888  uagp35 - ok
10:54:17.0338 0x0888  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
10:54:17.0344 0x0888  udfs - ok
10:54:17.0375 0x0888  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
10:54:17.0377 0x0888  UI0Detect - ok
10:54:17.0389 0x0888  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
10:54:17.0392 0x0888  uliagpkx - ok
10:54:17.0408 0x0888  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
10:54:17.0410 0x0888  umbus - ok
10:54:17.0415 0x0888  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
10:54:17.0416 0x0888  UmPass - ok
10:54:17.0431 0x0888  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
10:54:17.0438 0x0888  UmRdpService - ok
10:54:17.0462 0x0888  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
10:54:17.0471 0x0888  upnphost - ok
10:54:17.0479 0x0888  [ 481DFF26B4DCA8F4CBAC1F7DCE1D6829, 5D6E404FE0AB875202CA1A3E8E9D2F4368DF6ACCFA1C872ECFAF8399CBA3A485 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
10:54:17.0482 0x0888  usbccgp - ok
10:54:17.0511 0x0888  [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
10:54:17.0514 0x0888  usbcir - ok
10:54:17.0520 0x0888  [ 74EE782B1D9C241EFE425565854C661C, E8258EA65B0FCAD4E077B176E9D9324646B652D6E651241E397346A39770D065 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
10:54:17.0522 0x0888  usbehci - ok
10:54:17.0542 0x0888  [ DC96BD9CCB8403251BCF25047573558E, 66EBF8A6B3BC0634F32DDCC8BA31F1EB5987E8C6853E1DC26005E3EED0945565 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
10:54:17.0549 0x0888  usbhub - ok
10:54:17.0558 0x0888  [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
10:54:17.0560 0x0888  usbohci - ok
10:54:17.0578 0x0888  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
10:54:17.0580 0x0888  usbprint - ok
10:54:17.0593 0x0888  [ D76510CFA0FC09023077F22C2F979D86, 5662281C6D515423255D3C262EA368DBAFC250235E535FBFA3E59D3487695439 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:54:17.0595 0x0888  USBSTOR - ok
10:54:17.0606 0x0888  [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
10:54:17.0608 0x0888  usbuhci - ok
10:54:17.0621 0x0888  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
10:54:17.0624 0x0888  UxSms - ok
10:54:17.0640 0x0888  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc        C:\Windows\system32\lsass.exe
10:54:17.0642 0x0888  VaultSvc - ok
10:54:17.0648 0x0888  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
10:54:17.0650 0x0888  vdrvroot - ok
10:54:17.0675 0x0888  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
10:54:17.0690 0x0888  vds - ok
10:54:17.0708 0x0888  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
10:54:17.0709 0x0888  vga - ok
10:54:17.0714 0x0888  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
10:54:17.0716 0x0888  VgaSave - ok
10:54:17.0720 0x0888  VGPU - ok
10:54:17.0740 0x0888  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
10:54:17.0746 0x0888  vhdmp - ok
10:54:17.0751 0x0888  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
10:54:17.0752 0x0888  viaide - ok
10:54:17.0773 0x0888  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
10:54:17.0779 0x0888  vmbus - ok
10:54:17.0794 0x0888  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
10:54:17.0796 0x0888  VMBusHID - ok
10:54:17.0803 0x0888  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
10:54:17.0805 0x0888  volmgr - ok
10:54:17.0832 0x0888  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
10:54:17.0841 0x0888  volmgrx - ok
10:54:17.0854 0x0888  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
10:54:17.0860 0x0888  volsnap - ok
10:54:17.0874 0x0888  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
10:54:17.0878 0x0888  vsmraid - ok
10:54:17.0936 0x0888  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
10:54:17.0976 0x0888  VSS - ok
10:54:17.0985 0x0888  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
10:54:17.0987 0x0888  vwifibus - ok
10:54:18.0010 0x0888  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
10:54:18.0019 0x0888  W32Time - ok
10:54:18.0039 0x0888  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
10:54:18.0041 0x0888  WacomPen - ok
10:54:18.0061 0x0888  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
10:54:18.0063 0x0888  WANARP - ok
10:54:18.0068 0x0888  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
10:54:18.0071 0x0888  Wanarpv6 - ok
10:54:18.0154 0x0888  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
10:54:18.0191 0x0888  wbengine - ok
10:54:18.0208 0x0888  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
10:54:18.0214 0x0888  WbioSrvc - ok
10:54:18.0234 0x0888  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
10:54:18.0245 0x0888  wcncsvc - ok
10:54:18.0251 0x0888  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:54:18.0254 0x0888  WcsPlugInService - ok
10:54:18.0261 0x0888  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
10:54:18.0262 0x0888  Wd - ok
10:54:18.0289 0x0888  [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
10:54:18.0304 0x0888  Wdf01000 - ok
10:54:18.0322 0x0888  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
10:54:18.0326 0x0888  WdiServiceHost - ok
10:54:18.0332 0x0888  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost   C:\Windows\system32\wdi.dll
10:54:18.0334 0x0888  WdiSystemHost - ok
10:54:18.0354 0x0888  [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient       C:\Windows\System32\webclnt.dll
10:54:18.0363 0x0888  WebClient - ok
10:54:18.0377 0x0888  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
10:54:18.0384 0x0888  Wecsvc - ok
10:54:18.0404 0x0888  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
10:54:18.0408 0x0888  wercplsupport - ok
10:54:18.0431 0x0888  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
10:54:18.0435 0x0888  WerSvc - ok
10:54:18.0445 0x0888  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
10:54:18.0446 0x0888  WfpLwf - ok
10:54:18.0463 0x0888  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
10:54:18.0465 0x0888  WIMMount - ok
10:54:18.0474 0x0888  WinDefend - ok
10:54:18.0482 0x0888  WinHttpAutoProxySvc - ok
10:54:18.0532 0x0888  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
10:54:18.0539 0x0888  Winmgmt - ok
10:54:18.0622 0x0888  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM           C:\Windows\system32\WsmSvc.dll
10:54:18.0670 0x0888  WinRM - ok
10:54:18.0731 0x0888  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
10:54:18.0753 0x0888  Wlansvc - ok
10:54:18.0782 0x0888  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
10:54:18.0783 0x0888  WmiAcpi - ok
10:54:18.0806 0x0888  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
10:54:18.0812 0x0888  wmiApSrv - ok
10:54:18.0836 0x0888  WMPNetworkSvc - ok
10:54:18.0845 0x0888  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
10:54:18.0848 0x0888  WPCSvc - ok
10:54:18.0863 0x0888  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
10:54:18.0868 0x0888  WPDBusEnum - ok
10:54:18.0884 0x0888  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
10:54:18.0885 0x0888  ws2ifsl - ok
10:54:18.0895 0x0888  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
10:54:18.0900 0x0888  wscsvc - ok
10:54:18.0905 0x0888  WSearch - ok
10:54:18.0981 0x0888  [ 9DF12EDBC698B0BC353B3EF84861E430, 5777972DC6242096EE2D4DAEEFC822DE9077560322DED7B9696BB23B7C240403 ] wuauserv        C:\Windows\system32\wuaueng.dll
10:54:19.0040 0x0888  wuauserv - ok
10:54:19.0053 0x0888  [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
10:54:19.0056 0x0888  WudfPf - ok
10:54:19.0089 0x0888  [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
10:54:19.0094 0x0888  WUDFRd - ok
10:54:19.0114 0x0888  [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
10:54:19.0117 0x0888  wudfsvc - ok
10:54:19.0137 0x0888  [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc         C:\Windows\System32\wwansvc.dll
10:54:19.0145 0x0888  WwanSvc - ok
10:54:19.0151 0x0888  ================ Scan global ===============================
10:54:19.0176 0x0888  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:54:19.0208 0x0888  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
10:54:19.0222 0x0888  [ E0406AEF04B088D1C49FC78D0546F689, 7ADD4D1C174FAA5405BD94BAF104A5DD56BE00DBDC1ED9F069A95430A7B264AA ] C:\Windows\system32\winsrv.dll
10:54:19.0246 0x0888  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:54:19.0267 0x0888  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:54:19.0275 0x0888  [ Global ] - ok
10:54:19.0275 0x0888  ================ Scan MBR ==================================
10:54:19.0284 0x0888  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
10:54:19.0787 0x0888  \Device\Harddisk0\DR0 - ok
10:54:19.0788 0x0888  ================ Scan VBR ==================================
10:54:19.0791 0x0888  [ 1C3F083C992E1A19215D868DEE3EE8A6 ] \Device\Harddisk0\DR0\Partition1
10:54:19.0791 0x0888  \Device\Harddisk0\DR0\Partition1 - ok
10:54:19.0792 0x0888  ================ Scan generic autorun ======================
10:54:19.0867 0x0888  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:19.0893 0x0888  Sidebar - ok
10:54:19.0919 0x0888  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:19.0922 0x0888  mctadmin - ok
10:54:19.0955 0x0888  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:54:19.0974 0x0888  Sidebar - ok
10:54:19.0983 0x0888  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:54:19.0986 0x0888  mctadmin - ok
10:54:19.0989 0x0888  Waiting for KSN requests completion. In queue: 268
10:54:20.0989 0x0888  Waiting for KSN requests completion. In queue: 268
10:54:21.0989 0x0888  Waiting for KSN requests completion. In queue: 268
10:54:23.0005 0x0888  Win FW state via NFP2: enabled
10:54:25.0653 0x0888  ============================================================
10:54:25.0653 0x0888  Scan finished
10:54:25.0653 0x0888  ============================================================
10:54:25.0664 0x0290  Detected object count: 0
10:54:25.0664 0x0290  Actual detected object count: 0
 
 
-----------------------------------------------
 
 
Thank you for your fast reply!

Edited by hitom, 05 August 2014 - 03:58 AM.


#5 Condobloke

Condobloke

    Outback Aussie @ 54.2101 N, 0.2906 W


  • Members
  • 5,585 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:16 PM

Posted 06 August 2014 - 09:38 PM

sorry this reply was not as quick......life happens !

 

Your TDSS scan is all clear.

 

 

I think it may be a good idea to run a few other tools just to be sure.

 

 

Please download AdwCleaner by Xplode and save to your Desktop.
 * Double-click on AdwCleaner.exe to run the tool.
 * Vista / Windows 7 / 8 users right-click and select Run As Administrator.
 * Click on the Scan button (only once)
 * AdwCleaner will begin...be patient as the scan may take some time to complete.
 * After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
* Check the removals and see if you are OK with the list.

* Now
 * Click on the Clean button (only once)
 * Press OK when asked to close all programs and follow the onscreen prompts.
 * Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
 * After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
 * Copy and Paste the contents of that logfile in your next reply.

* A copy of all logfiles are also saved in the C:\AdwCleaner folder which was created when running the tool.

 

 

 

Please download Junkware Removal Toolby Thisisu

Open your browser and go to Downloads, then click on the Junkware Removal Tool to install it.

Click on Run to initiate the installation.

To avoid potential conflicts, Temporarily Disable your Antivirus

You may want to be offline when you do this.

Run the tool by double-clicking it.

If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select Run as Administrator.

The tool will open and start scanning your system.

Please be patient as this can take a while to complete depending on your system's specifications.

On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Copy and Paste this in your next post..

 

 

and lastly.....(be aware that Eset will take a long time......up to three hours is not unusual)

 

 

 

 

Run the ESET Online Scanner.
    Hold down Control and click on this link link to open ESET OnlineScan in a new window.
   
    For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    Double click on the esetsmartinstaller_enu.png icon on your desktop.
    Check "YES, I accept the Terms of Use."
    Click the Start button.
    Accept any security warnings from your browser.
    Under scan settings, check "Scan Archives" and "Remove found threats"
    ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
    When the scan completes, click List Threats
    Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
    Click the Back button.
    Click the Finish button.
    NOTE:Sometimes if ESET finds no infections it will not create a log.


Condobloke

Outback Australian  

 

fed up with Windows antics...??

 

LINUX IS THE ANSWER

 

I USE LINUX MINT 18.3  EXCLUSIVELY.

 Failure is not an option. It comes bundled with your Microsoft product.

 

Success is not Final, Failure is not Fatal,

 

It is the Courage to Continue that Counts.

W.C. 4th June 1940

 

 

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users