| |
| |||||||
Log-Analyse und Auswertung: BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
19.11.2013, 13:50
| #1 |
| |  BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Hallo zusammen, mir wurden von Avira vorhin 2 BooTDSS.O auf dem PC gemeldet, obwohl ich Windows bereits neu installiert habe. Daraufhin habe ich meine wichtigen persönlichen Dokumente nochmal im abgesicherten Modus auf einem externen Datenträger gespeichert. Jetzt bin ich im Internet auf diese Seite gestoßen und habe gelesen, dass jemand das gleiche Problem hatte und habe die ersten Schritte, die ihm geraten wurden, befolgt. Ich habe gelesen, dass es bei einer Systemwiederherstellung wahrscheinlich nur inaktive Reste des Virus sind. Ich habe zuerst einen TDSSKiller runtergeladen und einen Scan vornehmen lassen. Anschließend habe ich den FRST noch scannen lassen. Jetzt hoffe ich, dass mir jemand weiterhelfen, kann und meine Beschreibung ausreicht. Leider kann ich die Logfiles nicht anhängen, da sie zu groß sind. Könntet ihr mir bitte in der Antwort kurz einen Tipp geben? Viele Grüße und vielen Dank schonmal, Phileas Geändert von Phileas Fogg (19.11.2013 um 14:13 Uhr) |
|
19.11.2013, 13:51
| #2 | |
| /// TB-Ausbilder   | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Hi,
__________________Zitat:
Falls die Logfiles zu gross dafür sind, dann (und nur dann) packe sie in ein zip-Archiv (Rechtsklick drauf -> Senden an -> zip-komprimierten Ordner) und hänge sie an.
__________________ |
|
19.11.2013, 13:57
| #3 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Wow, das ging aber schnell!
__________________Hier der TDSSKiller Code:
ATTFilter 13:22:40.0925 0x03fc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
13:22:47.0633 0x03fc ============================================================
13:22:47.0633 0x03fc Current date / time: 2013/11/19 13:22:47.0633
13:22:47.0633 0x03fc SystemInfo:
13:22:47.0633 0x03fc
13:22:47.0633 0x03fc OS Version: 6.1.7601 ServicePack: 1.0
13:22:47.0633 0x03fc Product type: Workstation
13:22:47.0633 0x03fc ComputerName: CHRISSI-PC
13:22:47.0633 0x03fc UserName: Chrissi
13:22:47.0633 0x03fc Windows directory: C:\Windows
13:22:47.0633 0x03fc System windows directory: C:\Windows
13:22:47.0633 0x03fc Running under WOW64
13:22:47.0633 0x03fc Processor architecture: Intel x64
13:22:47.0633 0x03fc Number of processors: 4
13:22:47.0633 0x03fc Page size: 0x1000
13:22:47.0633 0x03fc Boot type: Normal boot
13:22:47.0633 0x03fc ============================================================
13:22:47.0852 0x03fc KLMD registered as C:\Windows\system32\drivers\87905814.sys
13:22:48.0023 0x03fc System UUID: {39B5CCD5-F467-DA7B-708C-743E160BC054}
13:22:48.0507 0x03fc Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:22:48.0507 0x03fc ============================================================
13:22:48.0507 0x03fc \Device\Harddisk0\DR0:
13:22:48.0507 0x03fc MBR partitions:
13:22:48.0507 0x03fc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
13:22:48.0507 0x03fc ============================================================
13:22:48.0554 0x03fc C: <-> \Device\Harddisk0\DR0\Partition1
13:22:48.0554 0x03fc ============================================================
13:22:48.0554 0x03fc Initialize success
13:22:48.0554 0x03fc ============================================================
13:22:51.0331 0x0d60 ============================================================
13:22:51.0331 0x0d60 Scan started
13:22:51.0331 0x0d60 Mode: Manual;
13:22:51.0331 0x0d60 ============================================================
13:22:51.0331 0x0d60 KSN ping started
13:23:05.0152 0x0d60 KSN ping finished: true
13:23:05.0355 0x0d60 ================ Scan system memory ========================
13:23:05.0355 0x0d60 Scan was interrupted by user!
13:23:05.0433 0x0d60 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
13:23:05.0433 0x0d60 Win FW state via NFP2: enabled
13:23:07.0960 0x0d60 ============================================================
13:23:07.0960 0x0d60 Scan finished
13:23:07.0960 0x0d60 ============================================================
13:23:07.0960 0x0cd8 Detected object count: 0
13:23:07.0960 0x0cd8 Actual detected object count: 0
13:23:41.0750 0x1264 ============================================================
13:23:41.0750 0x1264 Scan started
13:23:41.0750 0x1264 Mode: Manual; SigCheck; TDLFS;
13:23:41.0750 0x1264 ============================================================
13:23:41.0750 0x1264 KSN ping started
13:23:44.0168 0x1264 KSN ping finished: true
13:23:44.0277 0x1264 ================ Scan system memory ========================
13:23:44.0277 0x1264 System memory - ok
13:23:44.0277 0x1264 ================ Scan services =============================
13:23:44.0511 0x1264 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:23:44.0636 0x1264 1394ohci - ok
13:23:44.0698 0x1264 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:23:44.0714 0x1264 ACPI - ok
13:23:44.0761 0x1264 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:23:44.0854 0x1264 AcpiPmi - ok
13:23:44.0948 0x1264 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:23:44.0964 0x1264 AdobeARMservice - ok
13:23:45.0104 0x1264 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:23:45.0120 0x1264 AdobeFlashPlayerUpdateSvc - ok
13:23:45.0213 0x1264 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:23:45.0260 0x1264 adp94xx - ok
13:23:45.0291 0x1264 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:23:45.0322 0x1264 adpahci - ok
13:23:45.0354 0x1264 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:23:45.0369 0x1264 adpu320 - ok
13:23:45.0416 0x1264 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:23:45.0619 0x1264 AeLookupSvc - ok
13:23:45.0681 0x1264 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
13:23:45.0728 0x1264 AFD - ok
13:23:45.0759 0x1264 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:23:45.0790 0x1264 agp440 - ok
13:23:45.0822 0x1264 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:23:45.0915 0x1264 ALG - ok
13:23:45.0946 0x1264 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:23:45.0978 0x1264 aliide - ok
13:23:46.0009 0x1264 [ F687D4976EFF550FB0BE45A5CB19F18F, 96AEFAB5B1960DFBFB9F1C74A1C2A03E765B7807985A75D6689E00EE6C23BE34 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:23:46.0102 0x1264 AMD External Events Utility - ok
13:23:46.0118 0x1264 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:23:46.0149 0x1264 amdide - ok
13:23:46.0165 0x1264 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:23:46.0258 0x1264 AmdK8 - ok
13:23:46.0508 0x1264 [ 74687C33C4AD25A975BBB1EA1E8B3884, 30A53DF35C013DFE28C6FC200E93ABCA47BDE9104215ABC9E14E435B9FDBE4E1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:23:46.0960 0x1264 amdkmdag - ok
13:23:46.0992 0x1264 [ C7F56ED86327A78E7F8A5CC503A98BD6, 4DA79D45CCDC47380C67889F842454D18C5B140A71A7AF11A63206FF74C2E2B3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
13:23:47.0038 0x1264 amdkmdap - ok
13:23:47.0070 0x1264 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:23:47.0085 0x1264 AmdPPM - ok
13:23:47.0148 0x1264 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:23:47.0194 0x1264 amdsata - ok
13:23:47.0226 0x1264 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:23:47.0257 0x1264 amdsbs - ok
13:23:47.0288 0x1264 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:23:47.0288 0x1264 amdxata - ok
13:23:47.0413 0x1264 [ 010FB73DB0B4BDAE8C2EB2E561EBE0E3, E2AE4588841A944478485CFCFE1FEA34C04327B32FB0AFF31962C03098D11A46 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
13:23:47.0460 0x1264 AntiVirMailService - ok
13:23:47.0522 0x1264 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:23:47.0553 0x1264 AntiVirSchedulerService - ok
13:23:47.0616 0x1264 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:23:47.0631 0x1264 AntiVirService - ok
13:23:47.0678 0x1264 [ 48543D304F54C8997462208555662BA4, ADA3B62E6D1513FF24D044B03EFCBBD4268DB32C213F575D8AD3867D3F82B340 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
13:23:47.0709 0x1264 AntiVirWebService - ok
13:23:47.0756 0x1264 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
13:23:48.0006 0x1264 AppID - ok
13:23:48.0052 0x1264 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:23:48.0146 0x1264 AppIDSvc - ok
13:23:48.0193 0x1264 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
13:23:48.0286 0x1264 Appinfo - ok
13:23:48.0318 0x1264 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:23:48.0333 0x1264 arc - ok
13:23:48.0349 0x1264 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:23:48.0364 0x1264 arcsas - ok
13:23:48.0380 0x1264 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:23:48.0442 0x1264 AsyncMac - ok
13:23:48.0505 0x1264 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:23:48.0536 0x1264 atapi - ok
13:23:48.0567 0x1264 [ FBBE79D7445AA4494E069A0B91F9417B, 5C5EB5C27324129702D040FE9C63D2D67853E12A6E19164A805A9EE0DC4C5463 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
13:23:48.0614 0x1264 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
13:23:48.0723 0x1264 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
13:23:51.0266 0x1264 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:23:51.0360 0x1264 AudioEndpointBuilder - ok
13:23:51.0391 0x1264 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:23:51.0438 0x1264 AudioSrv - ok
13:23:51.0484 0x1264 [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:23:51.0531 0x1264 avgntflt - ok
13:23:51.0578 0x1264 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:23:51.0594 0x1264 avipbb - ok
13:23:51.0625 0x1264 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:23:51.0640 0x1264 avkmgr - ok
13:23:51.0703 0x1264 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:23:51.0828 0x1264 AxInstSV - ok
13:23:51.0906 0x1264 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:23:51.0984 0x1264 b06bdrv - ok
13:23:52.0062 0x1264 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:23:52.0124 0x1264 b57nd60a - ok
13:23:52.0327 0x1264 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
13:23:52.0420 0x1264 BCM43XX - ok
13:23:52.0467 0x1264 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:23:52.0545 0x1264 BDESVC - ok
13:23:52.0576 0x1264 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:23:52.0654 0x1264 Beep - ok
13:23:52.0748 0x1264 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:23:52.0857 0x1264 BFE - ok
13:23:52.0888 0x1264 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:23:52.0998 0x1264 BITS - ok
13:23:53.0029 0x1264 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:23:53.0060 0x1264 blbdrive - ok
13:23:53.0107 0x1264 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:23:53.0200 0x1264 bowser - ok
13:23:53.0216 0x1264 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:23:53.0310 0x1264 BrFiltLo - ok
13:23:53.0325 0x1264 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:23:53.0356 0x1264 BrFiltUp - ok
13:23:53.0403 0x1264 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:23:53.0450 0x1264 Browser - ok
13:23:53.0466 0x1264 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:23:53.0575 0x1264 Brserid - ok
13:23:53.0606 0x1264 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:23:53.0637 0x1264 BrSerWdm - ok
13:23:53.0653 0x1264 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:23:53.0715 0x1264 BrUsbMdm - ok
13:23:53.0731 0x1264 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:23:53.0778 0x1264 BrUsbSer - ok
13:23:53.0824 0x1264 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
13:23:53.0856 0x1264 BTATH_BUS - ok
13:23:53.0902 0x1264 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:23:53.0949 0x1264 BTHMODEM - ok
13:23:54.0012 0x1264 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:23:54.0090 0x1264 bthserv - ok
13:23:54.0152 0x1264 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:23:54.0199 0x1264 cdfs - ok
13:23:54.0261 0x1264 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
13:23:54.0308 0x1264 cdrom - ok
13:23:54.0370 0x1264 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:23:54.0448 0x1264 CertPropSvc - ok
13:23:54.0480 0x1264 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:23:54.0526 0x1264 circlass - ok
13:23:54.0558 0x1264 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:23:54.0589 0x1264 CLFS - ok
13:23:54.0698 0x1264 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:23:54.0714 0x1264 clr_optimization_v2.0.50727_32 - ok
13:23:54.0823 0x1264 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:23:54.0838 0x1264 clr_optimization_v2.0.50727_64 - ok
13:23:54.0994 0x1264 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:23:55.0010 0x1264 clr_optimization_v4.0.30319_32 - ok
13:23:55.0088 0x1264 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:23:55.0104 0x1264 clr_optimization_v4.0.30319_64 - ok
13:23:55.0135 0x1264 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:23:55.0166 0x1264 CmBatt - ok
13:23:55.0197 0x1264 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:23:55.0228 0x1264 cmdide - ok
13:23:55.0291 0x1264 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
13:23:55.0400 0x1264 CNG - ok
13:23:55.0416 0x1264 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:23:55.0431 0x1264 Compbatt - ok
13:23:55.0494 0x1264 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:23:55.0556 0x1264 CompositeBus - ok
13:23:55.0556 0x1264 COMSysApp - ok
13:23:55.0587 0x1264 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:23:55.0603 0x1264 crcdisk - ok
13:23:55.0665 0x1264 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:23:55.0728 0x1264 CryptSvc - ok
13:23:55.0806 0x1264 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:23:55.0915 0x1264 DcomLaunch - ok
13:23:55.0962 0x1264 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:23:56.0024 0x1264 defragsvc - ok
13:23:56.0086 0x1264 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:23:56.0180 0x1264 DfsC - ok
13:23:56.0258 0x1264 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:23:56.0367 0x1264 Dhcp - ok
13:23:56.0398 0x1264 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:23:56.0430 0x1264 discache - ok
13:23:56.0492 0x1264 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:23:56.0523 0x1264 Disk - ok
13:23:56.0570 0x1264 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:23:56.0679 0x1264 Dnscache - ok
13:23:56.0710 0x1264 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:23:56.0820 0x1264 dot3svc - ok
13:23:56.0898 0x1264 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:23:56.0944 0x1264 DPS - ok
13:23:57.0007 0x1264 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:23:57.0054 0x1264 drmkaud - ok
13:23:57.0116 0x1264 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
13:23:57.0147 0x1264 DsiWMIService - ok
13:23:57.0225 0x1264 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:23:57.0272 0x1264 DXGKrnl - ok
13:23:57.0303 0x1264 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:23:57.0381 0x1264 EapHost - ok
13:23:57.0522 0x1264 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:23:57.0740 0x1264 ebdrv - ok
13:23:57.0771 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
13:23:57.0849 0x1264 EFS - ok
13:23:57.0958 0x1264 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:23:58.0083 0x1264 ehRecvr - ok
13:23:58.0146 0x1264 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:23:58.0255 0x1264 ehSched - ok
13:23:58.0302 0x1264 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:23:58.0364 0x1264 elxstor - ok
13:23:58.0489 0x1264 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
13:23:58.0536 0x1264 ePowerSvc - ok
13:23:58.0551 0x1264 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:23:58.0598 0x1264 ErrDev - ok
13:23:58.0707 0x1264 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:23:58.0801 0x1264 EventSystem - ok
13:23:58.0863 0x1264 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:23:58.0972 0x1264 exfat - ok
13:23:58.0988 0x1264 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:23:59.0050 0x1264 fastfat - ok
13:23:59.0128 0x1264 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:23:59.0238 0x1264 Fax - ok
13:23:59.0269 0x1264 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:23:59.0300 0x1264 fdc - ok
13:23:59.0331 0x1264 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:23:59.0394 0x1264 fdPHost - ok
13:23:59.0409 0x1264 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:23:59.0472 0x1264 FDResPub - ok
13:23:59.0503 0x1264 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:23:59.0518 0x1264 FileInfo - ok
13:23:59.0534 0x1264 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:23:59.0628 0x1264 Filetrace - ok
13:23:59.0643 0x1264 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:23:59.0690 0x1264 flpydisk - ok
13:23:59.0721 0x1264 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:23:59.0768 0x1264 FltMgr - ok
13:23:59.0846 0x1264 [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache C:\Windows\system32\FntCache.dll
13:23:59.0955 0x1264 FontCache - ok
13:24:00.0033 0x1264 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:24:00.0049 0x1264 FontCache3.0.0.0 - ok
13:24:00.0080 0x1264 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:24:00.0096 0x1264 FsDepends - ok
13:24:00.0142 0x1264 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:24:00.0158 0x1264 Fs_Rec - ok
13:24:00.0220 0x1264 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:24:00.0267 0x1264 fvevol - ok
13:24:00.0298 0x1264 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:24:00.0314 0x1264 gagp30kx - ok
13:24:00.0345 0x1264 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:24:00.0408 0x1264 gpsvc - ok
13:24:00.0423 0x1264 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:24:00.0454 0x1264 hcw85cir - ok
13:24:00.0532 0x1264 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:24:00.0626 0x1264 HdAudAddService - ok
13:24:00.0657 0x1264 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:24:00.0704 0x1264 HDAudBus - ok
13:24:00.0751 0x1264 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
13:24:00.0766 0x1264 HECIx64 - ok
13:24:00.0813 0x1264 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:24:00.0860 0x1264 HidBatt - ok
13:24:00.0891 0x1264 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:24:00.0954 0x1264 HidBth - ok
13:24:00.0969 0x1264 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:24:01.0016 0x1264 HidIr - ok
13:24:01.0063 0x1264 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:24:01.0110 0x1264 hidserv - ok
13:24:01.0125 0x1264 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:24:01.0156 0x1264 HidUsb - ok
13:24:01.0188 0x1264 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:24:01.0281 0x1264 hkmsvc - ok
13:24:01.0312 0x1264 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:24:01.0406 0x1264 HomeGroupListener - ok
13:24:01.0453 0x1264 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:24:01.0484 0x1264 HomeGroupProvider - ok
13:24:01.0515 0x1264 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:24:01.0531 0x1264 HpSAMD - ok
13:24:01.0593 0x1264 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:24:01.0702 0x1264 HTTP - ok
13:24:01.0734 0x1264 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:24:01.0749 0x1264 hwpolicy - ok
13:24:01.0780 0x1264 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:24:01.0812 0x1264 i8042prt - ok
13:24:01.0874 0x1264 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
13:24:01.0890 0x1264 iaStor - ok
13:24:01.0952 0x1264 [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
13:24:01.0952 0x1264 IAStorDataMgrSvc - ok
13:24:02.0014 0x1264 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:24:02.0061 0x1264 iaStorV - ok
13:24:02.0108 0x1264 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:24:02.0186 0x1264 idsvc - ok
13:24:02.0217 0x1264 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:24:02.0233 0x1264 iirsp - ok
13:24:02.0295 0x1264 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
13:24:02.0420 0x1264 IKEEXT - ok
13:24:02.0576 0x1264 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:24:02.0654 0x1264 IntcAzAudAddService - ok
13:24:02.0670 0x1264 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:24:02.0685 0x1264 intelide - ok
13:24:02.0701 0x1264 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:24:02.0716 0x1264 intelppm - ok
13:24:02.0748 0x1264 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:24:02.0841 0x1264 IPBusEnum - ok
13:24:02.0888 0x1264 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:24:02.0935 0x1264 IpFilterDriver - ok
13:24:02.0982 0x1264 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:24:03.0044 0x1264 iphlpsvc - ok
13:24:03.0075 0x1264 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:24:03.0122 0x1264 IPMIDRV - ok
13:24:03.0138 0x1264 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:24:03.0184 0x1264 IPNAT - ok
13:24:03.0200 0x1264 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:24:03.0216 0x1264 IRENUM - ok
13:24:03.0231 0x1264 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:24:03.0247 0x1264 isapnp - ok
13:24:03.0294 0x1264 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:24:03.0325 0x1264 iScsiPrt - ok
13:24:03.0372 0x1264 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:24:03.0387 0x1264 k57nd60a - ok
13:24:03.0450 0x1264 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:24:03.0481 0x1264 kbdclass - ok
13:24:03.0528 0x1264 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:24:03.0574 0x1264 kbdhid - ok
13:24:03.0590 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
13:24:03.0606 0x1264 KeyIso - ok
13:24:03.0637 0x1264 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:24:03.0668 0x1264 KSecDD - ok
13:24:03.0684 0x1264 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:24:03.0715 0x1264 KSecPkg - ok
13:24:03.0730 0x1264 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:24:03.0793 0x1264 ksthunk - ok
13:24:03.0855 0x1264 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:24:03.0980 0x1264 KtmRm - ok
13:24:04.0011 0x1264 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:24:04.0074 0x1264 LanmanServer - ok
13:24:04.0105 0x1264 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:24:04.0167 0x1264 LanmanWorkstation - ok
13:24:04.0214 0x1264 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:24:04.0276 0x1264 lltdio - ok
13:24:04.0339 0x1264 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:24:04.0432 0x1264 lltdsvc - ok
13:24:04.0448 0x1264 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:24:04.0526 0x1264 lmhosts - ok
13:24:04.0604 0x1264 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
13:24:04.0635 0x1264 LMS - ok
13:24:04.0651 0x1264 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:24:04.0682 0x1264 LSI_FC - ok
13:24:04.0713 0x1264 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:24:04.0744 0x1264 LSI_SAS - ok
13:24:04.0776 0x1264 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:24:04.0791 0x1264 LSI_SAS2 - ok
13:24:04.0807 0x1264 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:24:04.0822 0x1264 LSI_SCSI - ok
13:24:04.0838 0x1264 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:24:04.0885 0x1264 luafv - ok
13:24:04.0932 0x1264 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:24:04.0963 0x1264 Mcx2Svc - ok
13:24:04.0978 0x1264 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:24:04.0994 0x1264 megasas - ok
13:24:05.0010 0x1264 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:24:05.0041 0x1264 MegaSR - ok
13:24:05.0088 0x1264 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:24:05.0166 0x1264 MMCSS - ok
13:24:05.0181 0x1264 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:24:05.0275 0x1264 Modem - ok
13:24:05.0290 0x1264 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:24:05.0322 0x1264 monitor - ok
13:24:05.0353 0x1264 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
13:24:05.0368 0x1264 mouclass - ok
13:24:05.0400 0x1264 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:24:05.0431 0x1264 mouhid - ok
13:24:05.0478 0x1264 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:24:05.0509 0x1264 mountmgr - ok
13:24:05.0556 0x1264 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
13:24:05.0602 0x1264 MozillaMaintenance - ok
13:24:05.0618 0x1264 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:24:05.0649 0x1264 mpio - ok
13:24:05.0649 0x1264 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:24:05.0696 0x1264 mpsdrv - ok
13:24:05.0774 0x1264 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:24:05.0836 0x1264 MpsSvc - ok
13:24:05.0883 0x1264 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:24:05.0914 0x1264 MRxDAV - ok
13:24:05.0946 0x1264 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:24:05.0977 0x1264 mrxsmb - ok
13:24:06.0024 0x1264 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:24:06.0086 0x1264 mrxsmb10 - ok
13:24:06.0102 0x1264 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:24:06.0148 0x1264 mrxsmb20 - ok
13:24:06.0180 0x1264 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:24:06.0195 0x1264 msahci - ok
13:24:06.0226 0x1264 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:24:06.0242 0x1264 msdsm - ok
13:24:06.0273 0x1264 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:24:06.0320 0x1264 MSDTC - ok
13:24:06.0351 0x1264 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:24:06.0382 0x1264 Msfs - ok
13:24:06.0445 0x1264 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:24:06.0507 0x1264 mshidkmdf - ok
13:24:06.0538 0x1264 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:24:06.0554 0x1264 msisadrv - ok
13:24:06.0601 0x1264 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:24:06.0679 0x1264 MSiSCSI - ok
13:24:06.0679 0x1264 msiserver - ok
13:24:06.0710 0x1264 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:24:06.0804 0x1264 MSKSSRV - ok
13:24:06.0835 0x1264 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:24:06.0882 0x1264 MSPCLOCK - ok
13:24:06.0897 0x1264 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:24:06.0960 0x1264 MSPQM - ok
13:24:07.0022 0x1264 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:24:07.0053 0x1264 MsRPC - ok
13:24:07.0084 0x1264 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:24:07.0100 0x1264 mssmbios - ok
13:24:07.0116 0x1264 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:24:07.0178 0x1264 MSTEE - ok
13:24:07.0194 0x1264 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:24:07.0209 0x1264 MTConfig - ok
13:24:07.0225 0x1264 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:24:07.0240 0x1264 Mup - ok
13:24:07.0303 0x1264 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:24:07.0365 0x1264 napagent - ok
13:24:07.0412 0x1264 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:24:07.0459 0x1264 NativeWifiP - ok
13:24:07.0521 0x1264 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:24:07.0552 0x1264 NDIS - ok
13:24:07.0568 0x1264 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:24:07.0630 0x1264 NdisCap - ok
13:24:07.0662 0x1264 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:24:07.0740 0x1264 NdisTapi - ok
13:24:07.0786 0x1264 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:24:07.0880 0x1264 Ndisuio - ok
13:24:07.0911 0x1264 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:24:08.0005 0x1264 NdisWan - ok
13:24:08.0036 0x1264 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:24:08.0083 0x1264 NDProxy - ok
13:24:08.0098 0x1264 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:24:08.0161 0x1264 NetBIOS - ok
13:24:08.0223 0x1264 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:24:08.0301 0x1264 NetBT - ok
13:24:08.0317 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
13:24:08.0332 0x1264 Netlogon - ok
13:24:08.0379 0x1264 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:24:08.0473 0x1264 Netman - ok
13:24:08.0520 0x1264 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:24:08.0598 0x1264 netprofm - ok
13:24:08.0644 0x1264 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
13:24:08.0660 0x1264 NetTcpPortSharing - ok
13:24:08.0691 0x1264 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:24:08.0707 0x1264 nfrd960 - ok
13:24:08.0754 0x1264 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:24:08.0847 0x1264 NlaSvc - ok
13:24:08.0863 0x1264 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:24:08.0910 0x1264 Npfs - ok
13:24:08.0941 0x1264 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:24:09.0019 0x1264 nsi - ok
13:24:09.0050 0x1264 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:24:09.0081 0x1264 nsiproxy - ok
13:24:09.0175 0x1264 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:24:09.0284 0x1264 Ntfs - ok
13:24:09.0300 0x1264 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:24:09.0346 0x1264 Null - ok
13:24:09.0393 0x1264 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:24:09.0409 0x1264 nvraid - ok
13:24:09.0424 0x1264 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:24:09.0456 0x1264 nvstor - ok
13:24:09.0502 0x1264 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:24:09.0534 0x1264 nv_agp - ok
13:24:09.0565 0x1264 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:24:09.0612 0x1264 ohci1394 - ok
13:24:09.0658 0x1264 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:24:09.0721 0x1264 p2pimsvc - ok
13:24:09.0783 0x1264 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:24:09.0877 0x1264 p2psvc - ok
13:24:09.0892 0x1264 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:24:09.0924 0x1264 Parport - ok
13:24:09.0955 0x1264 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:24:09.0986 0x1264 partmgr - ok
13:24:10.0002 0x1264 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
13:24:10.0033 0x1264 PcaSvc - ok
13:24:10.0048 0x1264 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:24:10.0064 0x1264 pci - ok
13:24:10.0095 0x1264 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:24:10.0111 0x1264 pciide - ok
13:24:10.0158 0x1264 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:24:10.0204 0x1264 pcmcia - ok
13:24:10.0220 0x1264 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:24:10.0236 0x1264 pcw - ok
13:24:10.0267 0x1264 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:24:10.0360 0x1264 PEAUTH - ok
13:24:10.0516 0x1264 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:24:10.0579 0x1264 PerfHost - ok
13:24:10.0704 0x1264 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:24:10.0891 0x1264 pla - ok
13:24:10.0969 0x1264 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:24:11.0062 0x1264 PlugPlay - ok
13:24:11.0078 0x1264 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:24:11.0125 0x1264 PNRPAutoReg - ok
13:24:11.0172 0x1264 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:24:11.0187 0x1264 PNRPsvc - ok
13:24:11.0250 0x1264 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:24:11.0359 0x1264 PolicyAgent - ok
13:24:11.0421 0x1264 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:24:11.0499 0x1264 Power - ok
13:24:11.0546 0x1264 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:24:11.0624 0x1264 PptpMiniport - ok
13:24:11.0624 0x1264 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:24:11.0640 0x1264 Processor - ok
13:24:11.0702 0x1264 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
13:24:11.0764 0x1264 ProfSvc - ok
13:24:11.0780 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
13:24:11.0796 0x1264 ProtectedStorage - ok
13:24:11.0842 0x1264 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:24:11.0920 0x1264 Psched - ok
13:24:12.0030 0x1264 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:24:12.0154 0x1264 ql2300 - ok
13:24:12.0186 0x1264 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:24:12.0201 0x1264 ql40xx - ok
13:24:12.0248 0x1264 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:24:12.0295 0x1264 QWAVE - ok
13:24:12.0310 0x1264 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:24:12.0357 0x1264 QWAVEdrv - ok
13:24:12.0373 0x1264 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:24:12.0451 0x1264 RasAcd - ok
13:24:12.0498 0x1264 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:24:12.0560 0x1264 RasAgileVpn - ok
13:24:12.0576 0x1264 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:24:12.0638 0x1264 RasAuto - ok
13:24:12.0685 0x1264 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:24:12.0747 0x1264 Rasl2tp - ok
13:24:12.0810 0x1264 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:24:12.0888 0x1264 RasMan - ok
13:24:12.0919 0x1264 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:24:12.0966 0x1264 RasPppoe - ok
13:24:12.0981 0x1264 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:24:13.0044 0x1264 RasSstp - ok
13:24:13.0090 0x1264 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:24:13.0153 0x1264 rdbss - ok
13:24:13.0168 0x1264 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:24:13.0200 0x1264 rdpbus - ok
13:24:13.0231 0x1264 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:24:13.0278 0x1264 RDPCDD - ok
13:24:13.0324 0x1264 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:24:13.0387 0x1264 RDPENCDD - ok
13:24:13.0418 0x1264 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:24:13.0480 0x1264 RDPREFMP - ok
13:24:13.0512 0x1264 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:24:13.0543 0x1264 RDPWD - ok
13:24:13.0590 0x1264 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:24:13.0636 0x1264 rdyboost - ok
13:24:13.0683 0x1264 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:24:13.0777 0x1264 RemoteAccess - ok
13:24:13.0808 0x1264 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:24:13.0855 0x1264 RemoteRegistry - ok
13:24:13.0902 0x1264 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:24:13.0933 0x1264 RpcEptMapper - ok
13:24:13.0980 0x1264 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:24:14.0011 0x1264 RpcLocator - ok
13:24:14.0058 0x1264 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:24:14.0120 0x1264 RpcSs - ok
13:24:14.0136 0x1264 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:24:14.0182 0x1264 rspndr - ok
13:24:14.0229 0x1264 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
13:24:14.0245 0x1264 RTHDMIAzAudService - ok
13:24:14.0260 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
13:24:14.0276 0x1264 SamSs - ok
13:24:14.0307 0x1264 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:24:14.0338 0x1264 sbp2port - ok
13:24:14.0354 0x1264 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:24:14.0416 0x1264 SCardSvr - ok
13:24:14.0448 0x1264 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:24:14.0526 0x1264 scfilter - ok
13:24:14.0619 0x1264 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:24:14.0713 0x1264 Schedule - ok
13:24:14.0744 0x1264 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:24:14.0791 0x1264 SCPolicySvc - ok
13:24:14.0838 0x1264 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:24:14.0916 0x1264 SDRSVC - ok
13:24:14.0947 0x1264 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:24:15.0009 0x1264 secdrv - ok
13:24:15.0040 0x1264 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:24:15.0118 0x1264 seclogon - ok
13:24:15.0165 0x1264 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:24:15.0212 0x1264 SENS - ok
13:24:15.0228 0x1264 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:24:15.0290 0x1264 SensrSvc - ok
13:24:15.0337 0x1264 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:24:15.0399 0x1264 Serenum - ok
13:24:15.0477 0x1264 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:24:15.0540 0x1264 Serial - ok
13:24:15.0586 0x1264 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:24:15.0618 0x1264 sermouse - ok
13:24:15.0649 0x1264 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:24:15.0727 0x1264 SessionEnv - ok
13:24:15.0758 0x1264 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:24:15.0774 0x1264 sffdisk - ok
13:24:15.0789 0x1264 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:24:15.0836 0x1264 sffp_mmc - ok
13:24:15.0852 0x1264 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:24:15.0883 0x1264 sffp_sd - ok
13:24:15.0914 0x1264 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:24:15.0930 0x1264 sfloppy - ok
13:24:15.0992 0x1264 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:24:16.0101 0x1264 SharedAccess - ok
13:24:16.0148 0x1264 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:24:16.0210 0x1264 ShellHWDetection - ok
13:24:16.0242 0x1264 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:24:16.0257 0x1264 SiSRaid2 - ok
13:24:16.0273 0x1264 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:24:16.0288 0x1264 SiSRaid4 - ok
13:24:16.0320 0x1264 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:24:16.0413 0x1264 Smb - ok
13:24:16.0491 0x1264 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:24:16.0538 0x1264 SNMPTRAP - ok
13:24:16.0569 0x1264 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:24:16.0600 0x1264 spldr - ok
13:24:16.0663 0x1264 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
13:24:16.0710 0x1264 Spooler - ok
13:24:16.0881 0x1264 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:24:17.0068 0x1264 sppsvc - ok
13:24:17.0084 0x1264 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:24:17.0146 0x1264 sppuinotify - ok
13:24:17.0193 0x1264 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:24:17.0240 0x1264 srv - ok
13:24:17.0271 0x1264 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:24:17.0318 0x1264 srv2 - ok
13:24:17.0334 0x1264 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:24:17.0380 0x1264 srvnet - ok
13:24:17.0396 0x1264 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:24:17.0458 0x1264 SSDPSRV - ok
13:24:17.0490 0x1264 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:24:17.0536 0x1264 SstpSvc - ok
13:24:17.0552 0x1264 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:24:17.0568 0x1264 stexstor - ok
13:24:17.0646 0x1264 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:24:17.0724 0x1264 stisvc - ok
13:24:17.0755 0x1264 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:24:17.0770 0x1264 swenum - ok
13:24:17.0833 0x1264 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:24:17.0911 0x1264 swprv - ok
13:24:17.0973 0x1264 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
13:24:18.0004 0x1264 SynTP - ok
13:24:18.0114 0x1264 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:24:18.0192 0x1264 SysMain - ok
13:24:18.0238 0x1264 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:24:18.0285 0x1264 TabletInputService - ok
13:24:18.0332 0x1264 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:24:18.0426 0x1264 TapiSrv - ok
13:24:18.0457 0x1264 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:24:18.0519 0x1264 TBS - ok
13:24:18.0628 0x1264 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:24:18.0769 0x1264 Tcpip - ok
13:24:18.0816 0x1264 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:24:18.0862 0x1264 TCPIP6 - ok
13:24:18.0894 0x1264 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:24:18.0956 0x1264 tcpipreg - ok
13:24:19.0018 0x1264 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:24:19.0065 0x1264 TDPIPE - ok
13:24:19.0096 0x1264 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:24:19.0128 0x1264 TDTCP - ok
13:24:19.0174 0x1264 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:24:19.0221 0x1264 tdx - ok
13:24:19.0252 0x1264 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:24:19.0268 0x1264 TermDD - ok
13:24:19.0330 0x1264 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
13:24:19.0424 0x1264 TermService - ok
13:24:19.0471 0x1264 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:24:19.0502 0x1264 Themes - ok
13:24:19.0518 0x1264 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:24:19.0549 0x1264 THREADORDER - ok
13:24:19.0564 0x1264 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:24:19.0611 0x1264 TrkWks - ok
13:24:19.0689 0x1264 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:24:19.0752 0x1264 TrustedInstaller - ok
13:24:19.0798 0x1264 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:24:19.0845 0x1264 tssecsrv - ok
13:24:19.0892 0x1264 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:24:19.0954 0x1264 TsUsbFlt - ok
13:24:20.0001 0x1264 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:24:20.0064 0x1264 tunnel - ok
13:24:20.0095 0x1264 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:24:20.0110 0x1264 uagp35 - ok
13:24:20.0173 0x1264 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:24:20.0235 0x1264 udfs - ok
13:24:20.0266 0x1264 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:24:20.0298 0x1264 UI0Detect - ok
13:24:20.0329 0x1264 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:24:20.0344 0x1264 uliagpkx - ok
13:24:20.0407 0x1264 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
13:24:20.0438 0x1264 umbus - ok
13:24:20.0469 0x1264 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:24:20.0485 0x1264 UmPass - ok
13:24:20.0641 0x1264 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
13:24:20.0719 0x1264 UNS - ok
13:24:20.0766 0x1264 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:24:20.0844 0x1264 upnphost - ok
13:24:20.0859 0x1264 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:24:20.0937 0x1264 usbccgp - ok
13:24:20.0968 0x1264 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:24:21.0000 0x1264 usbcir - ok
13:24:21.0015 0x1264 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:24:21.0046 0x1264 usbehci - ok
13:24:21.0078 0x1264 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:24:21.0109 0x1264 usbhub - ok
13:24:21.0109 0x1264 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:24:21.0156 0x1264 usbohci - ok
13:24:21.0171 0x1264 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:24:21.0218 0x1264 usbprint - ok
13:24:21.0249 0x1264 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
13:24:21.0296 0x1264 USBSTOR - ok
13:24:21.0312 0x1264 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:24:21.0358 0x1264 usbuhci - ok
13:24:21.0405 0x1264 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:24:21.0452 0x1264 usbvideo - ok
13:24:21.0483 0x1264 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:24:21.0546 0x1264 UxSms - ok
13:24:21.0577 0x1264 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
13:24:21.0592 0x1264 VaultSvc - ok
13:24:21.0608 0x1264 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:24:21.0624 0x1264 vdrvroot - ok
13:24:21.0670 0x1264 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:24:21.0748 0x1264 vds - ok
13:24:21.0780 0x1264 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:24:21.0795 0x1264 vga - ok
13:24:21.0795 0x1264 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:24:21.0842 0x1264 VgaSave - ok
13:24:21.0858 0x1264 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:24:21.0873 0x1264 vhdmp - ok
13:24:21.0904 0x1264 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:24:21.0936 0x1264 viaide - ok
13:24:21.0967 0x1264 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:24:21.0998 0x1264 volmgr - ok
13:24:22.0060 0x1264 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:24:22.0107 0x1264 volmgrx - ok
13:24:22.0138 0x1264 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:24:22.0154 0x1264 volsnap - ok
13:24:22.0201 0x1264 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:24:22.0216 0x1264 vsmraid - ok
13:24:22.0279 0x1264 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:24:22.0404 0x1264 VSS - ok
13:24:22.0419 0x1264 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:24:22.0450 0x1264 vwifibus - ok
13:24:22.0497 0x1264 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:24:22.0544 0x1264 vwififlt - ok
13:24:22.0606 0x1264 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:24:22.0669 0x1264 W32Time - ok
13:24:22.0669 0x1264 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:24:22.0700 0x1264 WacomPen - ok
13:24:22.0747 0x1264 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:24:22.0794 0x1264 WANARP - ok
13:24:22.0809 0x1264 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:24:22.0840 0x1264 Wanarpv6 - ok
13:24:22.0934 0x1264 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:24:23.0074 0x1264 wbengine - ok
13:24:23.0137 0x1264 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:24:23.0199 0x1264 WbioSrvc - ok
13:24:23.0246 0x1264 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:24:23.0340 0x1264 wcncsvc - ok
13:24:23.0371 0x1264 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:24:23.0433 0x1264 WcsPlugInService - ok
13:24:23.0449 0x1264 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:24:23.0464 0x1264 Wd - ok
13:24:23.0542 0x1264 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:24:23.0589 0x1264 Wdf01000 - ok
13:24:23.0605 0x1264 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:24:23.0714 0x1264 WdiServiceHost - ok
13:24:23.0714 0x1264 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:24:23.0745 0x1264 WdiSystemHost - ok
13:24:23.0776 0x1264 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
13:24:23.0854 0x1264 WebClient - ok
13:24:23.0886 0x1264 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:24:23.0964 0x1264 Wecsvc - ok
13:24:23.0995 0x1264 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:24:24.0026 0x1264 wercplsupport - ok
13:24:24.0073 0x1264 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:24:24.0135 0x1264 WerSvc - ok
13:24:24.0166 0x1264 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:24:24.0198 0x1264 WfpLwf - ok
13:24:24.0213 0x1264 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:24:24.0229 0x1264 WIMMount - ok
13:24:24.0244 0x1264 WinDefend - ok
13:24:24.0244 0x1264 WinHttpAutoProxySvc - ok
13:24:24.0338 0x1264 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:24:24.0416 0x1264 Winmgmt - ok
13:24:24.0525 0x1264 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
13:24:24.0634 0x1264 WinRM - ok
13:24:24.0712 0x1264 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:24:24.0806 0x1264 Wlansvc - ok
13:24:24.0853 0x1264 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:24:24.0884 0x1264 WmiAcpi - ok
13:24:24.0915 0x1264 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:24:24.0962 0x1264 wmiApSrv - ok
13:24:24.0978 0x1264 WMPNetworkSvc - ok
13:24:25.0009 0x1264 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:24:25.0040 0x1264 WPCSvc - ok
13:24:25.0071 0x1264 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:24:25.0102 0x1264 WPDBusEnum - ok
13:24:25.0102 0x1264 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:24:25.0165 0x1264 ws2ifsl - ok
13:24:25.0212 0x1264 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:24:25.0243 0x1264 wscsvc - ok
13:24:25.0243 0x1264 WSearch - ok
13:24:25.0399 0x1264 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
13:24:25.0492 0x1264 wuauserv - ok
13:24:25.0508 0x1264 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:24:25.0539 0x1264 WudfPf - ok
13:24:25.0586 0x1264 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:24:25.0633 0x1264 WUDFRd - ok
13:24:25.0664 0x1264 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:24:25.0711 0x1264 wudfsvc - ok
13:24:25.0758 0x1264 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
13:24:25.0836 0x1264 WwanSvc - ok
13:24:25.0851 0x1264 ================ Scan global ===============================
13:24:25.0882 0x1264 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:24:25.0929 0x1264 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
13:24:25.0960 0x1264 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
13:24:26.0007 0x1264 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:24:26.0070 0x1264 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:24:26.0085 0x1264 [ Global ] - ok
13:24:26.0085 0x1264 ================ Scan MBR ==================================
13:24:26.0101 0x1264 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
13:24:26.0647 0x1264 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:24:26.0647 0x1264 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:24:40.0110 0x1264 ================ Scan VBR ==================================
13:24:40.0110 0x1264 [ B5433CC3FFE98B666653ABF5A3617377 ] \Device\Harddisk0\DR0\Partition1
13:24:40.0110 0x1264 \Device\Harddisk0\DR0\Partition1 - ok
13:24:40.0125 0x1264 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
13:24:40.0125 0x1264 Win FW state via NFP2: enabled
13:24:42.0574 0x1264 ============================================================
13:24:42.0574 0x1264 Scan finished
13:24:42.0574 0x1264 ============================================================
13:24:42.0574 0x0f64 Detected object count: 2
13:24:42.0574 0x0f64 Actual detected object count: 2
13:25:49.0702 0x0f64 AtherosSvc ( UnsignedFile.Multi.Generic ) - skipped by user
13:25:49.0702 0x0f64 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Skip
13:25:49.0702 0x0f64 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:25:49.0702 0x0f64 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
13:25:55.0896 0x13d8 Deinitialize success
|
|
19.11.2013, 14:03
| #4 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Ok, dann fehlen nur noch die beiden FRST-Logs. 
__________________ cheers, Leo |
|
19.11.2013, 14:15
| #5 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Entschuldigung, es hat ein bisschen gedauert, bis ich das mit dem .zip raus hatte. Jetzt noch den Addition Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-11-2013
Ran by Chrissi at 2013-11-19 13:28:40
Running from C:\Users\Chrissi\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Acer Crystal Eye webcam (x32 Version: 1.0.3.8)
Acer ePower Management (x32 Version: 5.00.3005)
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.152)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
ATI Catalyst Install Manager (Version: 3.0.778.0)
Avira Antivirus Premium (x32 Version: 14.0.1.719)
Bluetooth Win7 Suite (64) (Version: 7.2.0.56)
Broadcom 802.11 Network Adapter (Version: 5.100.249.2)
Broadcom Gigabit NetLink Controller (Version: 14.0.2.3)
Catalyst Control Center - Branding (x32 Version: 1.00.0000)
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0527.1242.20909)
Catalyst Control Center InstallProxy (x32 Version: 2010.0527.1242.20909)
Catalyst Control Center Localization All (x32 Version: 2010.0527.1242.20909)
CCC Help Chinese Standard (x32 Version: 2010.0527.1241.20909)
CCC Help Chinese Traditional (x32 Version: 2010.0527.1241.20909)
CCC Help Czech (x32 Version: 2010.0527.1241.20909)
CCC Help Danish (x32 Version: 2010.0527.1241.20909)
CCC Help Dutch (x32 Version: 2010.0527.1241.20909)
CCC Help English (x32 Version: 2010.0527.1241.20909)
CCC Help Finnish (x32 Version: 2010.0527.1241.20909)
CCC Help French (x32 Version: 2010.0527.1241.20909)
CCC Help German (x32 Version: 2010.0527.1241.20909)
CCC Help Greek (x32 Version: 2010.0527.1241.20909)
CCC Help Hungarian (x32 Version: 2010.0527.1241.20909)
CCC Help Italian (x32 Version: 2010.0527.1241.20909)
CCC Help Japanese (x32 Version: 2010.0527.1241.20909)
CCC Help Korean (x32 Version: 2010.0527.1241.20909)
CCC Help Norwegian (x32 Version: 2010.0527.1241.20909)
CCC Help Polish (x32 Version: 2010.0527.1241.20909)
CCC Help Portuguese (x32 Version: 2010.0527.1241.20909)
CCC Help Russian (x32 Version: 2010.0527.1241.20909)
CCC Help Spanish (x32 Version: 2010.0527.1241.20909)
CCC Help Swedish (x32 Version: 2010.0527.1241.20909)
CCC Help Thai (x32 Version: 2010.0527.1241.20909)
CCC Help Turkish (x32 Version: 2010.0527.1241.20909)
ccc-core-static (x32 Version: 2010.0527.1242.20909)
ccc-utility64 (Version: 2010.0527.1242.20909)
Cisco EAP-FAST Module (x32 Version: 2.2.14)
Cisco LEAP Module (x32 Version: 1.0.19)
Cisco PEAP Module (x32 Version: 1.1.6)
Intel(R) Management Engine Components (x32 Version: 6.0.0.1179)
Intel(R) Rapid Storage Technology (x32 Version: 9.6.2.1001)
Launch Manager (x32 Version: 4.0.12)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0.1 (x86 de) (x32 Version: 25.0.1)
Mozilla Maintenance Service (x32 Version: 25.0.1)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
PX Profile Update (x32 Version: 1.00.1.)
Realtek HDMI Audio Driver for ATI (x32 Version: 6.0.1.6034)
Realtek High Definition Audio Driver (x32 Version: 6.0.1.6141)
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
==================== Restore Points =========================
19-11-2013 08:22:02 Windows 7 Service Pack 1
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {72199238-7757-42DF-9097-1BCB6CCC0899} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-11-17] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2010-03-26 10:41 - 2010-03-26 10:41 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2010-05-27 12:40 - 2010-05-27 12:40 - 00270336 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-11-17 11:22 - 2013-11-17 11:17 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2009-05-20 14:02 - 2011-11-08 19:56 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll
2013-11-19 10:36 - 2013-11-19 10:36 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\939daa9c24a14d0673e781725dcf0b9d\IsdiInterop.ni.dll
2013-11-14 16:35 - 2010-04-13 09:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Framework, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Tasks, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "CustomMarshalers, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=amd64" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Engine, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Engine, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Utilities, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:18:42 AM) (Source: ESENT) (User: )
Description: WinMail (2664) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (11/19/2013 10:18:33 AM) (Source: ESENT) (User: )
Description: WinMail (2156) WindowsMail0: Die Sicherung wurde abgebrochen, weil sie vom Client angehalten wurde, oder weil die Verbindung mit dem Client unterbrochen wurde.
Error: (11/19/2013 10:15:24 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "SMDiagnostics, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:10:29 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
System errors:
=============
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:24 PM) (Source: DCOM) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
Error: (11/19/2013 01:02:22 PM) (Source: DCOM) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Error: (11/19/2013 01:02:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Error: (11/19/2013 01:02:20 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Netzwerklistendienst" ist vom Dienst "NLA (Network Location Awareness)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1068
Microsoft Office Sessions:
=========================
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Framework, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Tasks, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:12 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "CustomMarshalers, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=amd64" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Engine, Version=3.5.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Engine, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:20:11 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to execute command from the offline queue: uninstall "Microsoft.Build.Utilities, Version=2.0.0.0, Culture=Neutral, PublicKeyToken=b03f5f7f11d50a3a, processorArchitecture=msil" /NoDependencies . The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:18:42 AM) (Source: ESENT)(User: )
Description: WinMail2664WindowsMail0:
Error: (11/19/2013 10:18:33 AM) (Source: ESENT)(User: )
Description: WinMail2156WindowsMail0:
Error: (11/19/2013 10:15:24 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_32) - Failed to execute command from the offline queue: uninstall "SMDiagnostics, Version=3.0.0.0, Culture=Neutral, PublicKeyToken=b77a5c561934e089, processorArchitecture=msil". The error returned was Error: The specified assembly is not installed.
.
Error: (11/19/2013 10:10:29 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35 . Error code = 0x80070020
System.Management.Automation, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35
==================== Memory info ===========================
Percentage of memory in use: 29%
Total physical RAM: 3958.71 MB
Available physical RAM: 2774.09 MB
Total Pagefile: 7915.61 MB
Available Pagefile: 6290.98 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:284.99 GB) (Free:248.08 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: BE159B89)
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3
==================== End Of Log ============================
|
|
19.11.2013, 14:20
| #6 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Das ist in der Tat nur noch ein inaktiver Überrest. Aber lassen wir das auch noch verschwinden: Schritt 1 Starte bitte TDSSkiller.exe.
Schritt 2 Lade dir ListParts (von Farbar) herunter und speichere es auf den Desktop.
__________________ --> BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 |
|
19.11.2013, 14:32
| #7 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Schritt 1 Code:
ATTFilter 14:22:25.0205 0x1098 TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
14:22:29.0816 0x1098 ============================================================
14:22:29.0816 0x1098 Current date / time: 2013/11/19 14:22:29.0816
14:22:29.0816 0x1098 SystemInfo:
14:22:29.0816 0x1098
14:22:29.0816 0x1098 OS Version: 6.1.7601 ServicePack: 1.0
14:22:29.0816 0x1098 Product type: Workstation
14:22:29.0817 0x1098 ComputerName: CHRISSI-PC
14:22:29.0817 0x1098 UserName: Chrissi
14:22:29.0817 0x1098 Windows directory: C:\Windows
14:22:29.0817 0x1098 System windows directory: C:\Windows
14:22:29.0817 0x1098 Running under WOW64
14:22:29.0817 0x1098 Processor architecture: Intel x64
14:22:29.0817 0x1098 Number of processors: 4
14:22:29.0817 0x1098 Page size: 0x1000
14:22:29.0817 0x1098 Boot type: Normal boot
14:22:29.0817 0x1098 ============================================================
14:22:30.0036 0x1098 KLMD registered as C:\Windows\system32\drivers\95290357.sys
14:22:30.0191 0x1098 System UUID: {39B5CCD5-F467-DA7B-708C-743E160BC054}
14:22:30.0766 0x1098 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:22:30.0774 0x1098 ============================================================
14:22:30.0774 0x1098 \Device\Harddisk0\DR0:
14:22:30.0774 0x1098 MBR partitions:
14:22:30.0775 0x1098 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
14:22:30.0775 0x1098 ============================================================
14:22:30.0816 0x1098 C: <-> \Device\Harddisk0\DR0\Partition1
14:22:30.0816 0x1098 ============================================================
14:22:30.0817 0x1098 Initialize success
14:22:30.0817 0x1098 ============================================================
14:22:54.0971 0x1314 ============================================================
14:22:54.0971 0x1314 Scan started
14:22:54.0971 0x1314 Mode: Manual; SigCheck; TDLFS;
14:22:54.0971 0x1314 ============================================================
14:22:54.0971 0x1314 KSN ping started
14:23:08.0722 0x1314 KSN ping finished: true
14:23:08.0924 0x1314 ================ Scan system memory ========================
14:23:08.0924 0x1314 System memory - ok
14:23:08.0924 0x1314 ================ Scan services =============================
14:23:09.0218 0x1314 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:23:09.0281 0x1314 1394ohci - ok
14:23:09.0352 0x1314 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:23:09.0380 0x1314 ACPI - ok
14:23:09.0429 0x1314 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:23:09.0447 0x1314 AcpiPmi - ok
14:23:09.0576 0x1314 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:23:09.0598 0x1314 AdobeARMservice - ok
14:23:09.0784 0x1314 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:23:09.0811 0x1314 AdobeFlashPlayerUpdateSvc - ok
14:23:09.0886 0x1314 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:23:09.0920 0x1314 adp94xx - ok
14:23:09.0945 0x1314 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:23:09.0961 0x1314 adpahci - ok
14:23:09.0981 0x1314 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:23:09.0993 0x1314 adpu320 - ok
14:23:10.0032 0x1314 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:23:10.0087 0x1314 AeLookupSvc - ok
14:23:10.0157 0x1314 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
14:23:10.0190 0x1314 AFD - ok
14:23:10.0218 0x1314 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:23:10.0230 0x1314 agp440 - ok
14:23:10.0259 0x1314 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:23:10.0275 0x1314 ALG - ok
14:23:10.0294 0x1314 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:23:10.0304 0x1314 aliide - ok
14:23:10.0345 0x1314 [ F687D4976EFF550FB0BE45A5CB19F18F, 96AEFAB5B1960DFBFB9F1C74A1C2A03E765B7807985A75D6689E00EE6C23BE34 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:23:10.0368 0x1314 AMD External Events Utility - ok
14:23:10.0386 0x1314 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:23:10.0398 0x1314 amdide - ok
14:23:10.0434 0x1314 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:23:10.0451 0x1314 AmdK8 - ok
14:23:10.0693 0x1314 [ 74687C33C4AD25A975BBB1EA1E8B3884, 30A53DF35C013DFE28C6FC200E93ABCA47BDE9104215ABC9E14E435B9FDBE4E1 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:23:10.0879 0x1314 amdkmdag - ok
14:23:10.0923 0x1314 [ C7F56ED86327A78E7F8A5CC503A98BD6, 4DA79D45CCDC47380C67889F842454D18C5B140A71A7AF11A63206FF74C2E2B3 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
14:23:10.0941 0x1314 amdkmdap - ok
14:23:10.0958 0x1314 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:23:10.0971 0x1314 AmdPPM - ok
14:23:11.0018 0x1314 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:23:11.0036 0x1314 amdsata - ok
14:23:11.0107 0x1314 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:23:11.0135 0x1314 amdsbs - ok
14:23:11.0156 0x1314 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:23:11.0166 0x1314 amdxata - ok
14:23:11.0270 0x1314 [ 010FB73DB0B4BDAE8C2EB2E561EBE0E3, E2AE4588841A944478485CFCFE1FEA34C04327B32FB0AFF31962C03098D11A46 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe
14:23:11.0299 0x1314 AntiVirMailService - ok
14:23:11.0360 0x1314 [ 0D1E15010057B8426583A99CB179A6C4, 645C7D27E27AAC4124F7F907374B6A50D07D349B95AA869D7091372BD3AF653B ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:23:11.0383 0x1314 AntiVirSchedulerService - ok
14:23:11.0437 0x1314 [ FDE9C7030FB1E9E2715E113EE6A10F90, 541F278D743C34C6D9940FC1250B90674EB88EC429D481012F27817DAB1B557A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:23:11.0452 0x1314 AntiVirService - ok
14:23:11.0495 0x1314 [ 48543D304F54C8997462208555662BA4, ADA3B62E6D1513FF24D044B03EFCBBD4268DB32C213F575D8AD3867D3F82B340 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\AVWEBGRD.EXE
14:23:11.0524 0x1314 AntiVirWebService - ok
14:23:11.0575 0x1314 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
14:23:11.0628 0x1314 AppID - ok
14:23:11.0665 0x1314 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:23:11.0700 0x1314 AppIDSvc - ok
14:23:11.0724 0x1314 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
14:23:11.0757 0x1314 Appinfo - ok
14:23:11.0786 0x1314 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:23:11.0797 0x1314 arc - ok
14:23:11.0805 0x1314 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:23:11.0816 0x1314 arcsas - ok
14:23:11.0830 0x1314 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:23:11.0863 0x1314 AsyncMac - ok
14:23:11.0915 0x1314 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:23:11.0932 0x1314 atapi - ok
14:23:11.0981 0x1314 [ FBBE79D7445AA4494E069A0B91F9417B, 5C5EB5C27324129702D040FE9C63D2D67853E12A6E19164A805A9EE0DC4C5463 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:23:11.0997 0x1314 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
14:23:12.0092 0x1314 AtherosSvc ( UnsignedFile.Multi.Generic ) - warning
14:23:12.0092 0x1314 Force sending object to P2P due to detect: C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
14:23:18.0460 0x1314 Object send P2P result: true
14:23:21.0053 0x1314 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:23:21.0119 0x1314 AudioEndpointBuilder - ok
14:23:21.0150 0x1314 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:23:21.0198 0x1314 AudioSrv - ok
14:23:21.0256 0x1314 [ 0909E9AD4019AFF25C58E0DFFDCD744E, D1C1A6C7C1EABAC32B24C45E3E6BE3BC7C74A46996CFA6697E7A98E1A6D05531 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:23:21.0285 0x1314 avgntflt - ok
14:23:21.0319 0x1314 [ DBAB18B20FDA2542EEF8C588D878B7B5, 0CE6738E8C6C1BA502FF230EAE49C96E5AA1B23F34AC57AB9B28081898F2E533 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:23:21.0331 0x1314 avipbb - ok
14:23:21.0369 0x1314 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:23:21.0379 0x1314 avkmgr - ok
14:23:21.0437 0x1314 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:23:21.0462 0x1314 AxInstSV - ok
14:23:21.0514 0x1314 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:23:21.0536 0x1314 b06bdrv - ok
14:23:21.0596 0x1314 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:23:21.0625 0x1314 b57nd60a - ok
14:23:21.0811 0x1314 [ 2D659B569A76CDB83B815675A80D7096, 8246BD350017B6CBADA4BBDBAB8B708B0A8F1AD5ADD4B2DE1BA610B4A188C262 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
14:23:21.0907 0x1314 BCM43XX - ok
14:23:21.0951 0x1314 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:23:21.0978 0x1314 BDESVC - ok
14:23:21.0991 0x1314 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:23:22.0046 0x1314 Beep - ok
14:23:22.0125 0x1314 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:23:22.0174 0x1314 BFE - ok
14:23:22.0216 0x1314 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:23:22.0270 0x1314 BITS - ok
14:23:22.0299 0x1314 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:23:22.0310 0x1314 blbdrive - ok
14:23:22.0354 0x1314 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:23:22.0367 0x1314 bowser - ok
14:23:22.0384 0x1314 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:23:22.0400 0x1314 BrFiltLo - ok
14:23:22.0419 0x1314 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:23:22.0433 0x1314 BrFiltUp - ok
14:23:22.0457 0x1314 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:23:22.0473 0x1314 Browser - ok
14:23:22.0491 0x1314 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:23:22.0510 0x1314 Brserid - ok
14:23:22.0520 0x1314 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:23:22.0535 0x1314 BrSerWdm - ok
14:23:22.0539 0x1314 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:23:22.0554 0x1314 BrUsbMdm - ok
14:23:22.0571 0x1314 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:23:22.0584 0x1314 BrUsbSer - ok
14:23:22.0625 0x1314 [ A83A91D07D1FE6BBE7A9DB46CA00434B, 9EF851047189E13954C0F6A325E4843914C423C0D1EDAE21A34AB3A962BBD5AC ] BTATH_BUS C:\Windows\system32\DRIVERS\btath_bus.sys
14:23:22.0636 0x1314 BTATH_BUS - ok
14:23:22.0668 0x1314 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:23:22.0685 0x1314 BTHMODEM - ok
14:23:22.0715 0x1314 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:23:22.0757 0x1314 bthserv - ok
14:23:22.0774 0x1314 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:23:22.0809 0x1314 cdfs - ok
14:23:22.0853 0x1314 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
14:23:22.0881 0x1314 cdrom - ok
14:23:22.0915 0x1314 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:23:22.0960 0x1314 CertPropSvc - ok
14:23:22.0965 0x1314 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:23:22.0980 0x1314 circlass - ok
14:23:23.0058 0x1314 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:23:23.0089 0x1314 CLFS - ok
14:23:23.0200 0x1314 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:23:23.0218 0x1314 clr_optimization_v2.0.50727_32 - ok
14:23:23.0312 0x1314 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:23:23.0332 0x1314 clr_optimization_v2.0.50727_64 - ok
14:23:23.0430 0x1314 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:23:23.0453 0x1314 clr_optimization_v4.0.30319_32 - ok
14:23:23.0531 0x1314 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:23:23.0552 0x1314 clr_optimization_v4.0.30319_64 - ok
14:23:23.0559 0x1314 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:23:23.0575 0x1314 CmBatt - ok
14:23:23.0609 0x1314 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:23:23.0619 0x1314 cmdide - ok
14:23:23.0683 0x1314 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
14:23:23.0722 0x1314 CNG - ok
14:23:23.0758 0x1314 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:23:23.0769 0x1314 Compbatt - ok
14:23:23.0807 0x1314 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:23:23.0836 0x1314 CompositeBus - ok
14:23:23.0840 0x1314 COMSysApp - ok
14:23:23.0858 0x1314 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:23:23.0869 0x1314 crcdisk - ok
14:23:23.0921 0x1314 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:23:23.0941 0x1314 CryptSvc - ok
14:23:24.0009 0x1314 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:23:24.0059 0x1314 DcomLaunch - ok
14:23:24.0114 0x1314 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:23:24.0166 0x1314 defragsvc - ok
14:23:24.0206 0x1314 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:23:24.0241 0x1314 DfsC - ok
14:23:24.0307 0x1314 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:23:24.0362 0x1314 Dhcp - ok
14:23:24.0384 0x1314 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:23:24.0417 0x1314 discache - ok
14:23:24.0453 0x1314 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:23:24.0464 0x1314 Disk - ok
14:23:24.0497 0x1314 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:23:24.0514 0x1314 Dnscache - ok
14:23:24.0542 0x1314 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:23:24.0582 0x1314 dot3svc - ok
14:23:24.0624 0x1314 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:23:24.0680 0x1314 DPS - ok
14:23:24.0735 0x1314 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:23:24.0764 0x1314 drmkaud - ok
14:23:24.0832 0x1314 [ 1FCA854CEDFC2CCD0C22E46EA4EA18F1, 3508547FCE3B6ACA34511BB2C50A375E3894EBFAC656B9D1C82EA8439EFD8846 ] DsiWMIService C:\Program Files (x86)\Launch Manager\dsiwmis.exe
14:23:24.0858 0x1314 DsiWMIService - ok
14:23:24.0919 0x1314 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:23:24.0948 0x1314 DXGKrnl - ok
14:23:24.0991 0x1314 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:23:25.0029 0x1314 EapHost - ok
14:23:25.0159 0x1314 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:23:25.0251 0x1314 ebdrv - ok
14:23:25.0281 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
14:23:25.0293 0x1314 EFS - ok
14:23:25.0384 0x1314 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:23:25.0418 0x1314 ehRecvr - ok
14:23:25.0465 0x1314 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:23:25.0496 0x1314 ehSched - ok
14:23:25.0538 0x1314 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:23:25.0576 0x1314 elxstor - ok
14:23:25.0731 0x1314 [ 3EA2C4F68A782839D97B3C83595575B6, D4C3BFD0B6817B73BE9F2378FA946BD1C213A4FB9EB3F7D2C79E9B6D9F895106 ] ePowerSvc C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
14:23:25.0768 0x1314 ePowerSvc - ok
14:23:25.0811 0x1314 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:23:25.0830 0x1314 ErrDev - ok
14:23:25.0936 0x1314 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:23:26.0000 0x1314 EventSystem - ok
14:23:26.0051 0x1314 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:23:26.0089 0x1314 exfat - ok
14:23:26.0101 0x1314 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:23:26.0138 0x1314 fastfat - ok
14:23:26.0200 0x1314 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:23:26.0247 0x1314 Fax - ok
14:23:26.0262 0x1314 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:23:26.0278 0x1314 fdc - ok
14:23:26.0293 0x1314 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:23:26.0325 0x1314 fdPHost - ok
14:23:26.0340 0x1314 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:23:26.0371 0x1314 FDResPub - ok
14:23:26.0387 0x1314 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:23:26.0403 0x1314 FileInfo - ok
14:23:26.0418 0x1314 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:23:26.0449 0x1314 Filetrace - ok
14:23:26.0465 0x1314 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:23:26.0465 0x1314 flpydisk - ok
14:23:26.0512 0x1314 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:23:26.0527 0x1314 FltMgr - ok
14:23:26.0605 0x1314 [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache C:\Windows\system32\FntCache.dll
14:23:26.0668 0x1314 FontCache - ok
14:23:26.0746 0x1314 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:23:26.0761 0x1314 FontCache3.0.0.0 - ok
14:23:26.0793 0x1314 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:23:26.0808 0x1314 FsDepends - ok
14:23:26.0839 0x1314 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:23:26.0855 0x1314 Fs_Rec - ok
14:23:26.0902 0x1314 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:23:26.0933 0x1314 fvevol - ok
14:23:26.0964 0x1314 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:23:26.0980 0x1314 gagp30kx - ok
14:23:27.0011 0x1314 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:23:27.0058 0x1314 gpsvc - ok
14:23:27.0089 0x1314 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:23:27.0105 0x1314 hcw85cir - ok
14:23:27.0183 0x1314 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:23:27.0214 0x1314 HdAudAddService - ok
14:23:27.0229 0x1314 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:23:27.0245 0x1314 HDAudBus - ok
14:23:27.0276 0x1314 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
14:23:27.0292 0x1314 HECIx64 - ok
14:23:27.0292 0x1314 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:23:27.0307 0x1314 HidBatt - ok
14:23:27.0323 0x1314 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:23:27.0339 0x1314 HidBth - ok
14:23:27.0354 0x1314 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:23:27.0370 0x1314 HidIr - ok
14:23:27.0417 0x1314 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:23:27.0448 0x1314 hidserv - ok
14:23:27.0479 0x1314 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:23:27.0495 0x1314 HidUsb - ok
14:23:27.0526 0x1314 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:23:27.0557 0x1314 hkmsvc - ok
14:23:27.0604 0x1314 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:23:27.0619 0x1314 HomeGroupListener - ok
14:23:27.0635 0x1314 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:23:27.0651 0x1314 HomeGroupProvider - ok
14:23:27.0682 0x1314 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:23:27.0682 0x1314 HpSAMD - ok
14:23:27.0760 0x1314 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:23:27.0822 0x1314 HTTP - ok
14:23:27.0853 0x1314 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:23:27.0869 0x1314 hwpolicy - ok
14:23:27.0900 0x1314 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:23:27.0916 0x1314 i8042prt - ok
14:23:27.0963 0x1314 [ 1384872112E8E7FD5786ECEB8BDDF4C9, DC7844691740805A94F2901F8CB56F1591AF4F0F9C6D92D6B8595F89E6FA5F02 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
14:23:27.0978 0x1314 iaStor - ok
14:23:28.0009 0x1314 [ 6B24D1C3096DE796D15571079EA5E98C, 89566A7BDEDA7A663110F72B6301998651937E1E3E541EAB054169CEC8C7353F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
14:23:28.0025 0x1314 IAStorDataMgrSvc - ok
14:23:28.0072 0x1314 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:23:28.0103 0x1314 iaStorV - ok
14:23:28.0165 0x1314 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:23:28.0181 0x1314 idsvc - ok
14:23:28.0212 0x1314 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:23:28.0228 0x1314 iirsp - ok
14:23:28.0259 0x1314 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
14:23:28.0321 0x1314 IKEEXT - ok
14:23:28.0415 0x1314 [ 235362D403D9D677514649D88DB31914, 522F5BA88169ADEC1EEB595BFBBCD6417DF38CD93A0D2B2FD0AF4C907FF6D965 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:23:28.0477 0x1314 IntcAzAudAddService - ok
14:23:28.0493 0x1314 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:23:28.0493 0x1314 intelide - ok
14:23:28.0524 0x1314 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:23:28.0540 0x1314 intelppm - ok
14:23:28.0571 0x1314 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:23:28.0602 0x1314 IPBusEnum - ok
14:23:28.0649 0x1314 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:23:28.0680 0x1314 IpFilterDriver - ok
14:23:28.0743 0x1314 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:23:28.0805 0x1314 iphlpsvc - ok
14:23:28.0821 0x1314 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:23:28.0836 0x1314 IPMIDRV - ok
14:23:28.0867 0x1314 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:23:28.0899 0x1314 IPNAT - ok
14:23:28.0930 0x1314 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:23:28.0945 0x1314 IRENUM - ok
14:23:28.0945 0x1314 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:23:28.0961 0x1314 isapnp - ok
14:23:28.0977 0x1314 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:23:28.0992 0x1314 iScsiPrt - ok
14:23:29.0039 0x1314 [ 37E053A2CF8F0082B689ED74106E0CEC, 431D3A3212152A76878C9CA347056B62B2A5A3E0211C4D930639C426EE73A0B7 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:23:29.0070 0x1314 k57nd60a - ok
14:23:29.0117 0x1314 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:23:29.0148 0x1314 kbdclass - ok
14:23:29.0164 0x1314 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:23:29.0179 0x1314 kbdhid - ok
14:23:29.0211 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
14:23:29.0242 0x1314 KeyIso - ok
14:23:29.0257 0x1314 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:23:29.0289 0x1314 KSecDD - ok
14:23:29.0304 0x1314 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:23:29.0320 0x1314 KSecPkg - ok
14:23:29.0335 0x1314 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:23:29.0367 0x1314 ksthunk - ok
14:23:29.0445 0x1314 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:23:29.0491 0x1314 KtmRm - ok
14:23:29.0523 0x1314 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:23:29.0554 0x1314 LanmanServer - ok
14:23:29.0601 0x1314 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:23:29.0647 0x1314 LanmanWorkstation - ok
14:23:29.0694 0x1314 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:23:29.0757 0x1314 lltdio - ok
14:23:29.0819 0x1314 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:23:29.0866 0x1314 lltdsvc - ok
14:23:29.0881 0x1314 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:23:29.0913 0x1314 lmhosts - ok
14:23:29.0975 0x1314 [ DBC1136A62BD4DECC3632DF650284C2E, 2D6344357D21A9062019C7DDF3DB440ABC724CDA925471BBFA8CCAC65E6A2C80 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
14:23:30.0006 0x1314 LMS - ok
14:23:30.0037 0x1314 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:23:30.0053 0x1314 LSI_FC - ok
14:23:30.0084 0x1314 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:23:30.0100 0x1314 LSI_SAS - ok
14:23:30.0115 0x1314 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:23:30.0131 0x1314 LSI_SAS2 - ok
14:23:30.0147 0x1314 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:23:30.0162 0x1314 LSI_SCSI - ok
14:23:30.0178 0x1314 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:23:30.0209 0x1314 luafv - ok
14:23:30.0256 0x1314 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:23:30.0287 0x1314 Mcx2Svc - ok
14:23:30.0303 0x1314 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:23:30.0303 0x1314 megasas - ok
14:23:30.0334 0x1314 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:23:30.0349 0x1314 MegaSR - ok
14:23:30.0396 0x1314 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:23:30.0459 0x1314 MMCSS - ok
14:23:30.0474 0x1314 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:23:30.0505 0x1314 Modem - ok
14:23:30.0521 0x1314 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:23:30.0537 0x1314 monitor - ok
14:23:30.0568 0x1314 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\drivers\mouclass.sys
14:23:30.0568 0x1314 mouclass - ok
14:23:30.0599 0x1314 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:23:30.0615 0x1314 mouhid - ok
14:23:30.0630 0x1314 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:23:30.0646 0x1314 mountmgr - ok
14:23:30.0693 0x1314 [ 5E0686615A80A6279B2314E13CD23F6E, 659931AB2DD395FAA2E5036D02BC6AAE8A7E4C9FF1A902B1FF9C15E878C89E77 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:23:30.0708 0x1314 MozillaMaintenance - ok
14:23:30.0724 0x1314 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:23:30.0739 0x1314 mpio - ok
14:23:30.0771 0x1314 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:23:30.0802 0x1314 mpsdrv - ok
14:23:30.0864 0x1314 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:23:30.0911 0x1314 MpsSvc - ok
14:23:30.0958 0x1314 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:23:30.0989 0x1314 MRxDAV - ok
14:23:31.0020 0x1314 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:23:31.0036 0x1314 mrxsmb - ok
14:23:31.0067 0x1314 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:23:31.0083 0x1314 mrxsmb10 - ok
14:23:31.0098 0x1314 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:23:31.0114 0x1314 mrxsmb20 - ok
14:23:31.0129 0x1314 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:23:31.0145 0x1314 msahci - ok
14:23:31.0176 0x1314 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:23:31.0207 0x1314 msdsm - ok
14:23:31.0223 0x1314 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:23:31.0239 0x1314 MSDTC - ok
14:23:31.0254 0x1314 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:23:31.0285 0x1314 Msfs - ok
14:23:31.0317 0x1314 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:23:31.0348 0x1314 mshidkmdf - ok
14:23:31.0363 0x1314 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:23:31.0379 0x1314 msisadrv - ok
14:23:31.0426 0x1314 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:23:31.0457 0x1314 MSiSCSI - ok
14:23:31.0473 0x1314 msiserver - ok
14:23:31.0504 0x1314 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:23:31.0535 0x1314 MSKSSRV - ok
14:23:31.0566 0x1314 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:23:31.0597 0x1314 MSPCLOCK - ok
14:23:31.0613 0x1314 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:23:31.0644 0x1314 MSPQM - ok
14:23:31.0691 0x1314 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:23:31.0738 0x1314 MsRPC - ok
14:23:31.0769 0x1314 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:23:31.0785 0x1314 mssmbios - ok
14:23:31.0785 0x1314 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:23:31.0831 0x1314 MSTEE - ok
14:23:31.0831 0x1314 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:23:31.0847 0x1314 MTConfig - ok
14:23:31.0878 0x1314 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:23:31.0894 0x1314 Mup - ok
14:23:31.0956 0x1314 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:23:31.0987 0x1314 napagent - ok
14:23:32.0050 0x1314 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:23:32.0081 0x1314 NativeWifiP - ok
14:23:32.0159 0x1314 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:23:32.0190 0x1314 NDIS - ok
14:23:32.0206 0x1314 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:23:32.0237 0x1314 NdisCap - ok
14:23:32.0253 0x1314 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:23:32.0284 0x1314 NdisTapi - ok
14:23:32.0331 0x1314 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:23:32.0393 0x1314 Ndisuio - ok
14:23:32.0424 0x1314 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:23:32.0455 0x1314 NdisWan - ok
14:23:32.0487 0x1314 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:23:32.0518 0x1314 NDProxy - ok
14:23:32.0533 0x1314 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:23:32.0565 0x1314 NetBIOS - ok
14:23:32.0611 0x1314 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:23:32.0658 0x1314 NetBT - ok
14:23:32.0674 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
14:23:32.0689 0x1314 Netlogon - ok
14:23:32.0752 0x1314 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:23:32.0799 0x1314 Netman - ok
14:23:32.0830 0x1314 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:23:32.0877 0x1314 netprofm - ok
14:23:32.0923 0x1314 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
14:23:32.0923 0x1314 NetTcpPortSharing - ok
14:23:32.0955 0x1314 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:23:32.0986 0x1314 nfrd960 - ok
14:23:33.0017 0x1314 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:23:33.0064 0x1314 NlaSvc - ok
14:23:33.0079 0x1314 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:23:33.0111 0x1314 Npfs - ok
14:23:33.0157 0x1314 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:23:33.0189 0x1314 nsi - ok
14:23:33.0204 0x1314 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:23:33.0251 0x1314 nsiproxy - ok
14:23:33.0345 0x1314 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:23:33.0391 0x1314 Ntfs - ok
14:23:33.0407 0x1314 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:23:33.0438 0x1314 Null - ok
14:23:33.0485 0x1314 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:23:33.0485 0x1314 nvraid - ok
14:23:33.0516 0x1314 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:23:33.0516 0x1314 nvstor - ok
14:23:33.0579 0x1314 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:23:33.0610 0x1314 nv_agp - ok
14:23:33.0641 0x1314 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:23:33.0657 0x1314 ohci1394 - ok
14:23:33.0703 0x1314 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:23:33.0719 0x1314 p2pimsvc - ok
14:23:33.0797 0x1314 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:23:33.0828 0x1314 p2psvc - ok
14:23:33.0859 0x1314 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:23:33.0875 0x1314 Parport - ok
14:23:33.0891 0x1314 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:23:33.0906 0x1314 partmgr - ok
14:23:33.0922 0x1314 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
14:23:33.0953 0x1314 PcaSvc - ok
14:23:33.0969 0x1314 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:23:33.0984 0x1314 pci - ok
14:23:33.0984 0x1314 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:23:34.0000 0x1314 pciide - ok
14:23:34.0031 0x1314 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:23:34.0047 0x1314 pcmcia - ok
14:23:34.0047 0x1314 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:23:34.0062 0x1314 pcw - ok
14:23:34.0093 0x1314 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:23:34.0140 0x1314 PEAUTH - ok
14:23:34.0249 0x1314 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:23:34.0281 0x1314 PerfHost - ok
14:23:34.0374 0x1314 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:23:34.0452 0x1314 pla - ok
14:23:34.0515 0x1314 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:23:34.0530 0x1314 PlugPlay - ok
14:23:34.0546 0x1314 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:23:34.0546 0x1314 PNRPAutoReg - ok
14:23:34.0577 0x1314 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:23:34.0593 0x1314 PNRPsvc - ok
14:23:34.0671 0x1314 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:23:34.0717 0x1314 PolicyAgent - ok
14:23:34.0780 0x1314 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:23:34.0827 0x1314 Power - ok
14:23:34.0889 0x1314 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:23:34.0936 0x1314 PptpMiniport - ok
14:23:34.0967 0x1314 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:23:34.0983 0x1314 Processor - ok
14:23:35.0014 0x1314 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
14:23:35.0029 0x1314 ProfSvc - ok
14:23:35.0045 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
14:23:35.0045 0x1314 ProtectedStorage - ok
14:23:35.0107 0x1314 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:23:35.0139 0x1314 Psched - ok
14:23:35.0217 0x1314 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:23:35.0263 0x1314 ql2300 - ok
14:23:35.0279 0x1314 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:23:35.0295 0x1314 ql40xx - ok
14:23:35.0341 0x1314 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:23:35.0357 0x1314 QWAVE - ok
14:23:35.0373 0x1314 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:23:35.0388 0x1314 QWAVEdrv - ok
14:23:35.0404 0x1314 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:23:35.0435 0x1314 RasAcd - ok
14:23:35.0497 0x1314 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:23:35.0544 0x1314 RasAgileVpn - ok
14:23:35.0560 0x1314 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:23:35.0607 0x1314 RasAuto - ok
14:23:35.0653 0x1314 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:23:35.0685 0x1314 Rasl2tp - ok
14:23:35.0763 0x1314 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:23:35.0825 0x1314 RasMan - ok
14:23:35.0841 0x1314 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:23:35.0887 0x1314 RasPppoe - ok
14:23:35.0919 0x1314 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:23:35.0950 0x1314 RasSstp - ok
14:23:35.0965 0x1314 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:23:36.0012 0x1314 rdbss - ok
14:23:36.0012 0x1314 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:23:36.0028 0x1314 rdpbus - ok
14:23:36.0043 0x1314 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:23:36.0075 0x1314 RDPCDD - ok
14:23:36.0106 0x1314 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:23:36.0153 0x1314 RDPENCDD - ok
14:23:36.0153 0x1314 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:23:36.0199 0x1314 RDPREFMP - ok
14:23:36.0215 0x1314 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:23:36.0231 0x1314 RDPWD - ok
14:23:36.0277 0x1314 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:23:36.0293 0x1314 rdyboost - ok
14:23:36.0340 0x1314 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:23:36.0402 0x1314 RemoteAccess - ok
14:23:36.0418 0x1314 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:23:36.0449 0x1314 RemoteRegistry - ok
14:23:36.0496 0x1314 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:23:36.0543 0x1314 RpcEptMapper - ok
14:23:36.0589 0x1314 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:23:36.0605 0x1314 RpcLocator - ok
14:23:36.0636 0x1314 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:23:36.0683 0x1314 RpcSs - ok
14:23:36.0699 0x1314 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:23:36.0730 0x1314 rspndr - ok
14:23:36.0792 0x1314 [ D6D381B76056C668679723938F06F16C, A26C35EB588BF32F5CD22554BE5A05380D50FF1B7D399687EE50DC24C32DA341 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
14:23:36.0823 0x1314 RTHDMIAzAudService - ok
14:23:36.0823 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
14:23:36.0839 0x1314 SamSs - ok
14:23:36.0886 0x1314 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:23:36.0901 0x1314 sbp2port - ok
14:23:36.0948 0x1314 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:23:36.0995 0x1314 SCardSvr - ok
14:23:37.0026 0x1314 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:23:37.0057 0x1314 scfilter - ok
14:23:37.0135 0x1314 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:23:37.0198 0x1314 Schedule - ok
14:23:37.0229 0x1314 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:23:37.0260 0x1314 SCPolicySvc - ok
14:23:37.0307 0x1314 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:23:37.0338 0x1314 SDRSVC - ok
14:23:37.0369 0x1314 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:23:37.0416 0x1314 secdrv - ok
14:23:37.0447 0x1314 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:23:37.0510 0x1314 seclogon - ok
14:23:37.0557 0x1314 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:23:37.0603 0x1314 SENS - ok
14:23:37.0635 0x1314 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:23:37.0650 0x1314 SensrSvc - ok
14:23:37.0650 0x1314 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:23:37.0666 0x1314 Serenum - ok
14:23:37.0697 0x1314 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:23:37.0713 0x1314 Serial - ok
14:23:37.0728 0x1314 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:23:37.0744 0x1314 sermouse - ok
14:23:37.0791 0x1314 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:23:37.0837 0x1314 SessionEnv - ok
14:23:37.0869 0x1314 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:23:37.0884 0x1314 sffdisk - ok
14:23:37.0900 0x1314 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:23:37.0915 0x1314 sffp_mmc - ok
14:23:37.0915 0x1314 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:23:37.0931 0x1314 sffp_sd - ok
14:23:37.0947 0x1314 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:23:37.0962 0x1314 sfloppy - ok
14:23:38.0025 0x1314 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:23:38.0087 0x1314 SharedAccess - ok
14:23:38.0118 0x1314 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:23:38.0165 0x1314 ShellHWDetection - ok
14:23:38.0212 0x1314 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:23:38.0227 0x1314 SiSRaid2 - ok
14:23:38.0259 0x1314 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:23:38.0274 0x1314 SiSRaid4 - ok
14:23:38.0305 0x1314 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:23:38.0368 0x1314 Smb - ok
14:23:38.0415 0x1314 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:23:38.0430 0x1314 SNMPTRAP - ok
14:23:38.0446 0x1314 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:23:38.0461 0x1314 spldr - ok
14:23:38.0524 0x1314 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\Windows\System32\spoolsv.exe
14:23:38.0602 0x1314 Spooler - ok
14:23:38.0758 0x1314 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:23:38.0883 0x1314 sppsvc - ok
14:23:38.0898 0x1314 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:23:38.0929 0x1314 sppuinotify - ok
14:23:38.0961 0x1314 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:23:38.0992 0x1314 srv - ok
14:23:39.0039 0x1314 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:23:39.0054 0x1314 srv2 - ok
14:23:39.0085 0x1314 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:23:39.0101 0x1314 srvnet - ok
14:23:39.0117 0x1314 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:23:39.0163 0x1314 SSDPSRV - ok
14:23:39.0210 0x1314 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:23:39.0273 0x1314 SstpSvc - ok
14:23:39.0273 0x1314 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:23:39.0288 0x1314 stexstor - ok
14:23:39.0366 0x1314 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:23:39.0413 0x1314 stisvc - ok
14:23:39.0429 0x1314 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:23:39.0444 0x1314 swenum - ok
14:23:39.0475 0x1314 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:23:39.0522 0x1314 swprv - ok
14:23:39.0585 0x1314 [ 064A2530A4A7C7CEC1BE6A1945645BE4, 06E4B59B6BFCEE1E2F1EDED77621C9DFED09F460E94065E528A2F746B568193D ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:23:39.0616 0x1314 SynTP - ok
14:23:39.0709 0x1314 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:23:39.0772 0x1314 SysMain - ok
14:23:39.0834 0x1314 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:23:39.0865 0x1314 TabletInputService - ok
14:23:39.0912 0x1314 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:23:39.0959 0x1314 TapiSrv - ok
14:23:39.0990 0x1314 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:23:40.0021 0x1314 TBS - ok
14:23:40.0115 0x1314 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:23:40.0162 0x1314 Tcpip - ok
14:23:40.0224 0x1314 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:23:40.0271 0x1314 TCPIP6 - ok
14:23:40.0302 0x1314 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:23:40.0349 0x1314 tcpipreg - ok
14:23:40.0365 0x1314 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:23:40.0365 0x1314 TDPIPE - ok
14:23:40.0411 0x1314 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:23:40.0411 0x1314 TDTCP - ok
14:23:40.0474 0x1314 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:23:40.0521 0x1314 tdx - ok
14:23:40.0552 0x1314 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:23:40.0552 0x1314 TermDD - ok
14:23:40.0630 0x1314 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
14:23:40.0692 0x1314 TermService - ok
14:23:40.0708 0x1314 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:23:40.0723 0x1314 Themes - ok
14:23:40.0739 0x1314 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:23:40.0770 0x1314 THREADORDER - ok
14:23:40.0786 0x1314 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:23:40.0833 0x1314 TrkWks - ok
14:23:40.0879 0x1314 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:23:40.0942 0x1314 TrustedInstaller - ok
14:23:40.0989 0x1314 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:23:41.0020 0x1314 tssecsrv - ok
14:23:41.0035 0x1314 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:23:41.0051 0x1314 TsUsbFlt - ok
14:23:41.0098 0x1314 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:23:41.0129 0x1314 tunnel - ok
14:23:41.0145 0x1314 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:23:41.0160 0x1314 uagp35 - ok
14:23:41.0176 0x1314 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:23:41.0223 0x1314 udfs - ok
14:23:41.0238 0x1314 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:23:41.0254 0x1314 UI0Detect - ok
14:23:41.0285 0x1314 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:23:41.0301 0x1314 uliagpkx - ok
14:23:41.0332 0x1314 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:23:41.0363 0x1314 umbus - ok
14:23:41.0394 0x1314 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:23:41.0410 0x1314 UmPass - ok
14:23:41.0535 0x1314 [ 7466809E6DA561D60C2F1CE8EDE3C73F, A3185049282A51B17C3DA839AF7E90F1CD395B2FB5587514EB2D65CB22854E2C ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
14:23:41.0597 0x1314 UNS - ok
14:23:41.0613 0x1314 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:23:41.0659 0x1314 upnphost - ok
14:23:41.0691 0x1314 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:23:41.0691 0x1314 usbccgp - ok
14:23:41.0737 0x1314 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:23:41.0753 0x1314 usbcir - ok
14:23:41.0769 0x1314 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:23:41.0784 0x1314 usbehci - ok
14:23:41.0815 0x1314 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:23:41.0831 0x1314 usbhub - ok
14:23:41.0847 0x1314 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:23:41.0862 0x1314 usbohci - ok
14:23:41.0878 0x1314 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:23:41.0893 0x1314 usbprint - ok
14:23:41.0909 0x1314 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\drivers\USBSTOR.SYS
14:23:41.0925 0x1314 USBSTOR - ok
14:23:41.0940 0x1314 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:23:41.0956 0x1314 usbuhci - ok
14:23:42.0003 0x1314 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:23:42.0034 0x1314 usbvideo - ok
14:23:42.0049 0x1314 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:23:42.0096 0x1314 UxSms - ok
14:23:42.0112 0x1314 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
14:23:42.0127 0x1314 VaultSvc - ok
14:23:42.0143 0x1314 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:23:42.0143 0x1314 vdrvroot - ok
14:23:42.0190 0x1314 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:23:42.0252 0x1314 vds - ok
14:23:42.0283 0x1314 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:23:42.0283 0x1314 vga - ok
14:23:42.0299 0x1314 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:23:42.0330 0x1314 VgaSave - ok
14:23:42.0346 0x1314 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:23:42.0361 0x1314 vhdmp - ok
14:23:42.0393 0x1314 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:23:42.0393 0x1314 viaide - ok
14:23:42.0439 0x1314 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:23:42.0439 0x1314 volmgr - ok
14:23:42.0486 0x1314 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:23:42.0502 0x1314 volmgrx - ok
14:23:42.0517 0x1314 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:23:42.0533 0x1314 volsnap - ok
14:23:42.0580 0x1314 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:23:42.0580 0x1314 vsmraid - ok
14:23:42.0658 0x1314 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:23:42.0720 0x1314 VSS - ok
14:23:42.0751 0x1314 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:23:42.0767 0x1314 vwifibus - ok
14:23:42.0783 0x1314 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:23:42.0798 0x1314 vwififlt - ok
14:23:42.0845 0x1314 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:23:42.0892 0x1314 W32Time - ok
14:23:42.0907 0x1314 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:23:42.0923 0x1314 WacomPen - ok
14:23:42.0954 0x1314 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:23:42.0985 0x1314 WANARP - ok
14:23:43.0017 0x1314 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:23:43.0048 0x1314 Wanarpv6 - ok
14:23:43.0141 0x1314 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:23:43.0188 0x1314 wbengine - ok
14:23:43.0204 0x1314 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:23:43.0219 0x1314 WbioSrvc - ok
14:23:43.0266 0x1314 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:23:43.0297 0x1314 wcncsvc - ok
14:23:43.0313 0x1314 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:23:43.0329 0x1314 WcsPlugInService - ok
14:23:43.0329 0x1314 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:23:43.0329 0x1314 Wd - ok
14:23:43.0407 0x1314 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:23:43.0453 0x1314 Wdf01000 - ok
14:23:43.0485 0x1314 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:23:43.0516 0x1314 WdiServiceHost - ok
14:23:43.0531 0x1314 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:23:43.0547 0x1314 WdiSystemHost - ok
14:23:43.0578 0x1314 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
14:23:43.0609 0x1314 WebClient - ok
14:23:43.0625 0x1314 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:23:43.0672 0x1314 Wecsvc - ok
14:23:43.0687 0x1314 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:23:43.0719 0x1314 wercplsupport - ok
14:23:43.0750 0x1314 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:23:43.0781 0x1314 WerSvc - ok
14:23:43.0781 0x1314 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:23:43.0812 0x1314 WfpLwf - ok
14:23:43.0828 0x1314 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:23:43.0828 0x1314 WIMMount - ok
14:23:43.0843 0x1314 WinDefend - ok
14:23:43.0859 0x1314 WinHttpAutoProxySvc - ok
14:23:43.0937 0x1314 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:23:43.0999 0x1314 Winmgmt - ok
14:23:44.0077 0x1314 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:23:44.0155 0x1314 WinRM - ok
14:23:44.0218 0x1314 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:23:44.0249 0x1314 Wlansvc - ok
14:23:44.0296 0x1314 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:23:44.0311 0x1314 WmiAcpi - ok
14:23:44.0343 0x1314 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:23:44.0358 0x1314 wmiApSrv - ok
14:23:44.0389 0x1314 WMPNetworkSvc - ok
14:23:44.0405 0x1314 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:23:44.0421 0x1314 WPCSvc - ok
14:23:44.0436 0x1314 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:23:44.0467 0x1314 WPDBusEnum - ok
14:23:44.0483 0x1314 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:23:44.0514 0x1314 ws2ifsl - ok
14:23:44.0545 0x1314 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:23:44.0561 0x1314 wscsvc - ok
14:23:44.0561 0x1314 WSearch - ok
14:23:44.0670 0x1314 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
14:23:44.0733 0x1314 wuauserv - ok
14:23:44.0764 0x1314 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:23:44.0779 0x1314 WudfPf - ok
14:23:44.0811 0x1314 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:23:44.0826 0x1314 WUDFRd - ok
14:23:44.0857 0x1314 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:23:44.0889 0x1314 wudfsvc - ok
14:23:44.0920 0x1314 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
14:23:44.0951 0x1314 WwanSvc - ok
14:23:44.0951 0x1314 ================ Scan global ===============================
14:23:44.0998 0x1314 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:23:45.0045 0x1314 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
14:23:45.0076 0x1314 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
14:23:45.0123 0x1314 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:23:45.0185 0x1314 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:23:45.0201 0x1314 [ Global ] - ok
14:23:45.0201 0x1314 ================ Scan MBR ==================================
14:23:45.0216 0x1314 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:23:45.0715 0x1314 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
14:23:45.0715 0x1314 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:23:48.0165 0x1314 ================ Scan VBR ==================================
14:23:48.0165 0x1314 [ B5433CC3FFE98B666653ABF5A3617377 ] \Device\Harddisk0\DR0\Partition1
14:23:48.0165 0x1314 \Device\Harddisk0\DR0\Partition1 - ok
14:23:48.0180 0x1314 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.1.641 ), 0x41000 ( enabled : updated )
14:23:48.0196 0x1314 Win FW state via NFP2: enabled
14:23:50.0629 0x1314 ============================================================
14:23:50.0629 0x1314 Scan finished
14:23:50.0629 0x1314 ============================================================
14:23:50.0629 0x1370 Detected object count: 2
14:23:50.0629 0x1370 Actual detected object count: 2
14:24:33.0077 0x1370 C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - copied to quarantine
14:24:33.0077 0x1370 HKLM\SYSTEM\ControlSet001\services\AtherosSvc - will be deleted on reboot
14:24:33.0124 0x1370 HKLM\SYSTEM\ControlSet002\services\AtherosSvc - will be deleted on reboot
14:24:33.0264 0x1370 C:\Program Files (x86)\Bluetooth Suite\adminservice.exe - will be deleted on reboot
14:24:33.0264 0x1370 AtherosSvc ( UnsignedFile.Multi.Generic ) - User select action: Delete
14:24:33.0264 0x1370 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
14:24:33.0264 0x1370 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
14:24:33.0264 0x1370 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
14:24:33.0280 0x1370 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
14:24:33.0280 0x1370 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
14:24:33.0280 0x1370 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
14:24:33.0280 0x1370 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
14:24:33.0295 0x1370 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
14:24:33.0295 0x1370 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
14:24:33.0342 0x1370 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
14:24:33.0358 0x1370 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
14:24:33.0358 0x1370 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
14:24:33.0358 0x1370 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
14:24:33.0373 0x1370 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
14:24:33.0373 0x1370 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
14:24:33.0373 0x1370 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
14:24:33.0389 0x1370 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
14:24:33.0405 0x1370 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
14:24:33.0436 0x1370 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
14:24:33.0451 0x1370 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
14:24:33.0529 0x1370 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
14:24:33.0561 0x1370 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
14:24:33.0561 0x1370 \Device\Harddisk0\DR0\TDLFS - deleted
14:24:33.0561 0x1370 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
14:24:33.0654 0x1370 KLMD registered as C:\Windows\system32\drivers\17290827.sys
14:24:40.0705 0x13bc Deinitialize success
Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by Chrissi (administrator) on 19-11-2013 at 14:29:53
Windows 7 (X64)
Running From: C:\Users\Chrissi\Downloads
Language: 0407
************************************************************
========================= Memory info ======================
Percentage of memory in use: 36%
Total physical RAM: 3958.71 MB
Available physical RAM: 2495.27 MB
Total Pagefile: 7915.61 MB
Available Pagefile: 6078.23 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:284.99 GB) (Free:248.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 298 GB 100 MB
Partitions of Disk 0:
===============
Datentr„ger-ID: BE159B89
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 13 GB 1024 KB
Partition 2 Prim„r 284 GB 13 GB
Partition 3 Prim„r 1360 KB 298 GB
======================================================================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 PQSERVICE NTFS Partition 13 GB Fehlerfre Versteck
======================================================================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 284 GB Fehlerfre System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Typ : 17
Versteckt: Ja
Aktiv : Nein
Dieser Partition ist kein Volume zugewiesen.
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: BE159B89
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3
****** End Of Log ******
|
|
19.11.2013, 14:37
| #8 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Drücke die  + R Taste und schreibe "notepad" in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument: Code:
ATTFilter Disk=0 Partition=3 delete
__________________ cheers, Leo |
|
19.11.2013, 14:41
| #9 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by Chrissi (administrator) on 19-11-2013 at 14:40:36
Windows 7 (X64)
Running From: C:\Users\Chrissi\Desktop
Language: 0407
************************************************************
========================= Memory info ======================
Percentage of memory in use: 33%
Total physical RAM: 3958.71 MB
Available physical RAM: 2626.77 MB
Total Pagefile: 7915.61 MB
Available Pagefile: 6068.66 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:284.99 GB) (Free:248.06 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 298 GB 100 MB
Partitions of Disk 0:
===============
Datentr„ger-ID: BE159B89
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 13 GB 1024 KB
Partition 2 Prim„r 284 GB 13 GB
======================================================================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 PQSERVICE NTFS Partition 13 GB Fehlerfre Versteck
======================================================================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C NTFS Partition 284 GB Fehlerfre System (partition with boot components)
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: BE159B89
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=285 GB) - (Type=07 NTFS)
****** End Of Log ******
|
|
19.11.2013, 14:53
| #10 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 So, das wäre erledigt. (Avira findet dann möglicherweise noch etwas, das allerdings nur noch in der TDSSKiller-Quarantäne und somit tot ist - nicht erschrecken.  )Downloade dir bitte delfix auf deinen Desktop.
>> OK << Wir sind durch, deine Logs sehen für mich im Moment sauber aus.  Ich habe dir nachfolgend ein paar Hinweise und Tipps zusammengestellt, die dazu beitragen sollen, dass du in Zukunft unsere Hilfe nicht mehr brauchen wirst. Bitte gib mir danach noch eine kurze Rückmeldung, wenn auch von deiner Seite keine Probleme oder Fragen mehr offen sind, damit ich dieses Thema als erledigt betrachten kann. Epilog: Tipps, Dos & Don'ts  Aktualität von System und SoftwareDas Betriebsystem Windows muss zwingend immer auf dem neusten Stand sein. Stelle sicher, dass die automatischen Updates aktiviert sind:
Auch die installierte Software sollte immer in der aktuellsten Version vorliegen. Speziell gilt das für den Browser, Java, Flash-Player und PDF-Reader, denn bekannte Sicherheitslücken in deren alten Versionen werden dazu ausgenutzt, um beim blossen Besuch einer präparierten Website per Drive-by Download Malware zu installieren. Das kann sogar auf normalerweise legitimen Websites geschehen, wenn es einem Angreifer gelungen ist, seinen Code in die Seite einzuschleusen, und ist deshalb relativ unberechenbar.
Sicherheits-SoftwareEine Bemerkung vorneweg: Jede Softwarelösung hat ihre Schwächen. Die gesamte Verantwortung für die Sicherheit auf Software zu übertragen und einen Rundum-Schutz zu erwarten, wäre eine gefährliche Illusion. Bei unbedachtem oder bewusst risikoreichem Verhalten wird auch das beste Programm früher oder später seinen Dienst versagen (z.B. ein Virenscanner, der eine verseuchte Datei nicht erkennt). Trotzdem ist entsprechende Software natürlich wichtig und hilft dir in Kombination mit einem gut gewarteten (up-to-date) System und durchdachtem Verhalten, deinen Rechner sauber zu halten.
Es liegt in der Natur der Sache, dass die am weitesten verbreitete Anwendungs-Software auch am häufigsten von Malware-Autoren attackiert wird. Es kann daher bereits einen kleinen Sicherheitsgewinn darstellen, wenn man alternative Software (z.B. einen alternativen PDF Reader) benutzt. Anstelle des Internet Explorers kann man beispielsweise den Mozilla Firefox einsetzen, für welchen es zwei nützliche Addons zur Empfehlung gibt:
(Un-)Sicheres Verhalten im InternetNebst unbemerkten Drive-by Installationen wird Malware aber auch oft mehr oder weniger aktiv vom Benutzer selbst installiert. Der Besuch zwielichtiger Websites kann bereits Risiken bergen. Und Downloads aus dubiosen Quellen sind immer russisches Roulette. Auch wenn der Virenscanner im Moment darin keine Bedrohung erkennt, muss das nichts bedeuten.
Oft wird auch versucht, den Benutzer mit mehr oder weniger trickreichen Methoden dazu zu bringen, eine für ihn verhängnisvolle Handlung selbst auszuführen (Überbegriff Social Engineering).
Nervige Adware (Werbung) und unnötige Toolbars werden auch meist durch den Benutzer selbst mitinstalliert.
Allgemeine HinweiseAbschliessend noch ein paar grundsätzliche Bemerkungen:
Wenn du möchtest, kannst du das Forum mit einer kleinen Spende unterstützen. Es bleibt mir nur noch, dir unbeschwertes und sicheres Surfen zu wünschen und dass wir uns hier so bald nicht wiedersehen.
__________________ cheers, Leo |
|
19.11.2013, 18:51
| #11 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Sorry, ich musste los und bin erst gerade wieder nach Hause gekommen. Danke für deine schnelle Hilfe. Hier noch der Logfile von delfix. Ich lasse jetzt nochmal Avira durchlaufen und schreibe dann auf jeden Fall nochmal, spätestens morgen. Herzlichen Dank schonmal! Code:
ATTFilter # DelFix v10.6 - Datei am 19/11/2013 um 18:46:07 erstellt
# Aktualisiert am 11/11/2013 von Xplode
# Benutzer : Chrissi - CHRISSI-PC
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
~ Aktiviere die Benutzerkontensteuerung ... OK
~ Entferne die Bereinigungsprogramme ...
Gelöscht : C:\FRST
Gelöscht : C:\TDSSKiller_Quarantine
Gelöscht : C:\FRST.txt
Gelöscht : C:\TDSSKiller.2.8.16.0_19.11.2013_14.21.46_log.txt
Gelöscht : C:\TDSSKiller.3.0.0.19_19.11.2013_14.26.24_log.txt
Gelöscht : C:\Users\Chrissi\Desktop\Addition.txt
Gelöscht : C:\Users\Chrissi\Desktop\FRST - Kopie.txt
Gelöscht : C:\Users\Chrissi\Desktop\FRST.txt
Gelöscht : C:\Users\Chrissi\Desktop\FRST.zip
Gelöscht : C:\Users\Chrissi\Desktop\FRST64.exe
Gelöscht : C:\Users\Chrissi\Desktop\ListParts64.exe
Gelöscht : C:\Users\Chrissi\Desktop\ListPartsfixlog.txt
Gelöscht : C:\Users\Chrissi\Desktop\Result.txt
Gelöscht : C:\Users\Chrissi\Desktop\TDSSKiller.3.0.0.19_19.11.2013_13.22.40_log.txt
Gelöscht : C:\Users\Chrissi\Desktop\TDSSKiller.3.0.0.19_19.11.2013_14.22.25_log.txt
Gelöscht : C:\Users\Chrissi\Desktop\tdsskiller.exe
Gelöscht : C:\Users\Chrissi\Downloads\Result.txt
~ Erstelle ein Backup der Registrierungsdatenbank ... OK
~ Lösche die Wiederherstellungspunkte ...
Gelöscht : RP #14 [Windows 7 Service Pack 1 | 11/19/2013 08:22:02]
Ein neuer Wiederherstellungspunkt wurde erstellt !
~ Stelle die Systemeinstellungen wieder her ... OK
########## - EOF - ##########
|
|
19.11.2013, 19:27
| #12 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Alles klar. Avira sollte eigentlich nichts mehr finden, da delfix die TDSSKiller-Quarantäne bereits gelöscht hat..
__________________ cheers, Leo |
|
20.11.2013, 09:40
| #13 |
| | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Stimmt, Avira hat nichts mehr gefunden. Danke auch nochmal für die Tipps, die noch mitgeschickt hast. Respekt, ihr seid ein richtig gut organisiertes Team, wenn ich mir die Seite hier anschaue. Super, dass es euch gibt! |
|
20.11.2013, 14:41
| #14 |
| /// TB-Ausbilder | BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu BooTDSS.O auch nach Systemwiederherstellung noch vorhanden, Windows 7 |
| abgesicherten, aktive, antwort, avira, daten, datenträger, hallo zusammen, hängen, installiert, internet, logfiles, modus, neu, problem, scan, scannen, schonmal, seite, systemwiederherstellung, virus, wahrscheinlich, wichtige, windows, windows 7, zusammen |
Linear-Darstellung
