| |
| |||||||
Log-Analyse und Auswertung: Windows Defender meldet Trojan:DOS/Shetwirl.KWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML |
 |
12.08.2016, 03:58
| #1 |
| |  Windows Defender meldet Trojan:DOS/Shetwirl.K Hallo, zur Vorgeschichte: - Skype verschickte Spam Nachrichten, auch wenn PC aus. Passwortwechsel und Löschung meines Skype Kontos - Windows 10 Pro auf Notebook fror in letzter Zeit ca. 1/Tag ein. Nach Anniversary Update blieb das Problem bestehen. Wenn es einfror, half nur "On/Off" Schalter drücken und das Notebook damit "runterfahren". Dabei muss es irgendwann Windows beschädigt haben, Onboard Mittel zur Reperatur (Dism /Online /Cleanup-Image /RestoreHealth und später sfc /scannow, Inplace Upgrade) halfen leider nichts (Probleme gefunden, aber nicht behebar). Deswegen habe ich das System neu aufgesetzt. - Antivirus Lösung: Erst Avast, testweise deinstalliert und durch Defender ersetzt nach Anniversary Update Windows Partition wurde bei Neuinstallation formatiert, Partition mit privaten Daten wurde nicht formatiert. Nach Anschluss meiner externen Festplatte mit gesicherten Daten (entsprechen den Daten auf der privaten Partition PLUS Firefox/Thunderbird Profile) meldet der Windows Defender: Trojan: DOS/Shetwirl.K Löschung durch Defender möglich. Ich traue dem ganzen aber nicht. - War es eine Fehlermeldung? Ich finde zu dem Trojaner kaum etwas - Ist er definitv weg, wenn er da war? (auf neuem Windows) Folgende Logs habe ich: Aus der Windows Ereignisanzeige vom Defender - 6 mal, immer gleich: Code:
ATTFilter Product Name %%827
Product Version 4.9.10586.0
Detection ID {7663F519-B623-4E57-AD9C-809E5E2263BB}
Detection Time 2016-08-11T22:59:48.083Z
Unused
Unused2
Threat ID 2147638941
Threat Name Trojan:DOS/Shetwirl.K
Severity ID 5
Severity Name Schwerwiegend
Category ID 8
Category Name Trojaner
FWLink hxxp://go.microsoft.com/fwlink/?linkid=37020&name=Trojan:DOS/Shetwirl.K&threatid=2147638941&enterprise=0
Status Code 1
Status Description
State 1
Source ID 3
Source Name %%818
Process Name C:\Windows\System32\svchost.exe
Detection User NT-AUTORITÄT\SYSTEM
Unused3
Path boot:_\Device\Harddisk1\DR2
Origin ID 1
Origin Name %%845
Execution ID 1
Execution Name %%813
Type ID 0
Type Name %%822
Pre Execution Status 0
Action ID 9
Action Name %%887
Unused4
Error Code 0x00000000
Error Description Der Vorgang wurde erfolgreich beendet.
Unused5
Post Clean Status 0
Additional Actions ID 0
Additional Actions String No additional actions required
Remediation User
Unused6
Signature Version AV: 1.225.3703.0, AS: 1.225.3703.0, NIS: 116.22.0.0
Engine Version AM: 1.1.12902.0, NIS: 2.1.12706.0
Für Hilfe bin ich dankbar! TDSSKiller (nur das Ende, Log sonst zu lange) Code:
ATTFilter 01:31:13.0985 0x1034 ============================================================
01:31:13.0985 0x1034 Scan finished
01:31:13.0985 0x1034 ============================================================
01:31:13.0995 0x101c Detected object count: 0
01:31:13.0995 0x101c Actual detected object count: 0
01:33:50.0826 0x07b8 Deinitialize success
Code:
ATTFilter MBRCheck, version 1.2.3
(c) 2010, AD
Command-line:
Windows Version: Professional
Windows Information: (build 9200), 64-bit
Base Board Manufacturer: LENOVO
BIOS Manufacturer: LENOVO
System Manufacturer: LENOVO
System Product Name: 3354ALG
Logical Drives Mask: 0x00000014
Kernel Drivers (total 171):
0x01681000 \SystemRoot\system32\ntoskrnl.exe
0x0160E000 \SystemRoot\system32\hal.dll
0x00574000 \SystemRoot\system32\kd.dll
0x1B300000 \SystemRoot\system32\mcupdate_GenuineIntel.dll
0x1B390000 \SystemRoot\System32\drivers\werkernel.sys
0x1A400000 \SystemRoot\System32\drivers\CLFS.SYS
0x1A470000 \SystemRoot\System32\drivers\tm.sys
0x1A4A0000 \SystemRoot\system32\PSHED.dll
0x1A4C0000 \SystemRoot\system32\BOOTVID.dll
0x1A4D0000 \SystemRoot\System32\drivers\cmimcext.sys
0x1A4E0000 \SystemRoot\System32\drivers\ntosext.sys
0x1A4F0000 \SystemRoot\system32\CI.dll
0x1A590000 \SystemRoot\System32\drivers\msrpc.sys
0x1A5F0000 \SystemRoot\System32\drivers\FLTMGR.SYS
0x1A660000 \SystemRoot\System32\drivers\ksecdd.sys
0x1A690000 \SystemRoot\System32\drivers\clipsp.sys
0x1A740000 \SystemRoot\system32\drivers\Wdf01000.sys
0x1A810000 \SystemRoot\system32\drivers\WDFLDR.SYS
0x1A830000 \SystemRoot\System32\Drivers\acpiex.sys
0x1A860000 \SystemRoot\System32\Drivers\WppRecorder.sys
0x1A870000 \SystemRoot\System32\Drivers\cng.sys
0x1A910000 \SystemRoot\System32\drivers\ACPI.sys
0x1A9A0000 \SystemRoot\System32\drivers\WMILIB.SYS
0x1A9C0000 \SystemRoot\system32\drivers\WindowsTrustedRT.sys
0x1A9E0000 \SystemRoot\System32\drivers\WindowsTrustedRTProxy.sys
0x1A9F0000 \SystemRoot\system32\drivers\93488504.sys
0x1AA30000 \SystemRoot\System32\drivers\pcw.sys
0x1AA50000 \SystemRoot\System32\drivers\msisadrv.sys
0x1AA60000 \SystemRoot\System32\drivers\pci.sys
0x1AAC0000 \SystemRoot\System32\drivers\vdrvroot.sys
0x1AAE0000 \SystemRoot\system32\drivers\pdc.sys
0x1AB00000 \SystemRoot\system32\drivers\CEA.sys
0x1AB20000 \SystemRoot\System32\drivers\partmgr.sys
0x1AB50000 \SystemRoot\System32\drivers\spaceport.sys
0x1ABE0000 \SystemRoot\System32\drivers\volmgr.sys
0x1AC00000 \SystemRoot\System32\drivers\volmgrx.sys
0x1AC60000 \SystemRoot\System32\drivers\mountmgr.sys
0x1AC80000 \SystemRoot\System32\drivers\storahci.sys
0x1ACB0000 \SystemRoot\System32\drivers\storport.sys
0x1AD50000 \SystemRoot\System32\drivers\fileinfo.sys
0x1AD70000 \SystemRoot\System32\Drivers\Wof.sys
0x1ADB0000 \SystemRoot\system32\drivers\WdFilter.sys
0x1AE00000 \SystemRoot\System32\Drivers\NTFS.sys
0x1B020000 \SystemRoot\System32\Drivers\Fs_Rec.sys
0x1B030000 \SystemRoot\system32\drivers\ndis.sys
0x1B150000 \SystemRoot\system32\drivers\NETIO.SYS
0x1B1D0000 \SystemRoot\System32\Drivers\ksecpkg.sys
0x1C090000 \SystemRoot\System32\drivers\tcpip.sys
0x1C2F0000 \SystemRoot\System32\drivers\fwpkclnt.sys
0x1C360000 \SystemRoot\System32\drivers\wfplwfs.sys
0x1B400000 \SystemRoot\System32\DRIVERS\fvevol.sys
0x1B4B0000 \SystemRoot\System32\drivers\volsnap.sys
0x1B520000 \SystemRoot\System32\drivers\rdyboost.sys
0x1B570000 \SystemRoot\System32\Drivers\mup.sys
0x1B5B0000 \SystemRoot\System32\drivers\disk.sys
0x1B5D0000 \SystemRoot\System32\drivers\CLASSPNP.SYS
0x1B650000 \SystemRoot\System32\Drivers\crashdmp.sys
0x1B770000 \SystemRoot\system32\drivers\filecrypt.sys
0x1B790000 \SystemRoot\system32\drivers\tbs.sys
0x1B7A0000 \SystemRoot\System32\Drivers\Null.SYS
0x1B7B0000 \SystemRoot\System32\Drivers\Beep.SYS
0x1B7C0000 \SystemRoot\System32\drivers\BasicDisplay.sys
0x1B7E0000 \SystemRoot\System32\drivers\watchdog.sys
0x1B800000 \SystemRoot\System32\drivers\dxgkrnl.sys
0x1B9F0000 \SystemRoot\System32\drivers\BasicRender.sys
0x1BA10000 \SystemRoot\System32\Drivers\Npfs.SYS
0x1BA30000 \SystemRoot\System32\Drivers\Msfs.SYS
0x1BA40000 \SystemRoot\system32\DRIVERS\tdx.sys
0x1BA70000 \SystemRoot\system32\DRIVERS\TDI.SYS
0x1BA80000 \SystemRoot\System32\DRIVERS\netbt.sys
0x1BAD0000 \SystemRoot\system32\drivers\afd.sys
0x1BB70000 \SystemRoot\System32\drivers\vwififlt.sys
0x1BB90000 \SystemRoot\System32\drivers\pacer.sys
0x1BBC0000 \SystemRoot\system32\drivers\netbios.sys
0x1BBE0000 \SystemRoot\system32\DRIVERS\rdbss.sys
0x1BC60000 \SystemRoot\system32\drivers\csc.sys
0x1BCF0000 \SystemRoot\system32\drivers\nsiproxy.sys
0x1BD00000 \SystemRoot\System32\drivers\npsvctrig.sys
0x1BD10000 \SystemRoot\System32\drivers\mssmbios.sys
0x1BD20000 \SystemRoot\System32\drivers\gpuenergydrv.sys
0x1BD30000 \SystemRoot\System32\Drivers\dfsc.sys
0x1BD80000 \SystemRoot\system32\DRIVERS\ahcache.sys
0x1BDC0000 \SystemRoot\System32\DriverStore\FileRepository\compositebus.inf_amd64_912dfdedc3d2f520\CompositeBus.sys
0x1BDE0000 \SystemRoot\System32\drivers\kdnic.sys
0x1BDF0000 \SystemRoot\System32\drivers\umbus.sys
0x1D620000 \SystemRoot\system32\DRIVERS\igdkmd64.sys
0x1CA00000 \SystemRoot\System32\drivers\USBXHCI.SYS
0x1CA70000 \SystemRoot\system32\drivers\ucx01000.sys
0x1CAB0000 \SystemRoot\System32\drivers\TeeDriverW8x64.sys
0x1CAE0000 \SystemRoot\System32\drivers\usbehci.sys
0x1CB00000 \SystemRoot\System32\drivers\USBPORT.SYS
0x1CB80000 \SystemRoot\System32\drivers\HDAudBus.sys
0x1CBA0000 \SystemRoot\System32\drivers\portcls.sys
0x1CC00000 \SystemRoot\System32\drivers\drmk.sys
0x1CC30000 \SystemRoot\System32\drivers\ks.sys
0x1CCA0000 \SystemRoot\System32\drivers\NETwew01.sys
0x1CFF0000 \SystemRoot\System32\drivers\vwifibus.sys
0x1D000000 \SystemRoot\system32\DRIVERS\RtsPStor.sys
0x1D060000 \SystemRoot\System32\drivers\rt640x64.sys
0x1D100000 \SystemRoot\System32\drivers\CmBatt.sys
0x1D110000 \SystemRoot\System32\drivers\BATTC.SYS
0x1D120000 \SystemRoot\system32\DRIVERS\ibmpmdrv.sys
0x1D140000 \SystemRoot\System32\drivers\i8042prt.sys
0x1D170000 \SystemRoot\system32\DRIVERS\SynTP.sys
0x1D210000 \SystemRoot\system32\DRIVERS\USBD.SYS
0x1D220000 \SystemRoot\System32\drivers\kbdclass.sys
0x1D240000 \SystemRoot\System32\drivers\mouclass.sys
0x1D260000 \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
0x1D270000 \SystemRoot\System32\drivers\wmiacpi.sys
0x1D280000 \SystemRoot\System32\drivers\intelppm.sys
0x1D2B0000 \SystemRoot\System32\drivers\NdisVirtualBus.sys
0x1D2C0000 \SystemRoot\System32\drivers\swenum.sys
0x1D2D0000 \SystemRoot\System32\drivers\iwdbus.sys
0x1D2E0000 \SystemRoot\System32\drivers\rdpbus.sys
0x1D2F0000 \SystemRoot\System32\drivers\usbhub.sys
0x1D370000 \SystemRoot\System32\drivers\UsbHub3.sys
0x1D400000 \SystemRoot\system32\DRIVERS\HdAudio.sys
0x1D470000 \SystemRoot\system32\drivers\ksthunk.sys
0x1D480000 \SystemRoot\system32\DRIVERS\IntcDAud.sys
0x1D510000 \SystemRoot\System32\Drivers\dump_diskdump.sys
0x1D550000 \SystemRoot\System32\Drivers\dump_storahci.sys
0x1D5A0000 \SystemRoot\System32\Drivers\dump_dumpfve.sys
0x1D5C0000 \SystemRoot\System32\drivers\usbccgp.sys
0x1D5F0000 \SystemRoot\System32\drivers\hidusb.sys
0x1BE10000 \SystemRoot\System32\drivers\HIDCLASS.SYS
0x1D9E0000 \SystemRoot\System32\drivers\HIDPARSE.SYS
0x1D610000 \SystemRoot\System32\drivers\mouhid.sys
0xA5E80000 \SystemRoot\System32\win32k.sys
0xA6890000 \SystemRoot\System32\win32kfull.sys
0xA6C20000 \SystemRoot\System32\win32kbase.sys
0x1BFD0000 \SystemRoot\System32\drivers\dxgmms1.sys
0x1B670000 \SystemRoot\System32\drivers\dxgmms2.sys
0x1B710000 \SystemRoot\System32\drivers\monitor.sys
0x1B720000 \SystemRoot\System32\drivers\kbdhid.sys
0x1B730000 \SystemRoot\system32\DRIVERS\ibtfltcoex.sys
0x1B750000 \SystemRoot\System32\drivers\BTHUSB.sys
0x1BE70000 \SystemRoot\System32\drivers\bthport.sys
0x1BF60000 \SystemRoot\System32\Drivers\usbvideo.sys
0x1C040000 \SystemRoot\System32\drivers\BthLEEnum.sys
0x1C390000 \SystemRoot\System32\drivers\rfcomm.sys
0x1C3D0000 \SystemRoot\System32\drivers\BthEnum.sys
0x1BFA0000 \SystemRoot\System32\drivers\bthpan.sys
0xA6D90000 \SystemRoot\System32\TSDDD.dll
0xA6DA0000 \SystemRoot\System32\cdd.dll
0x1B200000 \SystemRoot\system32\drivers\luafv.sys
0x1BD60000 \SystemRoot\system32\drivers\storqosflt.sys
0x1B270000 \SystemRoot\system32\drivers\WudfPf.sys
0x1B2D0000 \SystemRoot\system32\drivers\rspndr.sys
0x1B3A0000 \SystemRoot\system32\drivers\mslldp.sys
0x1B3C0000 \SystemRoot\system32\drivers\lltdio.sys
0x1B3E0000 \SystemRoot\system32\drivers\ndisuio.sys
0x1DD80000 \SystemRoot\system32\DRIVERS\nwifi.sys
0x1DE10000 \SystemRoot\system32\drivers\HTTP.sys
0x1DF30000 \SystemRoot\System32\drivers\vwifimp.sys
0x1DF50000 \SystemRoot\system32\DRIVERS\bowser.sys
0x1DF80000 \SystemRoot\system32\DRIVERS\mrxsmb.sys
0x1DA00000 \SystemRoot\system32\DRIVERS\mrxsmb20.sys
0x1DA40000 \SystemRoot\System32\drivers\mpsdrv.sys
0x1DA60000 \SystemRoot\System32\DRIVERS\srvnet.sys
0x1DAB0000 \SystemRoot\system32\drivers\mmcss.sys
0x1DAD0000 \SystemRoot\system32\DRIVERS\mrxsmb10.sys
0x1DB20000 \SystemRoot\system32\drivers\Ndu.sys
0x1DB50000 \SystemRoot\system32\drivers\peauth.sys
0x1DC10000 \SystemRoot\System32\DRIVERS\srv2.sys
0x1DCC0000 \SystemRoot\System32\drivers\tcpipreg.sys
0x1DCE0000 \SystemRoot\System32\DRIVERS\srv.sys
0x1B230000 \SystemRoot\System32\drivers\tunnel.sys
0x1E910000 \SystemRoot\system32\Drivers\WdNisDrv.sys
0x1E940000 \SystemRoot\System32\drivers\condrv.sys
0x1E000000 \??\C:\Users\xxx\AppData\Local\Temp\aswMBR.sys
0x1E020000 \??\C:\Users\xxx\AppData\Local\Temp\aswVmm.sys
Processes (total 69):
0 System Idle Process
4 System
300 C:\Windows\System32\smss.exe
428 csrss.exe
508 C:\Windows\System32\wininit.exe
516 csrss.exe
580 C:\Windows\System32\services.exe
588 C:\Windows\System32\lsass.exe
692 C:\Windows\System32\svchost.exe
736 C:\Windows\System32\svchost.exe
828 C:\Windows\System32\winlogon.exe
924 dwm.exe
936 C:\Windows\System32\svchost.exe
996 C:\Windows\System32\svchost.exe
1004 C:\Windows\System32\svchost.exe
280 C:\Windows\System32\svchost.exe
348 C:\Windows\System32\svchost.exe
1044 C:\Windows\System32\ibmpmsvc.exe
1052 C:\Windows\System32\LPlatSvc.exe
1172 C:\Windows\System32\svchost.exe
1320 C:\Windows\System32\svchost.exe
1628 C:\Windows\System32\igfxCUIService.exe
1880 C:\Windows\System32\spoolsv.exe
1360 C:\Windows\SysWOW64\IntelCpHeciSvc.exe
1464 C:\Windows\System32\svchost.exe
2108 C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
2124 C:\Windows\System32\svchost.exe
2140 C:\Program Files\Windows Defender\MsMpEng.exe
2924 C:\Program Files\Windows Defender\NisSrv.exe
2096 C:\Windows\System32\LPlatSvc.exe
2244 C:\Windows\System32\sihost.exe
2188 C:\Windows\System32\taskhostw.exe
3316 C:\Windows\explorer.exe
3776 C:\Windows\System32\igfxEM.exe
3784 C:\Windows\System32\igfxTray.exe
3796 C:\Windows\System32\igfxHK.exe
3996 C:\Windows\System32\RuntimeBroker.exe
4048 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
536 C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
440 C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
3572 C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
3880 C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
4236 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
4372 C:\Windows\System32\SearchIndexer.exe
3976 C:\Windows\System32\svchost.exe
3388 MpCmdRun.exe
3064 C:\Users\xxx\AppData\Local\Microsoft\OneDrive\OneDrive.exe
4432 C:\Windows\System32\SystemSettingsBroker.exe
3632 dllhost.exe
4956 C:\Windows\System32\NetworkUXBroker.exe
88 C:\Program Files\Windows Defender\MSASCui.exe
948 C:\Program Files (x86)\Mozilla Firefox\firefox.exe
4112 C:\Users\xxx\Downloads\aswmbr.exe
3656 C:\Windows\System32\taskhostw.exe
4208 C:\Windows\System32\InstallAgent.exe
4300 C:\Windows\System32\svchost.exe
684 C:\Windows\System32\SearchProtocolHost.exe
2944 C:\Program Files\WindowsApps\Microsoft.Messaging_2.15.20002.0_x86__8wekyb3d8bbwe\SkypeHost.exe
3816 C:\Windows\System32\SearchFilterHost.exe
2060 C:\Windows\System32\cmd.exe
3344 C:\Windows\System32\conhost.exe
3708 C:\Windows\System32\SearchProtocolHost.exe
1280 C:\Windows\HelpPane.exe
4904 C:\Windows\System32\audiodg.exe
2012 dllhost.exe
3928 dllhost.exe
4360 C:\Users\xxx\Downloads\MBRCheck.exe
1688 C:\Windows\System32\conhost.exe
1544 C:\Windows\System32\dllhost.exe
\\.\C: --> \\.\PhysicalDrive0 at offset 0x00000000`15f00000 (NTFS)
\\.\E: --> \\.\PhysicalDrive0 at offset 0x00000020`86700000 (NTFS)
PhysicalDrive0 Model Number: M4-CT256M4SSD2, Rev: 040H
Size Device Name MBR Status
--------------------------------------------
238 GB \\.\PhysicalDrive0 Windows 7 MBR code detected
SHA1: 4379A3D43019B46FA357F7DD6A53B45A3CA8FB79
Done!
Code:
ATTFilter aswMBR version 1.0.1.2290 Copyright(c) 2014 AVAST Software
Run date: 2016-08-12 02:50:21
-----------------------------
02:50:21.049 OS Version: Windows x64 6.2.9200
02:50:21.049 Number of processors: 4 586 0x3A09
02:50:21.049 ComputerName: xxxx UserName: xxxx
02:50:21.190 Initialize success
02:50:21.190 VM: initialized successfully
02:50:21.190 VM: Intel CPU BiosDisabled
02:51:00.442 AVAST engine defs: 16081106
02:51:05.567 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002e
02:51:05.567 Disk 0 Vendor: M4-CT256M4SSD2 040H Size: 244198MB BusType: 11
02:51:05.599 Disk 0 MBR read successfully
02:51:05.599 Disk 0 MBR scan
02:51:05.599 Disk 0 Windows 7 default MBR code
02:51:05.599 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 350 MB offset 2048
02:51:05.614 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 132394 MB offset 718848
02:51:05.614 Disk 0 Partition 3 00 27 Hidden NTFS WinRE NTFS 477 MB offset 271863808
02:51:05.614 Disk 0 Partition 4 00 07 HPFS/NTFS NTFS 110974 MB offset 272840704
02:51:05.646 Disk 0 scanning C:\Windows\system32\drivers
02:51:17.443 Service scanning
02:51:27.944 Modules scanning
02:51:27.944 Disk 0 trace - called modules:
02:51:27.959 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys storport.sys storahci.sys hal.dll
02:51:27.959 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0012ab71060]
02:51:27.975 3 CLASSPNP.SYS[fffff8011b5d7d95] -> nt!IofCallDriver -> [0xffffe0012a9b8700]
02:51:27.975 5 ACPI.sys[fffff8011a911361] -> nt!IofCallDriver -> \Device\0000002e[0xffffe0012a9ba400]
02:51:27.975 Disk 0 statistics 146087/0/0 @ 8,76 MB/s
02:51:27.990 Scan finished successfully
02:51:39.460 Disk 0 MBR has been saved successfully to "C:\Users\xxx\Desktop\MBR.dat"
02:51:39.475 The log file has been saved successfully to "C:\Users\xxx\Desktop\aswMBR.txt"
Code:
ATTFilter Emsisoft Anti-Malware – Version 11.10.0.6563
Letztes Update: 12.08.2016 02:25:20
Benutzerkonto: xxx-NOTEBOOK\xxx
Computer name: xxxx
OS version: Windows 10x64
Scan-Einstellungen:
Scan-Methode:
Objekte: Rootkits, Speicher, Traces, C:\, D:\, E:\
Erkenne PUPs: An
Archive scannen: An
ADS-Scan: An
Dateierweiterungen: Aus
Advanced Caching: An
Direct Disk Access: Aus
Scan Beginn: 12.08.2016 02:28:02
Gescannt 313308
Gefunden 0
Scan-Ende: 12.08.2016 02:34:02
Scan-Zeit: 0:06:00
Vielen Dank! Ich habe den PC nun erneut aufgesetzt. Dabei alle Partitionen gelöscht/formatiert. Ist das Problem damit erledigt? Ich kann nicht einschätzen, inwiefern der Bereich "boot" (lt. Defender Meldung Ort des Schädlings) damit "gesäubert" wurde. |
|
14.08.2016, 16:57
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Windows Defender meldet Trojan:DOS/Shetwirl.K Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Bitte mal TDSS Killer genau nach Anleitung laufen lassen und komplettes Log posten (auf mehrere Postings aufteilen) Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
14.08.2016, 23:58
| #3 |
| | Windows Defender meldet Trojan:DOS/Shetwirl.K Moin und Danke,
__________________hier das Log (1/3) Code:
ATTFilter 00:52:14.0139 0x1924 TDSS rootkit removing tool 3.1.0.11 Aug 5 2016 12:13:31
00:52:17.0153 0x1924 ============================================================
00:52:17.0153 0x1924 Current date / time: 2016/08/15 00:52:17.0153
00:52:17.0153 0x1924 SystemInfo:
00:52:17.0154 0x1924
00:52:17.0154 0x1924 OS Version: 10.0.14393 ServicePack: 0.0
00:52:17.0154 0x1924 Product type: Workstation
00:52:17.0154 0x1924 ComputerName: xxx-NOTEBOOK
00:52:17.0154 0x1924 UserName: xxx
00:52:17.0154 0x1924 Windows directory: C:\Windows
00:52:17.0154 0x1924 System windows directory: C:\Windows
00:52:17.0154 0x1924 Running under WOW64
00:52:17.0154 0x1924 Processor architecture: Intel x64
00:52:17.0154 0x1924 Number of processors: 4
00:52:17.0154 0x1924 Page size: 0x1000
00:52:17.0154 0x1924 Boot type: Normal boot
00:52:17.0154 0x1924 CodeIntegrityOptions = 0x00000001
00:52:17.0154 0x1924 ============================================================
00:52:17.0235 0x1924 KLMD registered as C:\Windows\system32\drivers\66056414.sys
00:52:17.0235 0x1924 KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 14393.0, osProperties = 0x19
00:52:17.0989 0x1924 System UUID: {9BB42489-B167-3D4B-6019-F190EA4C628F}
00:52:18.0527 0x1924 Drive \Device\Harddisk0\DR0 - Size: 0x3B9E656000 ( 238.47 Gb ), SectorSize: 0x200, Cylinders: 0x799A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
00:52:18.0539 0x1924 Drive \Device\Harddisk1\DR1 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
00:52:18.0541 0x1924 ============================================================
00:52:18.0541 0x1924 \Device\Harddisk0\DR0:
00:52:18.0541 0x1924 MBR partitions:
00:52:18.0541 0x1924 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xFA000
00:52:18.0541 0x1924 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xFA800, BlocksNum 0xC256000
00:52:18.0541 0x1924 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC350800, BlocksNum 0x119A2000
00:52:18.0542 0x1924 \Device\Harddisk1\DR1:
00:52:18.0542 0x1924 MBR partitions:
00:52:18.0542 0x1924 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x1D1C4542
00:52:18.0542 0x1924 ============================================================
00:52:18.0543 0x1924 C: <-> \Device\Harddisk0\DR0\Partition2
00:52:18.0545 0x1924 D: <-> \Device\Harddisk0\DR0\Partition3
00:52:18.0547 0x1924 E: <-> \Device\Harddisk1\DR1\Partition1
00:52:18.0547 0x1924 ============================================================
00:52:18.0547 0x1924 Initialize success
00:52:18.0547 0x1924 ============================================================
00:52:58.0147 0x0198 ============================================================
00:52:58.0147 0x0198 Scan started
00:52:58.0147 0x0198 Mode: Manual; SigCheck; TDLFS;
00:52:58.0147 0x0198 ============================================================
00:52:58.0147 0x0198 KSN ping started
00:52:58.0240 0x0198 KSN ping finished: true
00:52:58.0815 0x0198 ================ Scan system memory ========================
00:52:58.0815 0x0198 System memory – ok
|
|
15.08.2016, 00:00
| #4 |
| | Windows Defender meldet Trojan:DOS/Shetwirl.K (2/3) Code:
ATTFilter 00:52:58.0816 0x0198 ================ Scan services =============================
00:52:58.0878 0x0198 [ A7901875F89D011C38CF52C98ACF5B29, 782141AB1DD7ACDE6EA08B5BAFDE8BADD05B81D38C18E097D6D9C46102056EB1 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
00:52:58.0935 0x0198 1394ohci - ok
00:52:58.0949 0x0198 [ EE1CCC54F75C24727A218F98FC5349DA, 0B0D26640BFA0F551B7087027E572D0BF2C5EAF50A4187C5A7D839180B7FF589 ] 3ware C:\Windows\system32\drivers\3ware.sys
00:52:58.0968 0x0198 3ware - ok
00:52:58.0988 0x0198 [ 73C73E1AA0D4D727A04AAAB120B7F56A, 5D311F11022994410DF5C67914D38B1F0D813EFD181EA234750286A272D67A1A ] ACPI C:\Windows\system32\drivers\ACPI.sys
00:52:59.0029 0x0198 ACPI - ok
00:52:59.0035 0x0198 [ 0935496EF9624B46B935CB35ECE1F205, A22A2A29195505A65E8626D60B00C86C23E0CABC1EB8345EA5ED523516CC21C0 ] AcpiDev C:\Windows\System32\drivers\AcpiDev.sys
00:52:59.0055 0x0198 AcpiDev - ok
00:52:59.0063 0x0198 [ D6794C31F4077B71433988787BAA926E, F16365C2F195AAE94D4740E6C3DF4C0CECEC6393CAD65425DCCD28CDBA6EC51A ] acpiex C:\Windows\system32\Drivers\acpiex.sys
00:52:59.0081 0x0198 acpiex - ok
00:52:59.0086 0x0198 [ FE5F656D6B35089DA39112E74EC6A85A, 5D81EE63998232A5B36DE47FE15B9D04D5BD02234CA133A2462AECA8C60A22ED ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
00:52:59.0106 0x0198 acpipagr - ok
00:52:59.0111 0x0198 [ 2F242941E4DFF69B883D77A16F039557, 45C388365317C720654A659A9326B2BC0E9D84929C704654985597D5D620101C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
00:52:59.0127 0x0198 AcpiPmi - ok
00:52:59.0133 0x0198 [ C247E35A21682DA8D0DC3AF9F025FCC5, 455415EE3166B3043AD8A4DD50B688DB74242267FB555642441251EFA823E971 ] acpitime C:\Windows\System32\drivers\acpitime.sys
00:52:59.0148 0x0198 acpitime - ok
00:52:59.0157 0x0198 [ 68E7DEA59FDEF410BAF29FDB5B7A6EEF, B808FCF0C30B465A1330E47947B84FC722A3B4C46260E261C54B1EED725A288F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
00:52:59.0172 0x0198 AdobeARMservice - ok
00:52:59.0205 0x0198 [ 49B9DB97AFC85DCCBDACDAB2E90085B7, 2A6C2A09F74EA15044F442CCFB54A0F24F105ADB915E5C78F02F59652DC29152 ] ADP80XX C:\Windows\system32\drivers\ADP80XX.SYS
00:52:59.0251 0x0198 ADP80XX - ok
00:52:59.0271 0x0198 [ 983266DA83FFF73DBDDD3730A4712228, 433A2731DAC687C52FB7E23093B8E11D92CCCF4C35B493D73AC30C6A4A6D2A6C ] AFD C:\Windows\system32\drivers\afd.sys
00:52:59.0301 0x0198 AFD - ok
00:52:59.0312 0x0198 [ E44DB3F7225EC3E119560738B3619972, 32946FBC2BD74072F22E48D769A034183F6C3728FCCC3CF0DD561602511E39B2 ] ahcache C:\Windows\system32\DRIVERS\ahcache.sys
00:52:59.0334 0x0198 ahcache - ok
00:52:59.0341 0x0198 [ D0905D4A945D01D4B28DB9E1BD5985F7, CF389CBCD3B99D1BAE34A42F723F1005C32213A394F691978076D3DF1727715C ] AJRouter C:\Windows\System32\AJRouter.dll
00:52:59.0362 0x0198 AJRouter - ok
00:52:59.0368 0x0198 [ 8FD51B3B35707A66080D7C8CB05E792D, FE52F3DC280D208FDDC75F6E3294B8D601E0D86F9BD3DB1ACC8FC296AC74C23B ] ALG C:\Windows\System32\alg.exe
00:52:59.0388 0x0198 ALG - ok
00:52:59.0397 0x0198 [ DF21E05E41E5AC3F13F304D91457649A, 7F48F2AD1DBE89A261113C76D7C23AD7D87D5599BCC31F8A558A8A10B81BF521 ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
00:52:59.0417 0x0198 AmdK8 - ok
00:52:59.0423 0x0198 [ 45D0AA4BB90B821DF92E8F19ABED0C5E, EA87A6E98DB3C5A88A844C04C6934E870B7004E783AA5211722115382A211B90 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
00:52:59.0443 0x0198 AmdPPM - ok
00:52:59.0450 0x0198 [ 74FFBC43B4B899C9A8CA06A892F2CE73, 8D599363C7F3D373F1859BAA4D06DD0F40BE78B56BE52B74DE6EA6EF99452004 ] amdsata C:\Windows\system32\drivers\amdsata.sys
00:52:59.0470 0x0198 amdsata - ok
00:52:59.0481 0x0198 [ AAB0F1D8D7E54761ABAB13AF161F1680, CF847990EFFA2828F5B1DB1A68F08A6C2C918E9612EDFFCF95C36BCABBBEA272 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
00:52:59.0504 0x0198 amdsbs - ok
00:52:59.0509 0x0198 [ F91BAAC4237C40352A807000F3B716F9, F7EFA08E5067C3D419C9D21EDB880BA08883A80DDF35F8B42EC3AB293FE5E03E ] amdxata C:\Windows\system32\drivers\amdxata.sys
00:52:59.0521 0x0198 amdxata - ok
00:52:59.0531 0x0198 [ BC121C099C6C659126AD2102AFDFF8CF, 42B5EE293BDD7ADCE48173A01B30D8452564B9DA225EAF25E9292FE77C0FCF3E ] AppID C:\Windows\system32\drivers\appid.sys
00:52:59.0548 0x0198 AppID - ok
00:52:59.0555 0x0198 [ 74A24CF946279111D7F203B36569EC02, FD67D36804744B4FE3E20BA891852575E6C2DA6515643B2F4B4210118B0FCCDA ] AppIDSvc C:\Windows\System32\appidsvc.dll
00:52:59.0583 0x0198 AppIDSvc - ok
00:52:59.0590 0x0198 [ 008E4CCA7A4B33042276061E0A5B8244, DAD980540B564EFA06760435AF1B3213056E6DE8B2A55DF98E7D871625D4B080 ] Appinfo C:\Windows\System32\appinfo.dll
00:52:59.0611 0x0198 Appinfo - ok
00:52:59.0616 0x0198 [ 68190E2BADF23BD782344970E5B5DE9E, 95D30EC12C7FDF5822CED8BC2F17669A6687A2FB262B4F0D15C8DCFF4E9AB33D ] applockerfltr C:\Windows\system32\drivers\applockerfltr.sys
00:52:59.0644 0x0198 applockerfltr - ok
00:52:59.0653 0x0198 [ 76A12AC673B0F8A607ACDD0583C247D4, CBC6C0EB82C7A8E3998344280BBB5A697AFA7206CA2BADFDA7ED6E7DD20E3DAC ] AppMgmt C:\Windows\System32\appmgmts.dll
00:52:59.0676 0x0198 AppMgmt - ok
00:52:59.0694 0x0198 [ 41BF82B41BD24BAC9D9890DAC3212007, 0644BEE740244188B3D39F875D313B560D288B7FC33064E352C2A5F09073E361 ] AppReadiness C:\Windows\system32\AppReadiness.dll
00:52:59.0737 0x0198 AppReadiness - ok
00:52:59.0761 0x0198 [ 1C37C4C7172DFF2B1824F063C4527E71, 9F3C3906CB71A8AD5C63F12A9CC2495BE062366E136D389FCBCF5F40AFA7DEAB ] AppVClient C:\Windows\system32\AppVClient.exe
00:52:59.0804 0x0198 AppVClient - ok
00:52:59.0812 0x0198 [ FC51FBAF73621601693DA24262353DE3, 147A5F185724E76C7E4EC6FA829A0311773B6A77B8F0A7953C1E6073AD5F4F94 ] AppvStrm C:\Windows\system32\drivers\AppvStrm.sys
00:52:59.0826 0x0198 AppvStrm - ok
00:52:59.0834 0x0198 [ 8DC924848E20F890BEFC6B31136D46BE, B7603425B4970F505B5A3EB0F6652A9CDD188059BDC945D6DF2BADC2DF8F4B5D ] AppvVemgr C:\Windows\system32\drivers\AppvVemgr.sys
00:52:59.0853 0x0198 AppvVemgr - ok
00:52:59.0863 0x0198 [ 9ADC5A8BEE10E174F95349E9232D8E76, F322991323DCDC51199BB3AB0DA20F6C3CC7EE6E804400B473C610FDB895F0AE ] AppvVfs C:\Windows\system32\drivers\AppvVfs.sys
00:52:59.0880 0x0198 AppvVfs - ok
00:52:59.0941 0x0198 [ 757646A22C2E9BC21E6A50842FE79139, 6AEBD3486F79C55154D677204D0CCB8179DAFC90941A743D277B44C1EED9DB12 ] AppXSvc C:\Windows\system32\appxdeploymentserver.dll
00:53:00.0047 0x0198 AppXSvc - ok
00:53:00.0058 0x0198 [ E6AB1F0B4C3D4E0D2A88332D76FECD03, 0D3003EB979DA4546DCDD055011E24F13E34F683F02C9801CAC564D1809F11D2 ] arcsas C:\Windows\system32\drivers\arcsas.sys
00:53:00.0073 0x0198 arcsas - ok
00:53:00.0079 0x0198 [ 61C5A480C43E7E8E49C42869F49D0D3E, E610F0E4315ABA1D90AD4A1D7A68ABA2ACBB7FCA89E9D1798470365D52592D55 ] AsyncMac C:\Windows\System32\drivers\asyncmac.sys
00:53:00.0102 0x0198 AsyncMac - ok
00:53:00.0107 0x0198 [ A10F989A812B57B9695F6C305907C9C6, E2B292610079AA1A10696138DE8130905A8A834B75A8DED7EBF8B6732B77A0F4 ] atapi C:\Windows\system32\drivers\atapi.sys
00:53:00.0125 0x0198 atapi - ok
00:53:00.0137 0x0198 [ 5D637DF654D6386487876ADF5AF301B3, 7B53356237369D892F5BBEA9C967B20DCA40FA2B6B3C5AF7A4304FFD00DF1BFC ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
00:53:00.0170 0x0198 AudioEndpointBuilder - ok
00:53:00.0197 0x0198 [ 57CEE51D9D84870F93D404302705A054, 14364B9798E9FE3F8A42109D749804795FA507C1A7D535DC17876ECCD47644E9 ] Audiosrv C:\Windows\System32\Audiosrv.dll
00:53:00.0248 0x0198 Audiosrv - ok
00:53:00.0257 0x0198 [ 6D90FDA2DC364B8EA1420F2F81585CC3, 10E6F23A213CFE49BE04BB7D366ADD4028D61D7114FEC67C30B5467DF6B36D4F ] AxInstSV C:\Windows\System32\AxInstSV.dll
00:53:00.0279 0x0198 AxInstSV - ok
00:53:00.0294 0x0198 [ 61BAC67048CA5C1D08C48FCC8012B613, 71B2A466FC38DA1029B471FBD2541D8FE359751A7B212AE0F420DB3645916450 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
00:53:00.0323 0x0198 b06bdrv - ok
00:53:00.0331 0x0198 [ 68F72B05EBC6D1779C0D60A147C7CA0B, AA1C857BEE34865C6B901157FC22570D4CF45D950708BAD7AA333F120F2B474C ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
00:53:00.0348 0x0198 BasicDisplay - ok
00:53:00.0354 0x0198 [ 23156E7EDAF613D839E2839746B168D3, CAEF8F9C7D3A338BD747AC9D5BFBE730D77B911E87BCF532EBB75E1F80916AFA ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
00:53:00.0369 0x0198 BasicRender - ok
00:53:00.0376 0x0198 [ 3F5523DCEFE42B385659C5CB46A6B810, CA24A3DF002B19E7BDEDE9B5EB60623F299D0E78B2E4F58DCFC028D76DEFE52D ] bcmfn C:\Windows\System32\drivers\bcmfn.sys
00:53:00.0393 0x0198 bcmfn - ok
00:53:00.0398 0x0198 [ 0B750A6A6D847E73CA48ADD7A0F5A393, 6A43020F23846EFB1AFA3C070465B0059E9DF60DEB16899E09559462DF30939F ] bcmfn2 C:\Windows\System32\drivers\bcmfn2.sys
00:53:00.0414 0x0198 bcmfn2 - ok
00:53:00.0426 0x0198 [ D4EFDA0D56429018281F8F3188E6F86C, 020B861338BAF8E2A861CA1D2D22640CCD39BA84F18260F9862F7E3AC5014985 ] BDESVC C:\Windows\System32\bdesvc.dll
00:53:00.0456 0x0198 BDESVC - ok
00:53:00.0461 0x0198 [ 0A508274355745EEF01C6BE3198D02C4, E2DB08AEE2368FA95FDB357BB31EA4EBF31679C3E72E109DB3D7CD1B5F7B828E ] Beep C:\Windows\system32\drivers\Beep.sys
00:53:00.0477 0x0198 Beep - ok
00:53:00.0499 0x0198 [ 5125CBB61AC81168366BEB290399CB8E, B2A3095D45E2114DE2BD0E5A3AE20B3CE95EE517A35B9E1EAD05E231F38DBDCF ] BFE C:\Windows\System32\bfe.dll
00:53:00.0545 0x0198 BFE - ok
00:53:00.0573 0x0198 [ D99CD8421A546B5AC727CD947C61DC83, E5DD081CB7D8FB6891277D4DEB34B003C04EEF236462E2FCAE35D131F580C10D ] BITS C:\Windows\System32\qmgr.dll
00:53:00.0642 0x0198 BITS - ok
00:53:00.0651 0x0198 [ EEBFAEB4702E1049ECD44B10485E6C0C, 8F4D31E36717101B6172D7346E86EBC77B9CDAA5CC14AA1379661C16A7FF05E2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
00:53:00.0670 0x0198 bowser - ok
00:53:00.0692 0x0198 [ 78C35DD7CF780428650B1EE9B0F8D41E, C5A3111383CD9813A4ED33E244E20E2E0607CDEFC5BF00A760F63DAD019EE90E ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
00:53:00.0738 0x0198 BrokerInfrastructure - ok
00:53:00.0746 0x0198 [ B3F32C630DD3F2F6A6091B89CFF13641, 7A9C53EF9AB9FF1DC392FD711B194A101DB36CA5BC799E817BEB446741089B76 ] Browser C:\Windows\System32\browser.dll
00:53:00.0768 0x0198 Browser - ok
00:53:00.0777 0x0198 [ 2D0F59C2DAB72561B503FD796C715050, 94959240748D2797CB9EB0614137F2532DE281E38F102CD3FD65492FE64C84E5 ] BthA2DP C:\Windows\system32\drivers\BthA2DP.sys
00:53:00.0800 0x0198 BthA2DP - ok
00:53:00.0806 0x0198 [ 722036C26D2C4E50EC2A2EC5FD678846, 999468038AE01F0FF6881F4B2A2CB67BC636641188E95F10729E08ADBC3CB3DE ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
00:53:00.0826 0x0198 BthAvrcpTg - ok
00:53:00.0835 0x0198 [ FF218FBB511B733F8A6829FB17CA972D, 05BB1C3BFE189549E78A02C5C0C0C832C248680668D821F92FE7B6B39DC111A0 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
00:53:00.0854 0x0198 BthEnum - ok
00:53:00.0860 0x0198 [ 20C63A9CC92CEA8D284C6EA36FED68DC, DA7669CCCA6838269297DD45EDB48149898B3E14648B5DB3B93AF82A3279B411 ] BthHFAud C:\Windows\system32\DRIVERS\BthHfAud.sys
00:53:00.0878 0x0198 BthHFAud - ok
00:53:00.0884 0x0198 [ C2E31BE025D46D189E38DD1EDF07837A, 656528DCAAAF485EC57EE5C3021E96736634DE3B9C39CBCD2728E055ABD4C0A5 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
00:53:00.0900 0x0198 BthHFEnum - ok
00:53:00.0906 0x0198 [ F7CD605FC0B0B22F3F6F247595E3A655, 1CD9140DE5415DDBEACD8667E63E5C95FD64D693B56302A0474E693E578BEAB0 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
00:53:00.0921 0x0198 bthhfhid - ok
00:53:00.0934 0x0198 [ B157D72BDA6A6DD6E9DC6BF338CD0CF8, B2AC26AE214151E5AD93DED78256BC0295DBF0133C854E7DEE4CD776D9C9A349 ] BthHFSrv C:\Windows\System32\BthHFSrv.dll
00:53:00.0961 0x0198 BthHFSrv - ok
00:53:00.0973 0x0198 [ 8EDA0733FF6266C2FB26BCE0B4AA8B15, F60BE5630EE714B718233933DC6101130DF672A01F99C7389D0708BC00E8D5DF ] BthLEEnum C:\Windows\system32\DRIVERS\BthLEEnum.sys
00:53:00.0999 0x0198 BthLEEnum - ok
00:53:01.0006 0x0198 [ 535DC41A33630AE4C262406F9E981C03, 599332589AA28D04189E19B87A4AE6FEEB60B40A7BC6E3B11240DA363A981C29 ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
00:53:01.0028 0x0198 BTHMODEM - ok
00:53:01.0037 0x0198 [ D2A121586B660311B09964D2A6DDF864, 539953D953D40014366918BB38FADD3F21417EF8ADA532E1ABD1824949B952D4 ] BthPan C:\Windows\System32\drivers\bthpan.sys
00:53:01.0061 0x0198 BthPan - ok
00:53:01.0088 0x0198 [ E465D7F6F3E4CA9F0E5FB6FD346F2F3D, 8F01051202903E8E16A6AE42B3F5F900C4D0B021311AE44225E8D11BE48DB129 ] BTHPORT C:\Windows\system32\DRIVERS\BTHport.sys
00:53:01.0136 0x0198 BTHPORT - ok
00:53:01.0147 0x0198 [ 96932F631F5CB9F5D1C8F99A71568EF3, 5E4C8955A2EE9DC76B4EBC383653EB753D76D6B017E1A5DD553AC16094D7F12A ] bthserv C:\Windows\system32\bthserv.dll
00:53:01.0170 0x0198 bthserv - ok
00:53:01.0176 0x0198 [ 7E844E3B520CA7873674D36286BC380F, 8B2A079B59625754D4CDFC486FC606B036B063DB382F6449A0CB69C5675F7A8A ] BTHUSB C:\Windows\system32\DRIVERS\BTHUSB.sys
00:53:01.0195 0x0198 BTHUSB - ok
00:53:01.0200 0x0198 [ 23F9EF739F685E07482116425E7879AA, 0EBDF96A49A319C0BCF6F51FB6C8C392C017E1738B950C19C91FF43E14D73143 ] buttonconverter C:\Windows\System32\drivers\buttonconverter.sys
00:53:01.0217 0x0198 buttonconverter - ok
00:53:01.0225 0x0198 [ 4C61113687EB66035A70A55EE9B7DB4A, 3339821A3853B90F3B468470493A813053D82014E2677E726C16E19AABE2A440 ] CapImg C:\Windows\System32\drivers\capimg.sys
00:53:01.0243 0x0198 CapImg - ok
00:53:01.0250 0x0198 [ F8FB51B9EF6372610E9B31A1D86B62FC, 7461584A8B39AC549AD7BAFFA509D4CD81EEE542808BC8EFC285863A0AE6432D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
00:53:01.0268 0x0198 cdfs - ok
00:53:01.0282 0x0198 [ 7AD576CF28F1E7AEFC3D6E8279DF84F6, 1F7E26F9354B543881E940F5183086AC00684CDC0AB7A797E1F0AB21C4AD8716 ] CDPSvc C:\Windows\System32\CDPSvc.dll
00:53:01.0320 0x0198 CDPSvc - ok
00:53:01.0335 0x0198 [ 0415CA08674F64D63329CB51D4004685, 12F3AB9A263F2E131F4969E6CED2AE6DD7AF06C10AF02923256FF4C9E34698BF ] CDPUserSvc C:\Windows\System32\CDPUserSvc.dll
00:53:01.0366 0x0198 CDPUserSvc - ok
00:53:01.0378 0x0198 [ 613D0137C269187FA298A157E3D14A18, 84BC268525F14BB27202CE242BF94D9E83BC91B50A0335908574F31B29A2F04D ] cdrom C:\Windows\System32\drivers\cdrom.sys
00:53:01.0404 0x0198 cdrom - ok
00:53:01.0412 0x0198 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] CertPropSvc C:\Windows\System32\certprop.dll
00:53:01.0438 0x0198 CertPropSvc - ok
00:53:01.0451 0x0198 [ 0AED948DA8D5F08B3D6F12E4E2089736, 95E538E81DDBC83492C5F3820C82C78F050B4D74ACF12D7970EC84F93581AE29 ] cht4iscsi C:\Windows\system32\drivers\cht4sx64.sys
00:53:01.0474 0x0198 cht4iscsi - ok
00:53:01.0527 0x0198 [ 0002A0FDE087C1657AB31CE73077539C, 4DD6210B67E9633AB3240371590869DC833A4C986C74FC12A5D4FFFFD361848A ] cht4vbd C:\Windows\System32\drivers\cht4vx64.sys
00:53:01.0607 0x0198 cht4vbd - ok
00:53:01.0615 0x0198 [ 6B4F90A287D75CCD78694F6790C911B2, 73D7C31E9F475FA3FD568FCA9A953F968729AA114F63C06F38BF5198DAD67BD8 ] circlass C:\Windows\System32\drivers\circlass.sys
00:53:01.0630 0x0198 circlass - ok
00:53:01.0643 0x0198 [ 09D0B94D3A06EFD1EB70189EC4B26DF7, 47E73C536C63F4C21E4ADBB122A152D3A291CF4EDD4CB4D07D09D14E1A9961F1 ] CLFS C:\Windows\system32\drivers\CLFS.sys
00:53:01.0666 0x0198 CLFS - ok
00:53:01.0737 0x0198 [ C05131E511A438CF953ABEC6AE2A4A8B, 7EA1104E21B220852C071C4A12F59277C5AE6ECB61077401FA2A8B5B50B48D48 ] ClickToRunSvc C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
00:53:01.0822 0x0198 ClickToRunSvc - ok
00:53:01.0847 0x0198 [ E133CFCBFABB3CB517BE9F42FEA5887C, DA699CDD5F3CC427354540C907BD24CCA7BAC3112C53918EB611CB4EEC7611DA ] ClipSVC C:\Windows\System32\ClipSVC.dll
00:53:01.0883 0x0198 ClipSVC - ok
00:53:01.0892 0x0198 [ EEC3A4A98AE1A337E3CD1483AD6F2E15, 764DA329984A95E092F5C15116DA34FA7FC27216C0862365D4BF10ADC97EC5C5 ] clreg C:\Windows\System32\drivers\registry.sys
00:53:01.0912 0x0198 clreg - ok
00:53:01.0925 0x0198 [ 429623E266EF067A44E8CF148E9DFB9B, A48AA85ACC52C7AD73DB2D6148B3F9FB5EAC33C8F8C5BB6D7D0A9D84B7C08E11 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
00:53:01.0941 0x0198 CmBatt - ok
00:53:01.0962 0x0198 [ E09C3E2CD29727AAC0977E1A7CE0425E, 86BC9C4306861D104A0F87E9C6E3E7A972488C80DD399A983397FF0312292DA3 ] CNG C:\Windows\system32\Drivers\cng.sys
00:53:01.0994 0x0198 CNG - ok
00:53:02.0001 0x0198 [ 3DB10C59405931E2C72EFB82C1AF97D1, 100B5450A70988DB1C1F8A5FDBB3553AF1A0D47B42A5AC71460DB92E26010CE6 ] cnghwassist C:\Windows\system32\DRIVERS\cnghwassist.sys
00:53:02.0016 0x0198 cnghwassist - ok
00:53:02.0032 0x0198 [ 34C935AF2A414572B412B3556586D783, 912981B88B0796576ECCD5EBE0C4728EC02D5D6A96B039447DCBA59B2583F25E ] CompositeBus C:\Windows\System32\DriverStore\FileRepository\compositebus.inf_amd64_a140581a8f8b58b7\CompositeBus.sys
00:53:02.0046 0x0198 CompositeBus - ok
00:53:02.0051 0x0198 COMSysApp - ok
00:53:02.0057 0x0198 [ 44EEEB2382F566999287E13F2067693C, 53A4A0C85EAD38030FF2078C67465E3710ECD03A08FF34E1E67B2E3E1CC70043 ] condrv C:\Windows\system32\drivers\condrv.sys
00:53:02.0076 0x0198 condrv - ok
00:53:02.0101 0x0198 [ 9CE94A05A5BA6A92013CAD1B924B1EC2, 19ECE2C607BAE5DCE7ED4AB46722E63EF834B219716F3A90AF661C02B58088C4 ] CoreMessagingRegistrar C:\Windows\system32\coremessaging.dll
00:53:02.0140 0x0198 CoreMessagingRegistrar - ok
00:53:02.0174 0x0198 [ 84BDA86BEE6B2D2A9B719D6467E33E98, 94C216AE192C092950C708161D3433370EA9F43EDF0F37A14F2EFF1A9033171A ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
00:53:02.0313 0x0198 cphs - ok
00:53:02.0321 0x0198 [ 5F06CAC4B09250CDDDD0180A08162924, A2EB0A57225E65FC264CFC9FAD858D8B54A015CDAE3DC904B1C4E9AAB40B1F06 ] CryptSvc C:\Windows\system32\cryptsvc.dll
00:53:02.0343 0x0198 CryptSvc - ok
00:53:02.0359 0x0198 [ 03214883D52FAD46573233852344C72C, 63DCCDD895EB804D205ABB8EA381B34FB0879D09E4D0EB0B28F9B2BB1024BAB7 ] CSC C:\Windows\system32\drivers\csc.sys
00:53:02.0396 0x0198 CSC - ok
00:53:02.0420 0x0198 [ BE35D1BAC3F18C9EB1C1CFBA31ED95E3, 4255475D173868A0E5583E844A1884E819E229838C4DEACAC47F1A4DEF388C9D ] CscService C:\Windows\System32\cscsvc.dll
00:53:02.0466 0x0198 CscService - ok
00:53:02.0472 0x0198 [ 68B1E0DA1BB1680494227E88CE821E2F, DE9AFCE4CC28F3484180D6A63FBBDA5B89F208E056BD17870C074094159ED6AF ] dam C:\Windows\system32\drivers\dam.sys
00:53:02.0485 0x0198 dam - ok
00:53:02.0493 0x0198 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
00:53:02.0507 0x0198 dbupdate - ok
00:53:02.0514 0x0198 [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
00:53:02.0523 0x0198 dbupdatem - ok
00:53:02.0550 0x0198 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] DcomLaunch C:\Windows\system32\rpcss.dll
00:53:02.0605 0x0198 DcomLaunch - ok
00:53:02.0614 0x0198 [ AE9F09F87755C18904656CB4F59F351D, B352A43B3B68B497D87B49C302AF3F37F36D56D49878AE3785C3D43597E5DC57 ] DcpSvc C:\Windows\system32\dcpsvc.dll
00:53:02.0643 0x0198 DcpSvc - ok
00:53:02.0661 0x0198 [ ABBD3EE724117242E28D31F19FBCFF03, 68EA91A969DD80A5DE28B0A8EAEB308837183713559C2C2FAEF991858C971393 ] defragsvc C:\Windows\System32\defragsvc.dll
00:53:02.0700 0x0198 defragsvc - ok
00:53:02.0715 0x0198 [ 78658EBDAD59E17ACC3569C8451F07B3, 629A014AF4E306C167B4D5C8DAFEE145472691CDCBBBB616D1435B67AA6FF20B ] DeviceAssociationService C:\Windows\system32\das.dll
00:53:02.0746 0x0198 DeviceAssociationService - ok
00:53:02.0754 0x0198 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
00:53:02.0780 0x0198 DeviceInstall - ok
00:53:02.0785 0x0198 [ CDF1B1B5C5951111791C236B2696C7F8, BF6C4BA545C8827B40DB69890DB4D2B2F9C583C5E3CFBDFD370B05891141458D ] DevQueryBroker C:\Windows\system32\DevQueryBroker.dll
00:53:02.0803 0x0198 DevQueryBroker - ok
00:53:02.0811 0x0198 [ 7EAFDEF51136E8F2452CEBD8D084F108, 88609DCB578D14BEBF7CF3C4D300FE2440BA0CF95189969247AB516059E9C284 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
00:53:02.0830 0x0198 Dfsc - ok
00:53:02.0843 0x0198 [ F0D4400BA0F08610D9A551B15BF10B76, 83EB8FB272FC2DD2CC0659C2FB90AD0DAE88A88AB3951E03BCD933A25B601E10 ] Dhcp C:\Windows\system32\dhcpcore.dll
00:53:02.0872 0x0198 Dhcp - ok
00:53:02.0880 0x0198 [ CA7FEDDFCF61EF15A09C54DA2C07C49F, 346EF7709BA9E6BD48592B86FA46F9D956C847EF91F4980EEAD98269D0F0EF67 ] diagnosticshub.standardcollector.service C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe
00:53:02.0901 0x0198 diagnosticshub.standardcollector.service - ok
00:53:02.0953 0x0198 [ 6079A6F6406C4FFB552F66384F25F919, 8B38645F1F4A8F72DF18373EDCD3828DDF8D4E2A406E42E654F21C0C1A5EB661 ] DiagTrack C:\Windows\system32\diagtrack.dll
00:53:03.0040 0x0198 DiagTrack - ok
00:53:03.0049 0x0198 [ 35B9D46560339A5A7F0CAC6ED702C817, F70480B01533B7029F90E2DE297E9E829660300DDE7A7D009B0AC2684E7691A7 ] disk C:\Windows\system32\drivers\disk.sys
00:53:03.0064 0x0198 disk - ok
00:53:03.0077 0x0198 [ 53757B27986CDC970725FAE35F45CA11, 3B332C2FBD502BAD959DDD65C86FEAFA78DFDDF6405F130F2F26A8AF9424E21B ] DmEnrollmentSvc C:\Windows\system32\Windows.Internal.Management.dll
00:53:03.0123 0x0198 DmEnrollmentSvc - ok
00:53:03.0129 0x0198 [ 815F45161A4571C2C44491564F3D5968, 32E7AE8414A178CE429C0CDFCF718E3C11C705FB3155EA5CA0EAD48AAE507B01 ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
00:53:03.0147 0x0198 dmvsc - ok
00:53:03.0154 0x0198 [ 6E5EE6E420FECD64DE463C5F01CBFE71, F173C56895E80AA03D70CD78B3AB659C2EEAACFF43BE3B6EF3939D6F4AD4F62D ] dmwappushservice C:\Windows\system32\dmwappushsvc.dll
00:53:03.0181 0x0198 dmwappushservice - ok
00:53:03.0191 0x0198 [ 7F8A3ABF7750326E18CE953CCE262670, 5DBD159E8A455A42764FC73CF7DCAC849B5896848C5589B00BD36697804C0A3B ] Dnscache C:\Windows\System32\dnsrslvr.dll
00:53:03.0219 0x0198 Dnscache - ok
00:53:03.0232 0x0198 [ 8F46B4C3F9BA19C26A26D0A11137B20B, BA0A66DBA98D77FD85A7CD2D4593F2B2A1A3B4D32BBECBCFFBEB5A54DCB0D8ED ] dot3svc C:\Windows\System32\dot3svc.dll
00:53:03.0261 0x0198 dot3svc - ok
00:53:03.0269 0x0198 [ CA09EAEE92C6FDDC6B05057F11A0372D, 14DB5C186B69644AA93C445BF31CC9670204F95A47B77B6EACB19B4A316378AD ] DPS C:\Windows\system32\dps.dll
00:53:03.0293 0x0198 DPS - ok
00:53:03.0299 0x0198 [ AE6BD4C879A8C849E53947C92DF3B3A0, 8C29774CB2D30D901C54AAC0C8ACE709351EE40E5C8FB9951B2A18B4A03F28B7 ] drmkaud C:\Windows\system32\DRIVERS\drmkaud.sys
00:53:03.0310 0x0198 drmkaud - ok
00:53:03.0319 0x0198 [ 7433474BE77F065D2FA628671FE31A3E, 063ADDC68F48036749E6EC7B2F66284DB29F90F62E9468D16B4EF5A0FDC45E35 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
00:53:03.0343 0x0198 DsmSvc - ok
00:53:03.0352 0x0198 [ 5FCA45C24501DA7390065D3706A9FC3F, 093FD840F1502ECC6F05B9723CA523B3F15CF39A5D2B9106E1267739B3F2C52C ] DsSvc C:\Windows\System32\DsSvc.dll
00:53:03.0382 0x0198 DsSvc - ok
00:53:03.0436 0x0198 [ A90C76FB62526DEB5A5557A8839841AB, 939BDA8A4F73E834A319D45C97B0892B0A44886A9191BA20D1121622BAE413FA ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
00:53:03.0512 0x0198 DXGKrnl - ok
00:53:03.0521 0x0198 [ 9FCE4EF7D5E274F862D9A2526B5F4779, 81D42D5475C2801C8E0C233A0BA827569D8A70590017C91C665C8B232D9BFAA9 ] EapHost C:\Windows\System32\eapsvc.dll
00:53:03.0546 0x0198 EapHost - ok
00:53:03.0631 0x0198 [ 7EC6FC0266D74BD47ABB130A328B70EC, 3856790AF967AB03B1A89F97328DC4D5A6854ACDA6169681A9AFB03D7CF791F9 ] ebdrv C:\Windows\system32\drivers\evbda.sys
00:53:03.0740 0x0198 ebdrv - ok
00:53:03.0751 0x0198 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] EFS C:\Windows\System32\lsass.exe
00:53:03.0771 0x0198 EFS - ok
00:53:03.0776 0x0198 [ 8D74B8B5D6F7C5BC4C525BAF2B083FF1, DA5656F745B3911F96871887FDFDC40F4D9C820622A0AA27EFE4BA93662833CA ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
00:53:03.0791 0x0198 EhStorClass - ok
00:53:03.0798 0x0198 [ 4D49B99DCACA1FC782A94DB596246504, 878B27A128093640830AB4C78973E1D896CF3AA918FA24FAB1029F0C9D1CB98B ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
00:53:03.0812 0x0198 EhStorTcgDrv - ok
00:53:03.0820 0x0198 [ 80A7999DE02CE678B865832E1CE78CD6, 2576EBB6E4D630A906DE724F125099E52A962B5B68B9F9BCA849A7B29D8C8689 ] embeddedmode C:\Windows\System32\embeddedmodesvc.dll
00:53:03.0843 0x0198 embeddedmode - ok
00:53:03.0854 0x0198 [ B4264DEF962801CDB83C008DE30758D1, 57886688102BE727450BA45932044A5A389B5822A0C1C08C2AFFBA380F70C3F3 ] EntAppSvc C:\Windows\system32\EnterpriseAppMgmtSvc.dll
00:53:03.0888 0x0198 EntAppSvc - ok
00:53:03.0893 0x0198 [ 77B60DEC7DCB4233E4A69D3F52E5DB24, 3A5C905E37A93899051497C90E5BA8E1D003B56C6906CADFD2F1CDF52052D248 ] ErrDev C:\Windows\System32\drivers\errdev.sys
00:53:03.0908 0x0198 ErrDev - ok
00:53:03.0932 0x0198 [ F89083AB8B9F51C0031C1CBD0A9A7E35, 9EE973A25134960E62D1A6A1E34AD9B3F7690E71C1AD31A23FA2081A73438754 ] EventSystem C:\Windows\system32\es.dll
00:53:03.0964 0x0198 EventSystem - ok
00:53:03.0978 0x0198 [ FCD2C63754C2E739A8EEAD9BC63F9DDC, C57A72ABA4C0BD71F914B9C8FF965DCFF585A205498F19A4584A4BAF7674839D ] exfat C:\Windows\system32\drivers\exfat.sys
00:53:04.0006 0x0198 exfat - ok
00:53:04.0018 0x0198 [ C077AA74EDDAF69985EB27597BCB342A, 8CE48D37E39A6DFA3C8E959CA92A49029100446DC40044EE009D55FB9CDE378A ] fastfat C:\Windows\system32\drivers\fastfat.sys
00:53:04.0046 0x0198 fastfat - ok
00:53:04.0064 0x0198 [ 77CE56471AF984800F318F3734D768C7, 72D540072374A56C2C497F0532A50705D3F0637F2C0C96B1D715F2EDFCA3AA2D ] Fax C:\Windows\system32\fxssvc.exe
00:53:04.0102 0x0198 Fax - ok
00:53:04.0108 0x0198 [ 99598ECA5E41996E005D5B9D9FF1EFA2, 91345CD50EF02431B69093505C1C5F5DC6A1AA6BF192EE9392ED4D5626B60462 ] fdc C:\Windows\System32\drivers\fdc.sys
00:53:04.0125 0x0198 fdc - ok
00:53:04.0130 0x0198 [ EF0DD43A4CBAB367BCA1AFBDC9971E4F, 73E161C45D63FDDE71EE2438137913724DC513860539D1E7F6BD861F5D1B33F3 ] fdPHost C:\Windows\system32\fdPHost.dll
00:53:04.0151 0x0198 fdPHost - ok
00:53:04.0156 0x0198 [ 34DAC585994CD3B4E910DE11C584EF3D, A6C6A4CB5413EA61F1A54E2D3AD71A311CEA2C26218544D2D2D4A5CFEC52DE8C ] FDResPub C:\Windows\system32\fdrespub.dll
00:53:04.0175 0x0198 FDResPub - ok
00:53:04.0183 0x0198 [ B68DA1FE3CA2311AFD38DD6905CA7F71, 4B395DFB1B47D2507CA4D9DC996A70D0A3BDB1A245CD6DA6C42B2A299AFCCF37 ] fhsvc C:\Windows\system32\fhsvc.dll
00:53:04.0206 0x0198 fhsvc - ok
00:53:04.0213 0x0198 [ F44F666B0EACC3181544FFCF8CA0FFC7, 83F771CF9DAE1C504B30731EEC55355EA1253174252DA2192ADF1D228B3735C3 ] FileCrypt C:\Windows\system32\drivers\filecrypt.sys
00:53:04.0232 0x0198 FileCrypt - ok
00:53:04.0238 0x0198 [ 78A210DDFDF2C9EC884631D2DAA573F0, 5D39C6EF4AC690A9749EEDBE2478FFF15A22877A2861EDA103C7BF1607B0C1BD ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
00:53:04.0255 0x0198 FileInfo - ok
00:53:04.0260 0x0198 [ 1A97DB5E701A186989F3795223C3BE39, F7982220D4DF7E104955E63CACE352394E2577DEF49506EA126127F820EB62DF ] Filetrace C:\Windows\system32\drivers\filetrace.sys
00:53:04.0282 0x0198 Filetrace - ok
00:53:04.0287 0x0198 [ 46626665F0E5906E45619B4EFD6186B8, 37FDD3B8AD49FD29E54DA5567EA77F28A53498AE56348F7A2628E5E5549D638B ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
00:53:04.0302 0x0198 flpydisk - ok
00:53:04.0315 0x0198 [ FDA72ACA14D516D18C33AFCD0FD9260F, 6509612DEC82EA74614B5C9A7B432305A1A468C97B88BED9E141DF2929B621B1 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
00:53:04.0341 0x0198 FltMgr - ok
00:53:04.0388 0x0198 [ 289EFA0470B308F01BAF955DE81E0682, F88081AD427BD90B3085A07439D1BDBB4966A898D49B0ABEFF7829D68BE532A5 ] FontCache C:\Windows\system32\FntCache.dll
00:53:04.0480 0x0198 FontCache - ok
00:53:04.0488 0x0198 [ 59241194DBDF30A2B4029E402F377900, 47A92E9CD8494C403B377799D395670A393766647E24CD83B15338CE2AA50266 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
00:53:04.0499 0x0198 FontCache3.0.0.0 - ok
00:53:04.0522 0x0198 [ B6848AE7BF5BD5182075D948DF7588DC, 0245D35CA48451D0743347338EE2E8E8AB6C6FD8ABE0B91E7FE2830714D30BE0 ] FrameServer C:\Windows\system32\FrameServer.dll
00:53:04.0571 0x0198 FrameServer - ok
00:53:04.0579 0x0198 [ D152CCBFC8251670BF0AAFE00D6BC782, 9DE82D8FC4E1DAF8FF23EE08C0B7CB5051A9224E64544D262CFA4996A41B04E1 ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
00:53:04.0592 0x0198 FsDepends - ok
00:53:04.0598 0x0198 [ 6D6BB5C7363CD35FA715E826F3D029EE, C214F791EB39E8B25CE57ED9D6C1D56EE1AF6021BCB380980BD42A6338A6C9F7 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
00:53:04.0610 0x0198 Fs_Rec - ok
00:53:04.0630 0x0198 [ B719EAA1EC93586955B013BD7DD61356, 0D0D94CF33322EEC0AD08835D0314E578F9687F361CD436A2073A4D2C0D56C86 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
00:53:04.0664 0x0198 fvevol - ok
00:53:04.0671 0x0198 [ EF78034773CE506323655A868C949144, DF195BEEE6704FBCC6D2D9E1BF6723E52ED502A1459F495B7D18481E6A79B5BC ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
00:53:04.0689 0x0198 gencounter - ok
00:53:04.0694 0x0198 [ B55FEBC6A00DAA1FE074F020B6907516, 67071FBAC2ABA47AB71358A5F08E92E034A55343878F00137E90B3B1F7362976 ] genericusbfn C:\Windows\System32\drivers\genericusbfn.sys
00:53:04.0709 0x0198 genericusbfn - ok
00:53:04.0719 0x0198 [ DDD8A8CDDC7F13EF57D1DAAE71865936, 9D472A8689F72F24D40D5B94849690F53C67849FDF6162A94EF4FB330A3DA566 ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
00:53:04.0736 0x0198 GPIOClx0101 - ok
00:53:04.0768 0x0198 [ C9316C91895057669386E620C89580E5, 5C7BF2C890E77AE3D401BB1F9F76B42D8A0ECD98118F17929FCD4097C768D90A ] gpsvc C:\Windows\System32\gpsvc.dll
00:53:04.0834 0x0198 gpsvc - ok
00:53:04.0841 0x0198 [ 7ACD8F69B5D6EC97E6D2C006E19BED88, FC69214C9308EA64B88EF4C3C95800586DDBB44C8540846B79A161BAD8203B6E ] GpuEnergyDrv C:\Windows\system32\drivers\gpuenergydrv.sys
00:53:04.0857 0x0198 GpuEnergyDrv - ok
00:53:04.0870 0x0198 [ 217230B984AB2954E2FA5E36578D7B08, BB7B79EA7501A28EB2A0303FDF66FB9D59D567994C25A1523CD6D2081C403AF6 ] HdAudAddService C:\Windows\system32\DRIVERS\HdAudio.sys
00:53:04.0904 0x0198 HdAudAddService - ok
00:53:04.0911 0x0198 [ 10E3515FE5DBA6656FA62C29342EC4A1, 2051F10F74ED712B1766EB61E87FADE25AB3D0970BABFD320600D1B0D6377F26 ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
00:53:04.0932 0x0198 HDAudBus - ok
00:53:04.0938 0x0198 [ B90D284B97CD4CA9DE7430AAAD887A56, 2F14F985C39B7801ED64590979CF2114924E9547F5B11D2B37A74DBFFDD9E7C5 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
00:53:04.0952 0x0198 HidBatt - ok
00:53:04.0959 0x0198 [ B2FE11643CC6ACDEE6C247DD36018FDB, 5796613C7DBF8B2A9E860E006FF1A245B6BE7D10E3F6685AD142B48E5C237B8C ] HidBth C:\Windows\System32\drivers\hidbth.sys
00:53:04.0977 0x0198 HidBth - ok
00:53:04.0984 0x0198 [ D24355488A2D4D2323518EC1AC7A6D9E, ED2176A2093726087EDDA25B86E9CDD4BA35F4E748E3A6DE0B15C4C97646B5C7 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
00:53:05.0000 0x0198 hidi2c - ok
00:53:05.0006 0x0198 [ 0AF9ABBA4F3F55C6C803890D64BC3C29, D3DE6FA308F8E7CD4F16387F46AE4B2F7EC9BBA07BF87652B660A0D645710571 ] hidinterrupt C:\Windows\System32\drivers\hidinterrupt.sys
00:53:05.0020 0x0198 hidinterrupt - ok
00:53:05.0026 0x0198 [ CDBCF8E9AB06D88A1E1191D32F320C5D, F76963AB7CF2BAB3A220013879AECD3976BFD851CFB66B5A69A9EA2541048861 ] HidIr C:\Windows\System32\drivers\hidir.sys
00:53:05.0042 0x0198 HidIr - ok
00:53:05.0047 0x0198 [ C900FE0DD6A1E2220084B8F1C427790C, 802194EBEDA1A50EDA300078B0888AAC1F17A42E67147B7B3B9C50AD8D4E5C89 ] hidserv C:\Windows\system32\hidserv.dll
00:53:05.0064 0x0198 hidserv - ok
00:53:05.0069 0x0198 [ 2B7002EEACFC2687788A34ADB204293D, 040B5FC43459E80AD56CEBB26EC7676F449310537ADCD3272C2064241E328834 ] HidUsb C:\Windows\System32\drivers\hidusb.sys
00:53:05.0086 0x0198 HidUsb - ok
00:53:05.0097 0x0198 [ 44D54C8356588525D7AD0FDCFDDA0811, 46963ADBF14FA8A9B0E6564106ADEA49BBD4EBD9E43DF389CCD31F9B9BD080D9 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
00:53:05.0126 0x0198 HomeGroupListener - ok
00:53:05.0143 0x0198 [ 86161A89F16851728802590EC7C92608, 3A3B05BB4E115410D27063B30C0EF3F18295F542050F329F1E466C81A9E23A46 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
00:53:05.0180 0x0198 HomeGroupProvider - ok
00:53:05.0187 0x0198 [ F5CA18197B4646E04DB9EB2D6642CC4D, 5BA3342DDF1BCB67E4156169FE9A33E7BC2641C729E9F1A80C0E80953C6AB114 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
00:53:05.0200 0x0198 HpSAMD - ok
00:53:05.0230 0x0198 [ 65E358D604267CBAACB74A2598BBE22B, A645E48641D638A58789B7948FC3DD5072179C0919B546A6DB08094FA9321A30 ] HTTP C:\Windows\system32\drivers\HTTP.sys
00:53:05.0275 0x0198 HTTP - ok
00:53:05.0283 0x0198 [ 0C84C250F80EAEC2C9768464CC1A9626, 212E1003B78F9B98FEB084FD1FDB59B26A9DE4C9120F24D4361FBBF0F3C035E7 ] HvHost C:\Windows\System32\hvhostsvc.dll
00:53:05.0302 0x0198 HvHost - ok
00:53:05.0310 0x0198 [ 3756E15BB86689412775DF22A442FC46, AD9DF5B542B30C89F9904CB574E75BD2D18A31F67032F0E2453290E912FC5DE3 ] hvservice C:\Windows\system32\drivers\hvservice.sys
00:53:05.0326 0x0198 hvservice - ok
00:53:05.0331 0x0198 [ 771EDDA9830A3079F996F34D681FB6E5, F452AD656872A1C8B2D6DCE232CE01EBD456C46F4934A7601E78470F2A2CBF38 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
00:53:05.0344 0x0198 hwpolicy - ok
00:53:05.0349 0x0198 [ 3B9F315E7FA72CC25228EB097DD9C694, B26F1E494428EF197A0C97645C05BB3CA093827A005D35C987F1D6778BC4E52C ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
00:53:05.0366 0x0198 hyperkbd - ok
00:53:05.0373 0x0198 [ B54B30992620C97230013A74461C8517, CAF09BDCDD6DE2A39CB8AE2C65E6F8FE12D8E93D84BBEF6C6A98F872BF54A4E3 ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
00:53:05.0393 0x0198 i8042prt - ok
00:53:05.0399 0x0198 [ C6B8743B213F06AA60943D8366FE968F, 758954F70B810063914B243115B2C753B2BCE40190F95C30ACBA0BF04EBD5B33 ] iagpio C:\Windows\System32\drivers\iagpio.sys
00:53:05.0419 0x0198 iagpio - ok
00:53:05.0425 0x0198 [ 9A2A2F3C69B9A30B6E78536F6D258BAD, 5E28E132A7300E6F5E0C6439D6BA00F1AEF66D729FF671FDA91274A25A921463 ] iai2c C:\Windows\System32\drivers\iai2c.sys
00:53:05.0443 0x0198 iai2c - ok
00:53:05.0451 0x0198 [ 5A0E850F8CD17791A3E6A3CF81D0CA28, 10A965A49D53360DD250E0758B6BB142872298A21C732EB026ACB93492C5C6CF ] iaLPSS2i_GPIO2 C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys
00:53:05.0467 0x0198 iaLPSS2i_GPIO2 - ok
00:53:05.0475 0x0198 [ 7508F1096803385D6376BFD0BD473AC4, 1F32EC23CDC94DCB9710E6663B5C3BD83568545DDC2C741CFC13550A4E4DD2BE ] iaLPSS2i_I2C C:\Windows\System32\drivers\iaLPSS2i_I2C.sys
00:53:05.0492 0x0198 iaLPSS2i_I2C - ok
00:53:05.0497 0x0198 [ 16A10CCEDCF5AC4CAAE43DC9FC40392F, F77696AE55B992154A3B35F7660BD73E0AB35A6ECEEC1931C0D35748CFA605C0 ] iaLPSSi_GPIO C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
00:53:05.0507 0x0198 iaLPSSi_GPIO - ok
00:53:05.0514 0x0198 [ EB82A11613326691508D9ED9A4FE29E7, 8445E41BAB21964C7F014742795E462BDDC6C37A261990B3D6BF4E637A719547 ] iaLPSSi_I2C C:\Windows\System32\drivers\iaLPSSi_I2C.sys
00:53:05.0534 0x0198 iaLPSSi_I2C - ok
00:53:05.0554 0x0198 [ 97E553D03219D3D51705C7235D9EAEBD, 5D4578C8804AF32D1DC0868E34D6538138DC15F9568CA7E21051B1C82C0D8D55 ] iaStorAV C:\Windows\system32\drivers\iaStorAV.sys
00:53:05.0585 0x0198 iaStorAV - ok
00:53:05.0600 0x0198 [ 8350FE3BCDE3428BC040877BB7E9EAEB, 77F9456351CA640C6B7862907C0580627E761EC807B551976A95657EB4D6CC20 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
00:53:05.0626 0x0198 iaStorV - ok
00:53:05.0644 0x0198 [ 3BA03F7C7700DDF4C383DDE9252F5817, 3E90F69D0010E7764349D9AE865D577E431FEBC67DA554B400BC808DD286E203 ] ibbus C:\Windows\System32\drivers\ibbus.sys
00:53:05.0673 0x0198 ibbus - ok
00:53:05.0680 0x0198 [ AB7AEFAEECAEBD9CBAB3EC72015E7FFE, 4D656B70C968AE16D7417A4B072238D9BDC3AD140341BA17F4E43EFF01D805E5 ] IBMPMDRV C:\Windows\system32\DRIVERS\ibmpmdrv.sys
00:53:05.0691 0x0198 IBMPMDRV - ok
00:53:05.0700 0x0198 [ A99860F7B2BB6A8593D57E72014B3816, 792E06F09DC3A9C05D97D149E70542FEBC689FAB3800A60CF52C9E4018BD8F65 ] IBMPMSVC C:\Windows\system32\ibmpmsvc.exe
00:53:05.0713 0x0198 IBMPMSVC - ok
00:53:05.0720 0x0198 [ 62F0CB0A54EAF37E15EC385300957BB8, 55FCF7068D84D5AEEAF3149A5349BF13F1D18E34956217916ED7C1950885E63C ] ibtfltcoex C:\Windows\system32\DRIVERS\ibtfltcoex.sys
00:53:05.0732 0x0198 ibtfltcoex - ok
00:53:05.0740 0x0198 [ C10A50A149BFA3CA0B43893B373917E0, D504429DD28B62BAE93414D283151E0C40185CF6ECB6AE18F546B1646202B966 ] ibtsiva.exe C:\Program Files (x86)\Intel\Bluetooth\utilities\ibtsiva.exe
00:53:05.0753 0x0198 ibtsiva.exe - ok
00:53:05.0761 0x0198 [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
00:53:05.0773 0x0198 ICCS - ok
00:53:05.0783 0x0198 [ 937AC47F7356554DA05D9722C356EB55, 9EABC9F19B4E1193B669D2674967F5C6F03FAD348EDF0615E3F78554FF9A83CC ] icssvc C:\Windows\System32\tetheringservice.dll
00:53:05.0811 0x0198 icssvc - ok
00:53:05.0900 0x0198 [ 6AD680D27A4EB39FE2839310FDC7F86D, 40DAA3A6B479FF2A24C6A8B78FC65F7D1E8E44072204AFF64A70CEA0E55CB813 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
00:53:06.0049 0x0198 igfx - ok
00:53:06.0065 0x0198 [ 3A790F0B274320FF8F5ED5FF0AF1EEC0, C8CAAC8DA510B1EC3111EA7229589DEA3186772D836EB5398B7C3B6184B0F562 ] igfxCUIService1.0.0.0 C:\Windows\system32\igfxCUIService.exe
00:53:06.0115 0x0198 igfxCUIService1.0.0.0 - ok
00:53:06.0140 0x0198 [ F2934208C0E50C0B971A7981AB90BED2, B936BFBBD71E731CC2CDB8B47D262F2EF09726FF921C2DA0841910CA2401423D ] IKEEXT C:\Windows\System32\ikeext.dll
00:53:06.0195 0x0198 IKEEXT - ok
00:53:06.0201 0x0198 [ 2A01C96DF5802D3434634E55C91232D8, A3ABEF36E2FD2CF5C371ADBF92566A09669A1D990ABE4677370F57F2EEAF8121 ] IndirectKmd C:\Windows\System32\drivers\IndirectKmd.sys
00:53:06.0219 0x0198 IndirectKmd - ok
00:53:06.0228 0x0198 [ 41CD73C13FCAEA4942F0CF7608B7530F, 835BF370E6624975E3CB7106D4835488D6F527C545E7B0ECD26A161D36CABABB ] intaud_WaveExtensible C:\Windows\system32\drivers\intelaud.sys
00:53:06.0263 0x0198 intaud_WaveExtensible - ok
00:53:06.0369 0x0198 [ 68F5FA7BEF91993F996C6C0C7C897233, EE0B774B99EDE2093B63B628A76D6CE3DD050B422BE058349458C30923361103 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
00:53:06.0501 0x0198 IntcAzAudAddService - ok
00:53:06.0521 0x0198 [ 87871AB7AC797F922A6F3D4C874CED96, 2BCD89911E42827CD294DD7D1486A7845D1F98019E51958E0F488384401B2944 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
00:53:06.0541 0x0198 IntcDAud - ok
00:53:06.0547 0x0198 [ 9F7E87F6595D065A8A200A291043045E, 6944F72F73EADC6C9B7691F2C1C6DF1898F22C88EFA78EC0BA8CB5FFD9CE057B ] intelide C:\Windows\system32\drivers\intelide.sys
00:53:06.0559 0x0198 intelide - ok
00:53:06.0564 0x0198 [ A6BD2E20AE1BC5CB2776C87C28E4F4CA, BD8BE67CED9A4982D785CE9ECBEFE868C3A2E37DF7F9592B9F9049B807A1554B ] intelpep C:\Windows\system32\drivers\intelpep.sys
00:53:06.0578 0x0198 intelpep - ok
00:53:06.0586 0x0198 [ 2A48DA39542636DB0FA3BA915385D1B3, 6CA0916F5F4B1E81AE6A6233276320599BFA7C129267177703E3BB6468FB4683 ] intelppm C:\Windows\System32\drivers\intelppm.sys
00:53:06.0604 0x0198 intelppm - ok
00:53:06.0609 0x0198 [ 4A922CAB4AB5F29F1BECC9D95B4B7F05, 7C1006799E26A0B4DF49373A4D0509748C602588CFB3C1CBB409E335F5DF9593 ] iorate C:\Windows\system32\drivers\iorate.sys
00:53:06.0623 0x0198 iorate - ok
00:53:06.0630 0x0198 [ FE85D0A86CA7A5A99CF8CD04DE7F80AE, 544C01FC01EE728EB5667158207E5F4418FE77A88BA318192A834722DB766F4E ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
00:53:06.0650 0x0198 IpFilterDriver - ok
00:53:06.0676 0x0198 [ 89548E57FD0A7BC703541C69C0286B13, 261698B302DF5B80C57FC4257E0A0AABC8DEFFED16D8CD142AD8E7CB51AF2007 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
00:53:06.0727 0x0198 iphlpsvc - ok
00:53:06.0735 0x0198 [ 450DBDD716C7911F83E05F78EE18BFA2, 43C0DA172F632131898F315A53DEDD1AE99FB0620AB32B3A5B99FEC498C9AAE5 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
00:53:06.0748 0x0198 IPMIDRV - ok
00:53:06.0758 0x0198 [ F1DAECC3B3D6399875D4F10529D6A77C, 6533D2F858816BE6570C998510919FCA2904EC6EF806F61C1FD325E88133111B ] IPNAT C:\Windows\system32\drivers\ipnat.sys
00:53:06.0778 0x0198 IPNAT - ok
00:53:06.0787 0x0198 [ 7475A2903BB704B446AA6309E34D3362, C94643A1626A9716015EBA7041A1224098501EB7DAA704CBFCAD3DC6F3CFC6AF ] irda C:\Windows\system32\drivers\irda.sys
00:53:06.0812 0x0198 irda - ok
00:53:06.0816 0x0198 [ 9725E7F0C64CE9916A5CDABE8D6E13C3, 04AF9E48FEF208A2850DF28352E8FDCBF4018982C72C0F67EE12C048C4070116 ] IRENUM C:\Windows\system32\drivers\irenum.sys
00:53:06.0833 0x0198 IRENUM - ok
00:53:06.0839 0x0198 [ 8C604213A2E73088BFFE6CD2E6F1AE53, B4C4FEE4D398A29F72EC27D5668071D7E68CD943FFFC38624DD5DF5BEBDF46D3 ] irmon C:\Windows\System32\irmon.dll
00:53:06.0856 0x0198 irmon - ok
00:53:06.0861 0x0198 [ 58040898883A96160D41739C80328BBF, 7F85C91C905811416E266A263DDEFCDCB0B45376AAE51B551AB636C16577DB9F ] isapnp C:\Windows\system32\drivers\isapnp.sys
00:53:06.0873 0x0198 isapnp - ok
00:53:06.0884 0x0198 [ C9FD02D62E09337B67B0C61EC8CA38CC, DC77E935ECC8474BE9018F0937CB11C137073582B20A0EE107CE247FD9E1F9C1 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
00:53:06.0903 0x0198 iScsiPrt - ok
00:53:06.0909 0x0198 [ 48B904D31F2369D7B0122617038D3F5B, 8A43CB37667929CCCC37B6E79E82509BBCA6C8884B44059DC87BCA7C21BE7FE1 ] iwdbus C:\Windows\System32\drivers\iwdbus.sys
00:53:06.0946 0x0198 iwdbus - ok
00:53:06.0953 0x0198 [ 210808437570BDDEE71A43535E3A2D30, EF5DE6EE4FF58F44CDE4D4E7F298ABBC9086EC05CC3AE4903060DA878115AC1E ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
00:53:06.0965 0x0198 kbdclass - ok
00:53:06.0971 0x0198 [ 2D05785B0C58D90A34EA15032EADBBA9, 3E1238FF7F6ECA522761830FE7EA7587B704FCB3ECE8C6BF94CC17A640B678ED ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
00:53:06.0988 0x0198 kbdhid - ok
00:53:06.0994 0x0198 [ 813BA3EB2CE038F2A5382DDD75CAD60B, 99FA444027CAC247B54317730D54AB0C4C000AE076B97E47470FDA9834594312 ] kdnic C:\Windows\System32\drivers\kdnic.sys
00:53:07.0012 0x0198 kdnic - ok
00:53:07.0018 0x0198 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] KeyIso C:\Windows\system32\lsass.exe
00:53:07.0038 0x0198 KeyIso - ok
00:53:07.0045 0x0198 [ 9FA1B5D84F596F0664F0465F302044DC, 47B41D3D6119B5B20C83AF84D315C4AB40B5534D687736A8B67BD985A3B232C1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
00:53:07.0060 0x0198 KSecDD - ok
00:53:07.0069 0x0198 [ 3B342AD20A76FAEC4851A38774B99AB4, 5003427A1BA8AFA2273C623BCF1A9CC5D60654A346FE4A2FB43CDAD2732E8BB3 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
00:53:07.0085 0x0198 KSecPkg - ok
00:53:07.0092 0x0198 [ 4ED115CD1A1099705F56B5E0FFF97CC6, 9CC49DF2CD6AAAE405BA661D13EFC1E05111D1DE3D1E50C39C425AF1F075610B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
00:53:07.0115 0x0198 ksthunk - ok
00:53:07.0130 0x0198 [ 8125BDF7ADC261F75EF0CAD92456E350, 184797AA1D58C4FF743BA60D48590B88B781EE7779205E45E0679DEC79F3E185 ] KtmRm C:\Windows\system32\msdtckrm.dll
00:53:07.0169 0x0198 KtmRm - ok
00:53:07.0180 0x0198 [ 8CCAB08815B50AD78B823DB3F96C8604, 265E6D582EB7207B5CC577D61CB7BC3646F613047F168CD69BB776C37780EBF5 ] LanmanServer C:\Windows\system32\srvsvc.dll
00:53:07.0209 0x0198 LanmanServer - ok
00:53:07.0220 0x0198 [ 752FE77F22592016A5EBBF399EC12E14, 231CF3E069FF64A4E8C81D0799A73924D864585B25382EFF8D1707F87747AC9E ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
00:53:07.0251 0x0198 LanmanWorkstation - ok
00:53:07.0264 0x0198 [ 20EE2F2ADCF8DBD091E931593F5AC268, 5F053F8B7C8B340A0364CE37B25D68B6755C2CCDB050C02E9B4E0929DF587E0F ] LBTServ C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
00:53:07.0284 0x0198 LBTServ - ok
00:53:07.0294 0x0198 [ 521ADEA6D54C519EA3BE8202FF3EC36D, E29C88321C0F8B136951B617C206B36AE25D68EF08E723DE99064EF9BE87A3F9 ] LENOVO.MICMUTE C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
00:53:07.0305 0x0198 LENOVO.MICMUTE - ok
00:53:07.0311 0x0198 [ F8EBAA1FE6D3BF84752931DE1BFA0E2A, 2F3C512712BA709BBBBD779D9E792DBE324876C402CDCEF0345B8B7ABE1D232A ] lfsvc C:\Windows\System32\lfsvc.dll
00:53:07.0330 0x0198 lfsvc - ok
00:53:07.0338 0x0198 [ AFDFA4A6B0F7B15AA38E494FD4595741, 0D89CCEBC816F4A3F6DDB093B3F8BB8B85293E94559085961DA31F9330D43C21 ] LHidFilt C:\Windows\system32\DRIVERS\LHidFilt.Sys
00:53:07.0349 0x0198 LHidFilt - ok
00:53:07.0355 0x0198 [ F2E1302599E445F3E1A305123A92A8BC, 162D5C8045463931E8465544144F11567AA0F246AEAC3828A13284C283F01633 ] LicenseManager C:\Windows\system32\LicenseManagerSvc.dll
00:53:07.0374 0x0198 LicenseManager - ok
00:53:07.0380 0x0198 [ 5933A6673F00D8255C52957E40C2D601, 0AA1281F8B3F97E360592D1B35EE7D3D614F1AB46007F9884CFFB1C5E647575E ] lltdio C:\Windows\system32\drivers\lltdio.sys
00:53:07.0397 0x0198 lltdio - ok
00:53:07.0408 0x0198 [ 88A3C935725FA6EA1A228DCC26CF9C6F, 9B1F70644EEFA1EE7CE151A8A970430087339B7A6345F2E0252370929D4AFAC6 ] lltdsvc C:\Windows\System32\lltdsvc.dll
00:53:07.0434 0x0198 lltdsvc - ok
00:53:07.0439 0x0198 [ 3F858E28AEE6545FA1B64134DFD5C2CE, FFD7B4FB0A7B61BC6B76A172134673842F2CF00E96FA3ED4A8273DC525B6BB92 ] lmhosts C:\Windows\System32\lmhsvc.dll
00:53:07.0457 0x0198 lmhosts - ok
00:53:07.0463 0x0198 [ C3E82B320F34C97F32B8026F4C249BEF, CAF53CD4738D2C92E4764372F75B5D0D74EBA896E59E685ED15B915F4E7223A0 ] LMouFilt C:\Windows\system32\DRIVERS\LMouFilt.Sys
00:53:07.0474 0x0198 LMouFilt - ok
00:53:07.0494 0x0198 [ BBE747F32AF2EC05FFFB5F249FDADB8C, C2D568F892A7689FDC0199AAED05CA38B3428605BA6C9BA54F37F4DE807304AC ] LPlatSvc C:\Windows\system32\LPlatSvc.exe
00:53:07.0527 0x0198 LPlatSvc - ok
00:53:07.0539 0x0198 [ 8E1B0946948CCC0BC1FA3CB70374A795, 0B894C129A35E223FF9594725AC90916CBD597FAD2211A18FC2AE03EA8679597 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
00:53:07.0553 0x0198 LSI_SAS - ok
00:53:07.0560 0x0198 [ 4F68163FC04C973500DC4DA0946917B0, DF060C29109EB3978CEDFE781999B0C4C1E8C0FDB133428058D8400C53315EEC ] LSI_SAS2i C:\Windows\system32\drivers\lsi_sas2i.sys
00:53:07.0579 0x0198 LSI_SAS2i - ok
00:53:07.0586 0x0198 [ E5AC5F2815938651CDCC27F425474673, 3AF0598982153C36A766506FA088F7B84333CC96FEBB050402547AFC613AF9F7 ] LSI_SAS3i C:\Windows\system32\drivers\lsi_sas3i.sys
00:53:07.0603 0x0198 LSI_SAS3i - ok
00:53:07.0610 0x0198 [ CCF6EC9FB9B8F18E05B4253E81013E48, EBE8D77FEE8B99BD8C29702404774D554673C96DF3FDF3DCEA9C99E22C2709FC ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
00:53:07.0624 0x0198 LSI_SSS - ok
00:53:07.0645 0x0198 [ 5570D03E2048AC7961BEF6FFEE3A2CA5, FD0232312D87015FA0B8062FA175A44410F8C1C9778145CCDD57BA1C23929C87 ] LSM C:\Windows\System32\lsm.dll
00:53:07.0692 0x0198 LSM - ok
00:53:07.0700 0x0198 [ C9579D32219E5B936AC3A48D470117EC, E61A77191B6BA25D29B1221FEBBE826BBC11F825C0E35A72B4CEFFF8B7FE59A8 ] luafv C:\Windows\system32\drivers\luafv.sys
00:53:07.0722 0x0198 luafv - ok
00:53:07.0729 0x0198 [ 6D4111E1852A9F0BFC07BB69F3141841, 9BFF4517F26F1E9DF4DA6633B542EAA20A698B9397D2ED73134E7AEF306FBB15 ] MapsBroker C:\Windows\System32\moshost.dll
00:53:07.0750 0x0198 MapsBroker - ok
00:53:07.0757 0x0198 [ C3CDCCF07486BD2616A7B82946E07AC0, 1EF95DAB2DA856BC7D7573B2EB2D9006DF337F827F0B56A161D0C97F45DB755E ] megasas C:\Windows\system32\drivers\megasas.sys
00:53:07.0770 0x0198 megasas - ok
00:53:07.0789 0x0198 [ FADB2FE017E69EECE0E1BA78661C2E8C, BE99B49031D8B4B670B6F6B6E829E54406779CF6F1D8AFE8AB79A73E6764AB2F ] megasr C:\Windows\system32\drivers\megasr.sys
00:53:07.0816 0x0198 megasr - ok
00:53:07.0828 0x0198 [ 6D1671CB2E5402F01D2F13ECF764CAA1, 4778630F602FE8F9B9112DC5BB7A179632000D10D80C28E93711404108FCC6E0 ] MEIx64 C:\Windows\System32\drivers\TeeDriverW8x64.sys
00:53:07.0871 0x0198 MEIx64 - ok
00:53:07.0877 0x0198 [ 55A417C3E41F2A98666CF929EC19108E, A38C262B2863C87E4151525BF26D6AC16E7982D370E2C6998EB15C88C4BC8254 ] MessagingService C:\Windows\System32\MessagingService.dll
00:53:07.0899 0x0198 MessagingService - ok
00:53:07.0926 0x0198 [ FD60818B66B2E8A5415EA840E99A9D8F, 5D2F22909354534B821D958FBEF6A40EB4F642F53C7B509D00949096EF716F36 ] mlx4_bus C:\Windows\System32\drivers\mlx4_bus.sys
00:53:07.0966 0x0198 mlx4_bus - ok
00:53:07.0974 0x0198 [ 68F6977F1CFBAAC770D940A8C0326FA1, 90EE1E7DAC680EAA5AD50E9B0B9FD8FCE8DD6A02D5EF941B5AA5084CBD40BB80 ] MMCSS C:\Windows\system32\drivers\mmcss.sys
00:53:07.0988 0x0198 MMCSS - ok
00:53:07.0994 0x0198 [ D842ADDB5911945D51F61A0B1C8F36E3, 5EB93A1FD2D2D9FAB6121356E1AB18F2ADE9550D3033274AF7CA8F7FD51E59ED ] Modem C:\Windows\system32\drivers\modem.sys
00:53:08.0012 0x0198 Modem - ok
00:53:08.0017 0x0198 [ 9CCCB7FC3EDADEBA461D78615A6011A6, C120B58F25E8CCFD971EB78645C0682F367AD56DC15F2D8C1980CE75B04719DF ] monitor C:\Windows\System32\drivers\monitor.sys
00:53:08.0032 0x0198 monitor - ok
00:53:08.0038 0x0198 [ 27A07B2FB2E3057DA8DAEA4F25D843C7, 09D2B39E6B9AAEC879E5871DD6BCFF2AEF0B894F3B44649665A685F8B3CA6F27 ] mouclass C:\Windows\System32\drivers\mouclass.sys
00:53:08.0052 0x0198 mouclass - ok
00:53:08.0058 0x0198 [ 7BD6E7F7C9001AB21B8362CFFEE80B25, C470C3363EEF3A60409A5934988BFB9B72AE7C2BB63CC2C2D006D7EB1C797F6A ] mouhid C:\Windows\System32\drivers\mouhid.sys
00:53:08.0074 0x0198 mouhid - ok
00:53:08.0080 0x0198 [ F5BDAEE4B7D369D4C74668DCFBA3FF10, 100F39288E56AFE0D39D1CC235BDC9F3727C873CD3114E092DA7A08810BD3EB2 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
00:53:08.0098 0x0198 mountmgr - ok
00:53:08.0107 0x0198 [ C01441BA6F99890B7FF6CD0260B7750A, E02FFB1E8A3E423C9392ADAA9DF5FECF800DFAB3E09B74A029106DC337995539 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
00:53:08.0120 0x0198 MozillaMaintenance - ok
00:53:08.0127 0x0198 [ 30844BD376F9D01E62C820BEF446F1F8, 910D672EDB544A20AEB4450B4D89830F46EDD28CE0021156176315C5D068A1B4 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
00:53:08.0145 0x0198 mpsdrv - ok
00:53:08.0171 0x0198 [ 779CFDB17EA07A6D26FEBBAC95B65772, 74D9542E8DCCD07396A45A45D2F500AA6F9DCC1DB785A6153EB3067E42F576A4 ] MpsSvc C:\Windows\system32\mpssvc.dll
00:53:08.0222 0x0198 MpsSvc - ok
00:53:08.0232 0x0198 [ 50C2389CD04C5B8632E3DC2D733EF15D, 0F83A8A5F405BC6F401B5A75D45F6D07C61C0CA692D2A77C63E742622F5BF921 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
00:53:08.0256 0x0198 MRxDAV - ok
00:53:08.0270 0x0198 [ C9BB4E2FCAB693FEB00CF940060D94F4, DBE5DACBAB0CF803EBBDC414FD4D2A159B9062892DE923E22E56CBCDB80F13A7 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
00:53:08.0293 0x0198 mrxsmb - ok
00:53:08.0305 0x0198 [ 8F58AEAE00B39AC9AD93755E777B19D8, 335E4D9E9E81609BEAFA08376EE29C35DA6A1839FAFC37399B9066F03BFFFBC1 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
00:53:08.0330 0x0198 mrxsmb10 - ok
00:53:08.0340 0x0198 [ 6C83C4A8278E48455DA13E554CEB45F1, 9389EF464F242861FCE8C22D2EB19E8574BF3E56C1A4FB064DE9E7480631E7F6 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
00:53:08.0360 0x0198 mrxsmb20 - ok
00:53:08.0368 0x0198 [ 74C9D21523DAE0C18F413C196DF0058A, 3DB4B8CA368D9DD82FAE2C2BC828A21142C8D29780A7C8667188C447519FF702 ] MsBridge C:\Windows\system32\drivers\bridge.sys
00:53:08.0388 0x0198 MsBridge - ok
00:53:08.0396 0x0198 [ 308F08347923DEEDE7BC03EC7D485841, 72DB45CA11FE635DF9F8273C38CBEFB8DF5362ADA0CBF6D2B1E570365DC700C0 ] MSDTC C:\Windows\System32\msdtc.exe
00:53:08.0418 0x0198 MSDTC - ok
00:53:08.0428 0x0198 [ F01B849D9D4A8CEAF32D4FDBD0B83C92, D2473AC4C6E6C03DEF13EA73EC78FB878BDC95C047651BF79A16C9DEA82AD046 ] Msfs C:\Windows\system32\drivers\Msfs.sys
00:53:08.0445 0x0198 Msfs - ok
00:53:08.0451 0x0198 [ 22ECD8F5D1DFADF2011BBB1700CB871D, 8F9EFF51137394EFA5471B8A29C541710063B65806B075B4925A84D5B6BC3BBB ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
00:53:08.0465 0x0198 msgpiowin32 - ok
00:53:08.0470 0x0198 [ FD870F6968A145E4D2BA8A8842686B03, 34B8F601F3B5E42B4D0A41E2AF7DB4EB4E5B627DA8DA9A2A2D46B153AF23AEB1 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
00:53:08.0485 0x0198 mshidkmdf - ok
00:53:08.0490 0x0198 [ 30364757963A028CE5DF0FBAAC270173, C72588A6A52FF8E418A15D2C407A4DB7EA768585423720145F8253D5CA519DC2 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
00:53:08.0507 0x0198 mshidumdf - ok
00:53:08.0513 0x0198 [ 6BB0FEDDAE7135FA37FFAFF4D9E0E876, B41A3C0FFDFC493D6325ED493445AFCED04EC9DFF2B38125616FC5419AD1ACC4 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
00:53:08.0525 0x0198 msisadrv - ok
00:53:08.0533 0x0198 [ 07E3E54734B14F43A4A95A849C0A0DE2, 314AA02EA84D267B32DBAEBEA6C1AC1A266DED1E8D35A17B41D1D2AC75E8049E ] MSiSCSI C:\Windows\system32\iscsiexe.dll
00:53:08.0556 0x0198 MSiSCSI - ok
00:53:08.0560 0x0198 msiserver - ok
00:53:08.0567 0x0198 [ 13D614E6B51ECF36746C48CE829FA7F6, CAD63C0A4F7110093F84C58252C5803F14E3FC46584B79DA17EC86D49FEAEA64 ] MSKSSRV C:\Windows\system32\DRIVERS\MSKSSRV.sys
00:53:08.0588 0x0198 MSKSSRV - ok
00:53:08.0595 0x0198 [ 642CDE46351D5D2D90311E77072AB46D, B2D3033E607BA2F6E6B9CFB1CBF154CD0CE910EA473C56343EC81B9B94044CCA ] MsLldp C:\Windows\system32\drivers\mslldp.sys
00:53:08.0617 0x0198 MsLldp - ok
00:53:08.0622 0x0198 [ F2302A5CE63CA7673200FAFCEEEDB6AF, B8C44FC2DC0332183DE325CDBF511101F3307225295EDD428CE575A8DE15C223 ] MSPCLOCK C:\Windows\system32\DRIVERS\MSPCLOCK.sys
00:53:08.0645 0x0198 MSPCLOCK - ok
00:53:08.0649 0x0198 [ 6114512EA26E835BA522C63635429DB5, 0F91CE41B4555316A79AEF3047C152D538CC9C7C329987C9FD0E3D961AFC87C8 ] MSPQM C:\Windows\system32\DRIVERS\MSPQM.sys
00:53:08.0672 0x0198 MSPQM - ok
00:53:08.0683 0x0198 [ AA538E16E644D00E3BA5349BBA9598EC, 64A68B06883FE7ED34E04AB119BA819753F1222923EDD4E802C35D402B89D075 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
00:53:08.0705 0x0198 MsRPC - ok
00:53:08.0717 0x0198 [ 7ACFE7435317E791FF9EED2F49B402F2, EAF2CE12403A9D975112A22EDBC313EE63B926C070B35E62D515403DD34BD88D ] MsSecFlt C:\Windows\system32\drivers\mssecflt.sys
00:53:08.0735 0x0198 MsSecFlt - ok
00:53:08.0742 0x0198 [ 0543BEFD41EC4D25C7F7CF36409CEC7D, 631622CFEC49952C0470531B23FFFFF483DC0EFFEF7A97B1179A600392C05DDD ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
00:53:08.0755 0x0198 mssmbios - ok
00:53:08.0760 0x0198 [ C1569E4DB8EFE3617847BF041A3C842F, 99ADE5E7F50E04CAEC737F7F90741CCA8EE628996BA5EB6C6BC62184884429B6 ] MSTEE C:\Windows\system32\DRIVERS\MSTEE.sys
00:53:08.0781 0x0198 MSTEE - ok
00:53:08.0785 0x0198 [ 130B16970154BA9876B09E5C4BAC63BE, BE3AF8FC5A26AB9C9DBA9C015C2E1FD3C4CD9CB423A2BBDABA91428BF8620553 ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
00:53:08.0804 0x0198 MTConfig - ok
00:53:08.0812 0x0198 [ 15D987C8F6CCD4AC94E070C5986762CB, 452FB0C48B86C7F8F53794CC2DDBF2B900B03A0383B2DE8F6A830F8CB0AFBAD8 ] Mup C:\Windows\system32\Drivers\mup.sys
00:53:08.0828 0x0198 Mup - ok
00:53:08.0833 0x0198 [ 3D2C5B4995CA0751D32DEA0DE9FDFE44, A26958785FD9E05E2CA97078C9BB277CD44222BF5F7D9E8DC2F3F6AAAFFC6483 ] mvumis C:\Windows\system32\drivers\mvumis.sys
00:53:08.0847 0x0198 mvumis - ok
00:53:08.0865 0x0198 [ DB31EBB04C871F422C36A0962DA7D38B, B1BC2344744F537FB2C7D07B415F860195B7795E185253F05C0817A3764FEC10 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
00:53:08.0904 0x0198 NativeWifiP - ok
00:53:08.0913 0x0198 [ C3D9870E680D9D843B18F4626C3858FE, 43596CAC9FB488F810FBA954C52BC4D13F7D32028C40ACFE33DFD7EE36A65C17 ] NcaSvc C:\Windows\System32\ncasvc.dll
00:53:08.0938 0x0198 NcaSvc - ok
00:53:08.0950 0x0198 [ 04CE2C0F0759EACD886BA4B658B60D5D, E34D0976FC5936C8629800D826DB127072D1DFC3D350EFACA3AA1B8119551762 ] NcbService C:\Windows\System32\ncbservice.dll
00:53:08.0979 0x0198 NcbService - ok
00:53:08.0986 0x0198 [ E6094065008FE423377294050E7CEA2D, 86E200227256407530E2C28243DEFBC3CB6E9497644404D9AD79DA242286DF7B ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
00:53:09.0015 0x0198 NcdAutoSetup - ok
00:53:09.0021 0x0198 [ 629CB21AC49C8867E0F29DF1C16DB7B4, 20663E68C69D0A1A2FE99A0C2A9DEFABF49786A1DC8F7F4E1699458AF57D7E79 ] ndfltr C:\Windows\System32\drivers\ndfltr.sys
00:53:09.0036 0x0198 ndfltr - ok
00:53:09.0072 0x0198 [ 36DD2C614720EC2970CB5E870BA69D8D, 692BDA4201119E0561E17E7E1A72320DBECDE3F8E4E65FBEA1B2C1128E16508B ] NDIS C:\Windows\system32\drivers\ndis.sys
00:53:09.0121 0x0198 NDIS - ok
00:53:09.0128 0x0198 [ 6DD605338FAAF6BA17662AA874E0D162, 636607829F5D7C3B7A4683C0A2DD594360D72F2AA3F8710153BE32575AE34A15 ] NdisCap C:\Windows\system32\drivers\ndiscap.sys
00:53:09.0144 0x0198 NdisCap - ok
00:53:09.0151 0x0198 [ E34196F285F8B8879E1FF36C31F7179E, 77A4F24F995D4C0689C43F9956E08DCEC62517E4F8B1B9EAA1852B5293DB5B9A ] NdisImPlatform C:\Windows\system32\drivers\NdisImPlatform.sys
00:53:09.0176 0x0198 NdisImPlatform - ok
00:53:09.0182 0x0198 [ 1FAD2398673F30CEC616B89C46B7DCBA, 70302049E6AE2BC6B3A7A9DE54D3F940AD6A9771CC2EBCCEC65994E67A25ECB5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
00:53:09.0207 0x0198 NdisTapi - ok
00:53:09.0213 0x0198 [ AEB8ECBE66CC46854066CB1F5623E179, 2F650A85A9DAE38887610C0B876621035616CEDB65D4BBBD7F1405616D218AAF ] Ndisuio C:\Windows\system32\drivers\ndisuio.sys
00:53:09.0230 0x0198 Ndisuio - ok
00:53:09.0236 0x0198 [ 7340104C2BF2F126714F7CDE85E63610, 45B64EC6F3A4C43F7D74806789067658C6EF0D44D36B841F4D26E1EBC95AF66C ] NdisVirtualBus C:\Windows\System32\drivers\NdisVirtualBus.sys
00:53:09.0251 0x0198 NdisVirtualBus - ok
00:53:09.0260 0x0198 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] NdisWan C:\Windows\System32\drivers\ndiswan.sys
00:53:09.0289 0x0198 NdisWan - ok
00:53:09.0298 0x0198 [ 07ADC1F8DCBEB8104D75129B11584B8C, CB51A294D9FD4E210DBEEF05A1E60A96CE52D6D138EF62A54E1F608F90FED300 ] ndiswanlegacy C:\Windows\system32\DRIVERS\ndiswan.sys
00:53:09.0327 0x0198 ndiswanlegacy - ok
00:53:09.0333 0x0198 [ 78A12E3DF035B5D054986949B19BE43C, AD9B34F89B9F27D473BD5FCE6694A40FCCB808B61ABEDD6F70F1AF6C7E73ABF8 ] ndproxy C:\Windows\system32\DRIVERS\NDProxy.sys
00:53:09.0357 0x0198 ndproxy - ok
00:53:09.0365 0x0198 [ 04C8859355C1DC9C0FA198D1894D71C2, E7C67E73009341B5D402470C686781B3C7BBE2531CE26665E08E711B990B1A77 ] Ndu C:\Windows\system32\drivers\Ndu.sys
00:53:09.0391 0x0198 Ndu - ok
00:53:09.0400 0x0198 [ 6C76780A01FC2B885BD6E957B5C36B02, DB7834F03A765F65C773E772D8051AFADB22CA4B5074180AA397857A0C47A068 ] NetAdapterCx C:\Windows\system32\drivers\NetAdapterCx.sys
00:53:09.0420 0x0198 NetAdapterCx - ok
00:53:09.0427 0x0198 [ 5D1513BD6430307C9DB86C6E351372ED, D2AB709CF7CFA5B857B084AFC821914A975B7DDDCE154229981F19448973BD6D ] NetBIOS C:\Windows\system32\drivers\netbios.sys
00:53:09.0442 0x0198 NetBIOS - ok
00:53:09.0455 0x0198 [ 6FEBB0A847FFD5F057B9AC8889F1B9A7, 558BCC64C59079E6569F61CCE1219A124B3313FC4E6CB5CBCC94124D202FF19D ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
00:53:09.0480 0x0198 NetBT - ok
00:53:09.0486 0x0198 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] Netlogon C:\Windows\system32\lsass.exe
00:53:09.0501 0x0198 Netlogon - ok
00:53:09.0512 0x0198 [ D3BF2DA9216A4CF22A97820A50A67EFF, D00CBE0A7ECFB449D9B48967A01EE56141404EBE229893D5A1710781AD5F2551 ] Netman C:\Windows\System32\netman.dll
00:53:09.0538 0x0198 Netman - ok
00:53:09.0554 0x0198 [ F2645D51DD8AABC8BC72358409410437, 8CB97628923D6CEA6EFAD7E666BE92C154060BD108C28D46287A520A14B18ADA ] netprofm C:\Windows\System32\netprofmsvc.dll
00:53:09.0590 0x0198 netprofm - ok
00:53:09.0603 0x0198 [ 724EA060EF56BAB4DED8F731FA56279B, E07FFE11D7B5C94D6B56940C6423ACB85910F6E8789E788EC91EEEE1C02B247F ] NetSetupSvc C:\Windows\System32\NetSetupSvc.dll
00:53:09.0630 0x0198 NetSetupSvc - ok
00:53:09.0642 0x0198 [ EFA857E2B0CC7C9DFEF48A2187B910F7, 424475568CD70237F056838388A5F7BDCD1B09349085498644C75940B12E8EAF ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
00:53:09.0660 0x0198 NetTcpPortSharing - ok
00:53:09.0747 0x0198 [ 99C24A7DC1F3D4845553B4BD189274A0, 801C2A1F12E6F0D646E92C98477FCDB84C6743803CD7365B774B0F88EB650584 ] NETwNe64 C:\Windows\System32\drivers\NETwew01.sys
00:53:09.0900 0x0198 NETwNe64 - ok
00:53:09.0916 0x0198 [ B996DE26A2E16053C9485F5905B05320, 30EB2CEB466A4F05A44F7CBFCDFD8CC3C27B5FCF1269C1B9410C48AB362D2A75 ] NgcCtnrSvc C:\Windows\System32\NgcCtnrSvc.dll
00:53:09.0951 0x0198 NgcCtnrSvc - ok
00:53:09.0979 0x0198 [ 2EC2F2E4C88BA9B72D1F6B92234BCD53, 4DC98EBE5A3B34ED654017F076F457970D3FBF749DC54A6533DAABDE85A7C4FE ] NgcSvc C:\Windows\system32\ngcsvc.dll
00:53:10.0037 0x0198 NgcSvc - ok
00:53:10.0050 0x0198 [ 0B5083278F195C26FE9E0140AEAEDCBE, B4D505963D5EBA14EC80E6D0BB8B862D96D1D1C3A57F4744AEBA3FF4BFB1997A ] NlaSvc C:\Windows\System32\nlasvc.dll
00:53:10.0085 0x0198 NlaSvc - ok
00:53:10.0092 0x0198 [ 001CBD7A2CD45C4EB39C01C3C677EF73, F4AAF4D60DB1232921C7811A62287B55C7C098B7A1FF9A40D88AF58A5ABECBA2 ] Npfs C:\Windows\system32\drivers\Npfs.sys
00:53:10.0109 0x0198 Npfs - ok
00:53:10.0114 0x0198 [ 90F5DC9802AAA00CD0B6E2AD9E7FFADC, 71C0777829299DECA6ACD42F38802DBE3C29A42CFBD8A396F39DFA44D1F55B6C ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
00:53:10.0133 0x0198 npsvctrig - ok
00:53:10.0140 0x0198 [ 1993C85962692EF7024501E7FE92D466, F5BCAA8308495EBF8BB061C2015E07C202A779668D171364D7E312975BC18B10 ] nsi C:\Windows\system32\nsisvc.dll
00:53:10.0159 0x0198 nsi - ok
00:53:10.0165 0x0198 [ 0C6218321A09A7B51BA7FFAFBA4CCB21, 330B3FA793A78410B28DFC8250BBF24442E3BB80434A7938BB96F02337614E0D ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
00:53:10.0183 0x0198 nsiproxy - ok
00:53:10.0237 0x0198 [ D1AF837A1555990602A51A3ED238EC80, 37F25AAC4431C665F014FF7EB2FBB395621581200CB5029D4C3F5040E9181F52 ] NTFS C:\Windows\system32\drivers\NTFS.sys
00:53:10.0315 0x0198 NTFS - ok
00:53:10.0323 0x0198 [ 6E6DD6F9DD2A034CF85E94047DBDB992, 63D0A0756F551B7668D1CBAB24B29FD462C706E8A81690BC248D6C92061FE215 ] Null C:\Windows\system32\drivers\Null.sys
00:53:10.0338 0x0198 Null - ok
00:53:10.0347 0x0198 [ D261DF41F0840F734856A2B4F5E072C7, 2E703556D0C919375D0B7770513456844B13362190643D5524663EC8546E0FF5 ] nvraid C:\Windows\system32\drivers\nvraid.sys
00:53:10.0363 0x0198 nvraid - ok
00:53:10.0372 0x0198 [ 23B702B555EB0436B9DAA0BC63DA65CE, D454F80D9657CFEC852F022C12D7B2C1A2D7D247ECC591EDB07B9369DFD8C99E ] nvstor C:\Windows\system32\drivers\nvstor.sys
00:53:10.0389 0x0198 nvstor - ok
00:53:10.0401 0x0198 [ 17997DC2441F7E29CDFC6458E0392764, 636CCE2DA1EF8195B33F8D6D5C8CC151D58EBF08DC9AD8ACCCE7ABD41A69639F ] OneSyncSvc C:\Windows\System32\APHostService.dll
00:53:10.0429 0x0198 OneSyncSvc - ok
00:53:10.0439 0x0198 [ D13CF17CCD663DD0FA8D1BEEB5C9CE6D, 4F3BA6F57FA9135E7705A72DEE3BD8BF93F7DF8AEF5DF2040269DD839F09FBD4 ] OpenVPNService C:\Program Files\OpenVPN\bin\openvpnserv.exe
00:53:10.0449 0x0198 OpenVPNService - ok
00:53:10.0459 0x0198 [ 7412957F009C1C5977A443CD86B33126, 8DFCAA9FB5A4A526280400D6EDC87F0F15AF8FC6464973AA81837B70F81177C8 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:53:10.0478 0x0198 ose - ok
00:53:10.0490 0x0198 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
00:53:10.0528 0x0198 p2pimsvc - ok
00:53:10.0542 0x0198 [ 2BBCED66D7AFC968BDBB0E4D8524DF0A, 762D916390F9DE69B3EA1D31244224F910645F8E5CEF4C505B76B215BFDFCD9A ] p2psvc C:\Windows\system32\p2psvc.dll
00:53:10.0577 0x0198 p2psvc - ok
00:53:10.0586 0x0198 [ 6B81BF7853D161DB8AC62CD8B9C2DE6B, B2DC06D135FD2501217DDA7349556EB873309E02188D4C3901807BA24FAB30C7 ] Parport C:\Windows\System32\drivers\parport.sys
00:53:10.0603 0x0198 Parport - ok
00:53:10.0611 0x0198 [ F9C32E5ECA5D29852A93C3888A4CC4B2, D52FFB5B85962D5C8FF8016627CBAE69472DDBA559261B6C7FD6DC4C677BB7C0 ] partmgr C:\Windows\system32\drivers\partmgr.sys
00:53:10.0628 0x0198 partmgr - ok
00:53:10.0646 0x0198 [ CE515B2C6E2EA50053A8862398646B38, C85D370E5250AFCF44796CE274B5A100C6829DC28BF1D4C6991EF61DE46FD10A ] PcaSvc C:\Windows\System32\pcasvc.dll
00:53:10.0676 0x0198 PcaSvc - ok
00:53:10.0689 0x0198 [ 55E45E0A89429AE9C62D728B9C4891C0, 729922C3488866C8D67F00E82C082F2E8E6F05180F4767AD30FC7E1FFE4946C5 ] pci C:\Windows\system32\drivers\pci.sys
00:53:10.0713 0x0198 pci - ok
00:53:10.0718 0x0198 [ 214DCC87E3898F738075D1341252A552, E721FBBC3510DDB848A8CAEA3B6031EE988F42252DBC3BF7BDB6ABD9A0D9FABD ] pciide C:\Windows\system32\drivers\pciide.sys
00:53:10.0732 0x0198 pciide - ok
00:53:10.0739 0x0198 [ AED76A3333B3A31536E430020E0226FC, EC255B79B0908E3C142D92E35B79D90A3F2594BA012CA2B1B04A6A8745153430 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
00:53:10.0754 0x0198 pcmcia - ok
00:53:10.0760 0x0198 [ E63FB38B6E75B39467492FBAD2CD512A, DB406C92BA2460C833A49B98EB5BD58348E868F643A0123B0C9B5315FFC6A124 ] pcw C:\Windows\system32\drivers\pcw.sys
00:53:10.0775 0x0198 pcw - ok
00:53:10.0782 0x0198 [ 2CCD68D8A6BBFF2DE0EC54F086C5F3BC, D3D5A56F0C1BEBA9A05CE82F4BBD011E40A15358C00A668F9614F7E002A65A08 ] pdc C:\Windows\system32\drivers\pdc.sys
00:53:10.0797 0x0198 pdc - ok
00:53:10.0817 0x0198 [ 1509A77F840AA9E72CF8247D0CF2FBDE, 2D47AD4D8F5C2D871E603FB6D72D25EFD0E63FA3A542DAADAB9D82ED074C0E0B ] PEAUTH C:\Windows\system32\drivers\peauth.sys
00:53:10.0874 0x0198 PEAUTH - ok
00:53:10.0924 0x0198 [ 2B55ACB1727A8E5E7514D2D75AC4EBEB, 5E7449F3EE0B15E400E405DE561ED2D3932259107A9D9320AE42CA1A5C5AB992 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
00:53:11.0018 0x0198 PeerDistSvc - ok
00:53:11.0027 0x0198 [ 540116170E2135FCD5DDE77702166B67, CBEC51C2D47532F1781B3255040F303263420B204C2F8BB2B5D1EC342F57B285 ] percsas2i C:\Windows\system32\drivers\percsas2i.sys
00:53:11.0044 0x0198 percsas2i - ok
00:53:11.0049 0x0198 [ 8356F87553BF49C703CF382033815898, 245EB941566D848F134629690BF271B1CBEAB6440771D3D8D7AED3756835354E ] percsas3i C:\Windows\system32\drivers\percsas3i.sys
00:53:11.0065 0x0198 percsas3i - ok
00:53:11.0091 0x0198 [ CB5343FF52A702A9ACFAAE6BE972FE09, EAA5362D91D05D382DF4EBBAA3FD575456F23CAD531CC6F1270F8254892DBF02 ] PerfHost C:\Windows\SysWow64\perfhost.exe
00:53:11.0110 0x0198 PerfHost - ok
00:53:11.0138 0x0198 [ CFA4868B2932396D47BCC8E7350907C1, C757910212982F54CF9B2CFFCB632D58E3A07E468A2DA42CDF97BFB6A05823DE ] PhoneSvc C:\Windows\System32\PhoneService.dll
00:53:11.0203 0x0198 PhoneSvc - ok
00:53:11.0213 0x0198 [ 06A31E2C90347128A1A25290568E152C, 7F0BC96C116A5C6B9796233CA975B1F6A73D554A533191F38295D60221E503C4 ] PimIndexMaintenanceSvc C:\Windows\System32\PimIndexMaintenance.dll
00:53:11.0237 0x0198 PimIndexMaintenanceSvc - ok
00:53:11.0278 0x0198 [ F931F21E4287FE3ECCF09B54A232BBA2, CEB7AB3236E5F30214027092B7B695ED35F7A1E007DF4046797D1E4DFEF49EC8 ] pla C:\Windows\system32\pla.dll
00:53:11.0347 0x0198 pla - ok
00:53:11.0356 0x0198 [ FEA494AC3A1BAE63C1F2AF267D49F1DB, 0722FEA2481740B53EF26B1CA59166C63C157A5C708AC93DF3FBB74A27266C9C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
00:53:11.0385 0x0198 PlugPlay - ok
00:53:11.0391 0x0198 [ 56D7A89423325121C4A9BD5C326414F3, 649048C23D1973C3504E26B35362AC99DFE9BF31FFE73F45B43306A212AEA34C ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
00:53:11.0407 0x0198 PNRPAutoReg - ok
00:53:11.0421 0x0198 [ 4578ECA1FCEF4E7C787D84F78625143B, F5FE84D6D7412A4C037772593C434253D590E476B0B7498987A1697BED86A510 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
00:53:11.0450 0x0198 PNRPsvc - ok
00:53:11.0463 0x0198 [ F70CAC34B455D05EAA04B2F8FB58E1CB, 295BFFB3DA03C5CE5462C11D3240024B68AC06E8DEA9062A739BE2CCEE19EB5D ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
00:53:11.0495 0x0198 PolicyAgent - ok
00:53:11.0505 0x0198 [ 60C8376B48BA96F07AEA536527433D44, EB988C119C3E71169B91ED2A744C71933DD35447DC4A8249E80EC24E9E7077D4 ] Power C:\Windows\system32\umpo.dll
00:53:11.0530 0x0198 Power - ok
00:53:11.0537 0x0198 [ 5645B9D9788CCA2C88B9534996ED2D6D, 4988942DF163DB5B9B1A08CE6B628D2C47C2E2EAA30AEAE4EFE21C8CF4C8DC5D ] PptpMiniport C:\Windows\System32\drivers\raspptp.sys
00:53:11.0561 0x0198 PptpMiniport - ok
00:53:11.0643 0x0198 [ 7196D3C2E2E3129814C8DAB91F9A7D1E, 6763E4BF8E846B597E78778E520F5BADC95608BAA4EA0AC84971384B5D976DD7 ] PrintNotify C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
00:53:11.0791 0x0198 PrintNotify - ok
00:53:11.0802 0x0198 [ 372913E12677A8CBBBABDD8311894F9D, A5233D95A0D22D2A9DB214E7CB79A99D389B67189FF6A87D0AD4610A333A637F ] Processor C:\Windows\System32\drivers\processr.sys
00:53:11.0820 0x0198 Processor - ok
00:53:11.0835 0x0198 [ B2DC3BA675F95343D55EC989FE303561, C53FCA036358B0B11BBE5348074FA24831CF67C9FEE31A3DC9CF88B6178CFBC8 ] ProfSvc C:\Windows\system32\profsvc.dll
00:53:11.0865 0x0198 ProfSvc - ok
00:53:11.0875 0x0198 [ FC98407B85A31161851FDE245517574F, 2CCD706CF243934FCDA32B24CE0C385EA2E67F206E0306FA584496F583A20CD1 ] Psched C:\Windows\system32\drivers\pacer.sys
00:53:11.0891 0x0198 Psched - ok
00:53:11.0901 0x0198 [ 7A68710BAC9B6809314B86C0CB1CBC4A, C02D97993D1F6FE6EFBA5B1366B3A4FE8CE1136A95F3A2DA07BA59554C163501 ] QWAVE C:\Windows\system32\qwave.dll
00:53:11.0931 0x0198 QWAVE - ok
00:53:11.0938 0x0198 [ 819602BBBFDB0BD46DEA3715BF0DD452, D4007FF1E5296316B53436CA3598D6B1CF4F60AB77D5B02F3E595081EDD5D879 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
00:53:11.0958 0x0198 QWAVEdrv - ok
00:53:11.0964 0x0198 [ CDF47037A0939F56D11F699629C276AD, A63F2A3FE80FB8084E3870E907505694B79EE1D9E56E292C01D481FEFD2534B0 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
00:53:11.0978 0x0198 RasAcd - ok
00:53:11.0985 0x0198 [ 28C2EA278070EE12701D0EDF8CB0EC36, F10288C1C6835840026DB30285345EF892DE989F43C948E7F4760B8895FF675F ] RasAgileVpn C:\Windows\System32\drivers\AgileVpn.sys
00:53:12.0008 0x0198 RasAgileVpn - ok
00:53:12.0015 0x0198 [ 7B82197BF35CC3BE59AEF8B706AB8A16, AB0216164A548A48CD21F5F035E57E867584A96890B9887EC08F8DABDD89F990 ] RasAuto C:\Windows\System32\rasauto.dll
00:53:12.0036 0x0198 RasAuto - ok
00:53:12.0043 0x0198 [ 17E565710172ED71B8531D8822E1C5D1, 0CA39ABD9E544DDAD9D9D7D1FC50444274C31E18F9BF73069051D9F62833698F ] Rasl2tp C:\Windows\System32\drivers\rasl2tp.sys
00:53:12.0071 0x0198 Rasl2tp - ok
00:53:12.0091 0x0198 [ DF0702D6A190452E1BFA52F36E58640A, 37B7B8220CDE965F1232D883CEEEDDDB309ABA0ACBE38486E69B9052D39187C4 ] RasMan C:\Windows\System32\rasmans.dll
00:53:12.0141 0x0198 RasMan - ok
00:53:12.0150 0x0198 [ 9387DF155233D45D4E010F4F2FB52A57, CABC25DA4E512809AED0085767BDD94BF3C1DA792BFF8A009B5465D9110E7060 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
00:53:12.0170 0x0198 RasPppoe - ok
00:53:12.0177 0x0198 [ F0F4EEDEEBEE7A4244FAFB96A16B5712, F64717E601BD5EB674003009507B8CDD6F69F00E8670D6895EC64786166A0E8D ] RasSstp C:\Windows\System32\drivers\rassstp.sys
00:53:12.0203 0x0198 RasSstp - ok
00:53:12.0217 0x0198 [ BBE0FC9C9E7C556DA6E6E6904739DF7E, E6F0C48371EEB92B796DA0AE49DA575AC0B4403146F75A1040DC2C1A44CAB0F6 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
00:53:12.0245 0x0198 rdbss - ok
00:53:12.0262 0x0198 [ 79A415E6FA915EFC00297DAB16EC2635, 47BB49F6D756214193D38A4AB182B541AAC180381C3111FF7F9B0AD4C44D8733 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
00:53:12.0281 0x0198 rdpbus - ok
00:53:12.0291 0x0198 [ 7135785C21CA79D270D11037C43D3F19, 654A3C65CF891ED8C82A740D10CF607FC7D709185E664DE03288CEB5B25F03A6 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
00:53:12.0320 0x0198 RDPDR - ok
00:53:12.0329 0x0198 [ 97A61A3CB2B5CB4FC32B3224EF333448, E4F2E8BCEE3639BE57BBC8A8E67FDE42C3A5158F1204684B0ECD216F4AA044A3 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
00:53:12.0344 0x0198 RdpVideoMiniport - ok
00:53:12.0355 0x0198 [ 69BB204AE07EE84ECFAB1BF13C4BD04B, 1CA832CBF4AE4821EEA2A19F9519C2D1D00406B8CCE2A86FE3B33A5F293DB218 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
00:53:12.0380 0x0198 rdyboost - ok
00:53:12.0405 0x0198 [ 940D6F5A2B0A61EE4170DF84F6C95C20, F8EE846DC8015EDFE7CB5BEEDC977EAA9C586BAC2216DE69D8ECCBDBC7408649 ] ReFSv1 C:\Windows\system32\drivers\ReFSv1.sys
00:53:12.0454 0x0198 ReFSv1 - ok
00:53:12.0473 0x0198 [ FD2B3A645798A2EFB7FB61AC42AAA611, 8A121D361A73CA19AA87B1AD33B8020A99444BF4C8904944AD5913C5083859B8 ] RemoteAccess C:\Windows\System32\mprdim.dll
00:53:12.0507 0x0198 RemoteAccess - ok
00:53:12.0516 0x0198 [ 3183B161B1F05333F6C325577FEF3596, D6A89B2A021377B6F371E5B9EFC36FF018822B28F0ED41F8CD2F00C5C8605707 ] RemoteRegistry C:\Windows\system32\regsvc.dll
00:53:12.0545 0x0198 RemoteRegistry - ok
00:53:12.0565 0x0198 [ 94DCF20DF6170B557AFD386E37C128BC, 70FB7C7A7D2BFA95EACEEE38B39E1DCA93DA63AE1898C4F54956B9413C60EB88 ] RetailDemo C:\Windows\system32\RDXService.dll
00:53:12.0610 0x0198 RetailDemo - ok
00:53:12.0621 0x0198 [ E82F3B1918C6A5FE6EB761CDF1E772AF, 0C993FCB7BFD6E01B70A1821E0DEAFA2CB241AF8C2E6D4CC120F59C1B5F6FF5F ] RFCOMM C:\Windows\System32\drivers\rfcomm.sys
00:53:12.0641 0x0198 RFCOMM - ok
00:53:12.0649 0x0198 [ 068220E1B417556F4226E6A3CA0A1C24, 381DD82EF6EAEE83B5B3FA123D04A4D1EEB3407737683C22BBA787C39DCAFFE3 ] RmSvc C:\Windows\System32\RMapi.dll
00:53:12.0678 0x0198 RmSvc - ok
00:53:12.0686 0x0198 [ 672724C8B21B7DC56646045DE4D5B860, 79986E80A92C949C543959F1E35647A9788DAB2892AC20B6DEA5C0BBC0CEDE9E ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
00:53:12.0706 0x0198 RpcEptMapper - ok
00:53:12.0712 0x0198 [ 109C1D609951E886D3643B15C1EDD1C2, 347D8E7C50EC7F96217C7421D9BC8A42C9DF50B94169CB58DCF857A63C33C2EA ] RpcLocator C:\Windows\system32\locator.exe
00:53:12.0735 0x0198 RpcLocator - ok
00:53:12.0758 0x0198 [ 7BD259FC59CF9C2AE1B979564B374CC6, 299832FCE304A85080C80ABFE820A6093AC15A7C1E7C89D8C946708E955A2909 ] RpcSs C:\Windows\system32\rpcss.dll
00:53:12.0808 0x0198 RpcSs - ok
00:53:12.0822 0x0198 [ A97596F55467696FC8555E30E4E912D1, 9382133D57C5ED1D9E7269B726A8A2C6F76D8B7AB1A8196683F1BD3D813668F0 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
00:53:12.0842 0x0198 RSPCIESTOR - ok
00:53:12.0850 0x0198 [ 5FF28F097C9699097B473F8FC7C1AA7D, 695560F1DBD85073F3D6CB1FF16F16504CA044EA62E940E463A16BBA8B86E2FA ] rspndr C:\Windows\system32\drivers\rspndr.sys
00:53:12.0873 0x0198 rspndr - ok
00:53:12.0898 0x0198 [ 471929D729C7FBC284ABDE74D9CED9DF, 9E62B23EA0B9125F81AD65D38FB8B46063C86E92B2717B7D3321A01FBF062D4C ] rt640x64 C:\Windows\System32\drivers\rt640x64.sys
00:53:12.0931 0x0198 rt640x64 - ok
00:53:12.0938 0x0198 [ B5DAEE69BACA64D2BB004568E22D8756, C0072CF6B438ED756435A182D55AC55F3AD356ACBD483DE06A94893D3CA8CCC5 ] s3cap C:\Windows\System32\drivers\vms3cap.sys
00:53:12.0955 0x0198 s3cap - ok
00:53:12.0962 0x0198 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] SamSs C:\Windows\system32\lsass.exe
00:53:12.0978 0x0198 SamSs - ok
00:53:12.0986 0x0198 [ 5E73FB63E2DBC75FE0C17DEB0010CE0E, 9DAC47486262397D03BC01F7438CAB62CF33BD7B5283F5B9548C770A3D6D0ADC ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
00:53:13.0004 0x0198 sbp2port - ok
00:53:13.0014 0x0198 [ 3CD0130FFDEAEACF0905B482F3934EA3, 1EC355B63135FD2563093EBB206741C0C4CCE0551A662F6DC86C875146A88B06 ] SCardSvr C:\Windows\System32\SCardSvr.dll
00:53:13.0043 0x0198 SCardSvr - ok
00:53:13.0054 0x0198 [ 9EE060D6560FFBFBDB2ED5D6ED192294, 14387B69CD26D12BE31A23251B6AA8EDFC4D6CDE4FA558F0950DE91D2DD03946 ] ScDeviceEnum C:\Windows\System32\ScDeviceEnum.dll
00:53:13.0081 0x0198 ScDeviceEnum - ok
00:53:13.0087 0x0198 [ 3D9A82B03C92D1FEC42CB171D6F57778, DC027F02F5EB5F1D10DB6F405FB0C15D4D5C922445F5F3C916624113278AF072 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
00:53:13.0105 0x0198 scfilter - ok
00:53:13.0130 0x0198 [ D4DB6B318A0A0C74A90260725A228C0B, 57BA2EF9D880488C785C806ABF9EE753A48E589129442D72F815CD6EFFA07B22 ] Schedule C:\Windows\system32\schedsvc.dll
00:53:13.0197 0x0198 Schedule - ok
00:53:13.0206 0x0198 [ 9055ADDFBA4C8B914C914CE693B55C0A, DB213AC36E14D856B81D2AFE46815402537A2ABEEA15032A9FF436F953129441 ] scmbus C:\Windows\system32\drivers\scmbus.sys
00:53:13.0224 0x0198 scmbus - ok
00:53:13.0232 0x0198 [ B6F2363584E62960846F7C3F00124A4F, 252189FF9D623CF69BF415FF7C7FE74B0BBF756B632420578BFAFF6595616CF7 ] scmdisk0101 C:\Windows\System32\drivers\scmdisk0101.sys
00:53:13.0252 0x0198 scmdisk0101 - ok
00:53:13.0261 0x0198 [ 9450FA11E9DE6715FCB71A519A8FF90B, B7E341C6E4CE967FCDD0D17A497C07E8A1C6B0AACE8A6E8E5D6C21EF73F13E16 ] SCPolicySvc C:\Windows\System32\certprop.dll
00:53:13.0285 0x0198 SCPolicySvc - ok
00:53:13.0296 0x0198 [ FCBB8A17B4437B2CA8CC8DA8CB1D306E, 5FA762B1B6C8A45ED6F304A45B500038537ABD3DF6328F3C8E2BD43CBDEAB835 ] sdbus C:\Windows\System32\drivers\sdbus.sys
00:53:13.0317 0x0198 sdbus - ok
00:53:13.0326 0x0198 [ F3714DBAA42C15F78FFCDFE4273214EB, 2D018970B92C5F0744FAE10A2FC298F3DCEA5C2EDEB760F4F0651337B9878ABF ] SDRSVC C:\Windows\System32\SDRSVC.dll
00:53:13.0352 0x0198 SDRSVC - ok
00:53:13.0359 0x0198 [ 120DFCB71D6C502613A9E2D50E16850C, 2C294010AD1C9C380CD5221A37720544178B7358C8C8553AF44055E4CEE5DAF5 ] sdstor C:\Windows\System32\drivers\sdstor.sys
00:53:13.0373 0x0198 sdstor - ok
00:53:13.0379 0x0198 [ EFD644DD091E1D94555FC3BBC95EA66D, FBDDA6680BEC378CCF12A32D9186020E884DA15A1E789D1531B1E687FC7B54B1 ] seclogon C:\Windows\system32\seclogon.dll
00:53:13.0397 0x0198 seclogon - ok
00:53:13.0403 0x0198 [ 07F83829E7429E60298440CD1E601A6A, 9F1229CD8DD9092C27A01F5D56E3C0D59C2BB9F0139ABF042E56F343637FDA33 ] semav6msr64 C:\Windows\system32\drivers\semav6msr64.sys
00:53:13.0431 0x0198 semav6msr64 - ok
00:53:13.0438 0x0198 [ B605A44ACA1FCFF736235A4D7AEDA548, 48D8B5BC027CFE91AF7402C463327572181D4C1B1E2942F4D05792EED070B2DC ] SENS C:\Windows\System32\sens.dll
00:53:13.0463 0x0198 SENS - ok
00:53:13.0467 0x0198 Sense - ok
00:53:13.0503 0x0198 [ 1CC993A041899B48D5DF4D3F4A4425FC, 8D138B3A92C0E181C865A37AD55EE2D55CC352ED9B60BF60BE0AC610F13F8FA1 ] SensorDataService C:\Windows\System32\SensorDataService.exe
00:53:13.0582 0x0198 SensorDataService - ok
00:53:13.0599 0x0198 [ 7BFD114F0F308CE29AEB8F16056D0658, 0CD3B3C69DCB3EAD8F8EF5C633911DD4F2C1167DC6FE28107EE38713A35A1F5C ] SensorService C:\Windows\system32\SensorService.dll
00:53:13.0633 0x0198 SensorService - ok
00:53:13.0643 0x0198 [ E6F00415DADCEEC860E7AB42BFD19A65, 274CAF22F93D43B6DB6953730E3DF8DA94776B24EEE74B80AB4CD780BC1366A9 ] SensrSvc C:\Windows\system32\sensrsvc.dll
00:53:13.0668 0x0198 SensrSvc - ok
00:53:13.0675 0x0198 [ 401D706DDC0A7AF18C3DD228ADF74551, 27C0B38D7C2E3F6FF06201124E63483931F6071954B2B99EC0143C464238C0B7 ] SerCx C:\Windows\system32\drivers\SerCx.sys
00:53:13.0688 0x0198 SerCx - ok
00:53:13.0697 0x0198 [ 7084D11083F0CDCA8B5C76F9846ABF5D, F639920882B0E784D8CFAF0D4C0F0C411937B6831E5DD99B0ABFBFE06BA4742F ] SerCx2 C:\Windows\system32\drivers\SerCx2.sys
00:53:13.0716 0x0198 SerCx2 - ok
00:53:13.0721 0x0198 [ 3FF478A8ED32A83C36581425F6282B6C, 787646A17098EA7CF36064D0A950C1D470D4A280C8C5AC40023D566E53860EAE ] Serenum C:\Windows\System32\drivers\serenum.sys
00:53:13.0737 0x0198 Serenum - ok
00:53:13.0743 0x0198 [ 92509187AA171A80521528B36F753E1D, FE0DA272B8A155ECC161E99586C4AE7EE17B1C84BC330DA1566C83B8E03FA825 ] Serial C:\Windows\System32\drivers\serial.sys
00:53:13.0762 0x0198 Serial - ok
00:53:13.0767 0x0198 [ 433D38FF6D08B993847EA2A10EB8CB52, 29BA75DB6D1AC761BBDFB5AC8874FC7D763E1CD10D290E369063B34CE951270F ] sermouse C:\Windows\System32\drivers\sermouse.sys
00:53:13.0785 0x0198 sermouse - ok
00:53:13.0805 0x0198 [ D525D273BE5691BDACE72B07AB0D1E02, 9231BD2137E71B3D555CEBBA8811297F239FDA08BF573CA4741D03D76718B5B1 ] SessionEnv C:\Windows\system32\sessenv.dll
00:53:13.0839 0x0198 SessionEnv - ok
00:53:13.0845 0x0198 [ 697D3EE0740AEAB62B66ABCA1C83D13B, FCF54A0071ED04AD3FC8551C67FE5FD49089DC0510F753052CAC5972A65C9E3D ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
00:53:13.0860 0x0198 sfloppy - ok
00:53:13.0877 0x0198 [ 3D0069B8F0C2FB1B0F13DBDB57593DAD, 4CEC91BC45A51C4E445D2DD8A13AC97719D5AAC1DBA8EA9166D2A354E7857378 ] SharedAccess C:\Windows\System32\ipnathlp.dll
00:53:13.0924 0x0198 SharedAccess - ok
00:53:13.0945 0x0198 [ 482E6BE8A07832E824080D352075ACA1, 4123A76C8E805AF4FE229C53E9C174095C0937913BA81A63FE9B45C44AA5B15F ] ShellHWDetection C:\Windows\System32\shsvcs.dll
00:53:13.0996 0x0198 ShellHWDetection - ok
00:53:14.0006 0x0198 [ CF3BDF9EAD8D3EF671E9339B44B185BA, C17EC6D5B00F49D9C8B5B6C262A85F34ED71C58450659F006B3632AA84F68E23 ] shpamsvc C:\Windows\system32\Windows.SharedPC.AccountManager.dll
00:53:14.0032 0x0198 shpamsvc - ok
00:53:14.0038 0x0198 [ A34CE1830E45DA98932295FDE4B7908A, FC553ECF4D64B4B10B7FDE5352707785517A18D487A80665BAFC7261E3F35CDC ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
00:53:14.0054 0x0198 SiSRaid2 - ok
00:53:14.0061 0x0198 [ A7B5C670770E908DA5FEF5BF1136E933, 8D3BB6FF65E631C34BE8EA766481B2FDB2E1E916A4FD67F86705A8975A136E6C ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
00:53:14.0076 0x0198 SiSRaid4 - ok
00:53:14.0083 0x0198 [ 27C4A39F335902B94D6F0948B34D6C32, D5DE9057B219F97150D2957834AD844102920BE12667675A82FAA1BFBBC885FF ] SmbDrvI C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys
00:53:14.0094 0x0198 SmbDrvI - ok
00:53:14.0100 0x0198 [ 3CF50AFD283566573E0412E5D512184A, 382825D5592F13088FB82A0452F9FAC917767A808B521F1BDACB78B70797FB5A ] smphost C:\Windows\System32\smphost.dll
00:53:14.0125 0x0198 smphost - ok
00:53:14.0145 0x0198 [ 0B217141AC1283655402CDB356577735, 6EFA4CA46CFC8B7156CE7E5CA89B7F7073E16D66C2FC13F4DB95FEB78CCF698F ] SmsRouter C:\Windows\system32\SmsRouterSvc.dll
00:53:14.0195 0x0198 SmsRouter - ok
00:53:14.0207 0x0198 [ 6F4CE07D420FB657B5936F71101ABD41, CEC52984C56E578E0FFE12BE1B8148335F788B7D1751F2D0E79B944A41113C20 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
00:53:14.0227 0x0198 SNMPTRAP - ok
00:53:14.0245 0x0198 [ 3DB9C2950439B61A038BF83E697C7A14, 6BF5EA5D4A251CB982F336840A60EF4241A3FC7442E7CD4D7C82199F5BF8D4D2 ] spaceport C:\Windows\system32\drivers\spaceport.sys
00:53:14.0275 0x0198 spaceport - ok
00:53:14.0282 0x0198 [ E03264C4C25B568F92ED1656AD541E64, D42942BFFBC7213D204FAF84F4FE015FC23A6ACB29B5E752834EDBC17A3AC20D ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
00:53:14.0299 0x0198 SpbCx - ok
00:53:14.0323 0x0198 [ DA5A9752A702E86AFC10F06115A8AF4C, 1EBF973AAEE0D851934CFD99BF6FC3B33D6EF5EDE95F81450D2EA18117172FC9 ] Spooler C:\Windows\System32\spoolsv.exe
00:53:14.0376 0x0198 Spooler - ok
00:53:14.0502 0x0198 [ D9B2C0D75F4463EE117F56D59D3CD670, 6E43BCF9388BCA58E2BDF64B71022334542727B0CDDE5F8DAF2AA8CFEA5F619F ] sppsvc C:\Windows\system32\sppsvc.exe
00:53:14.0716 0x0198 sppsvc - ok
00:53:14.0736 0x0198 [ EDCDCD95B916DB156A903AC6256F0CCF, 4158EFE298235EDE2C34CE9F3978A4F3690379F14B21F917647EEAA0A8C1DE4A ] srv C:\Windows\system32\DRIVERS\srv.sys
00:53:14.0765 0x0198 srv - ok
00:53:14.0785 0x0198 [ DF7147DE10921DBAAE9F9EEF94590E10, 2222BA441227056DA17194648B3AF49655650F7BBA9E4A9ACEF519E392099C6D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
00:53:14.0827 0x0198 srv2 - ok
00:53:14.0840 0x0198 [ 416D224AF7481A4179F018FB1F9A5B6B, 38159D7957A8091DFC5C32DCAC4DB07FDE14BBE4E75B4E61B4FBB332E3F9259D ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
00:53:14.0863 0x0198 srvnet - ok
00:53:14.0873 0x0198 [ 44758105AB3EA34E815D4B6CA1153311, 7F223A20D2538C123BAC6F75BE0E126876A116F09502FD980C05B8916E26E1B7 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
00:53:14.0899 0x0198 SSDPSRV - ok
00:53:14.0910 0x0198 [ B97C7EC07218A8002323718202BF5E77, 39D3254383E3F49FD3E2DFF8212F4B5744D8D5E0A6BB320516C5EE525AD211EB ] SstpSvc C:\Windows\system32\sstpsvc.dll
00:53:14.0938 0x0198 SstpSvc - ok
00:53:15.0033 0x0198 [ DF762D30EF0EE10E569C507BE75EAA6B, C23BA05E778CF1A547E7D3FE2226E0E68917570C56D5E703E599CAF2FD10BD17 ] StateRepository C:\Windows\system32\windows.staterepository.dll
00:53:15.0217 0x0198 StateRepository - ok
00:53:15.0228 0x0198 [ 29D26E1347AE1BBD4201014E19880B2C, 9E2153AD96CE4F189EEE43BB02515532C619FB1CA02D8F6DEF517AC3347AAA14 ] stexstor C:\Windows\system32\drivers\stexstor.sys
00:53:15.0244 0x0198 stexstor - ok
00:53:15.0265 0x0198 [ 91CB95B35481155BFE29C217CD237F27, CA66957DF1441D991453BEF02D768D44E5D9A484BC23C8874E8A7AC20904CB06 ] stisvc C:\Windows\System32\wiaservc.dll
00:53:15.0308 0x0198 stisvc - ok
00:53:15.0316 0x0198 [ 0FE3B9A9E40DE1029B0AC2368A3F765D, AB06795E456DB9CE4E5A91DD1C2638B4D474CE1C5DB4819D5EE17A337D74A231 ] storahci C:\Windows\system32\drivers\storahci.sys
00:53:15.0330 0x0198 storahci - ok
00:53:15.0337 0x0198 [ C5E0ACE4771F5575D9D5B457ABF3AD03, 365880BC5AC313F25C313EFB7758301F98D9B2BF4C5FC9499F98C2B7F8407D96 ] storflt C:\Windows\system32\drivers\vmstorfl.sys
00:53:15.0354 0x0198 storflt - ok
00:53:15.0361 0x0198 [ C1CFB9C19BF1134D8B9A7CF89BEC0AD1, 60DDF10777B30F3F70E4D52AFEABE71C7B509D0F2E3829106ED42ED330F8BCF4 ] stornvme C:\Windows\system32\drivers\stornvme.sys
00:53:15.0374 0x0198 stornvme - ok
00:53:15.0380 0x0198 [ BEBF85EB4D90E6996047DA027D0ED26E, DF109CF0F07CDD1B9B702C2A076D4DD5366DAAD971CC9359AF0358E79981706F ] storqosflt C:\Windows\system32\drivers\storqosflt.sys
00:53:15.0398 0x0198 storqosflt - ok
00:53:15.0411 0x0198 [ EAB902EB8DCF9436354C7CF71A41C223, BB855A7C296AE60C025C7D488EB24BB7AB72FC716A12BE0BBE14B95DFCD290ED ] StorSvc C:\Windows\system32\storsvc.dll
00:53:15.0447 0x0198 StorSvc - ok
00:53:15.0453 0x0198 [ 8E73037A6F8938475692FFCC26EBF385, F78C5CD1A3CD17AA831EEC82426B14006B4DDBC9085A4814E04E8C37FD6B05F7 ] storufs C:\Windows\system32\drivers\storufs.sys
00:53:15.0467 0x0198 storufs - ok
00:53:15.0473 0x0198 [ 9D9DED47DA10E845EFF2DD57C94C809B, 520D0CE7A867051B80C8141E351FE5A5BCE3C99776093F234DB77D3407B1F104 ] storvsc C:\Windows\system32\drivers\storvsc.sys
00:53:15.0488 0x0198 storvsc - ok
00:53:15.0494 0x0198 [ 224C92E442B1B8C20C274332F1ACF00D, CDE5DCFB7A21089464A6E2ABB29BBE08B184C3433C218756AA5902A8F67C0B2C ] svsvc C:\Windows\system32\svsvc.dll
00:53:15.0521 0x0198 svsvc - ok
00:53:15.0528 0x0198 [ 505E0C40B5D0ADDCBB414640F59BD2E0, DF4B5E65FE6FF2224F298A2A2FAC9B648C082DFF8463148633647580A9FAD34D ] swenum C:\Windows\System32\drivers\swenum.sys
00:53:15.0540 0x0198 swenum - ok
00:53:15.0555 0x0198 [ 2EE27411B5904C63D723BEA391819F58, C88C11D460E90398E16011B8A2CED5EE5626084F24790EA6115532F8F70060C6 ] swprv C:\Windows\System32\swprv.dll
00:53:15.0599 0x0198 swprv - ok
00:53:15.0607 0x0198 [ 32F46FB0F290D16DAA452B289C985795, 73F88AAAA6026DB4C27F1D054145216DCC3F1960946FB2A7A90518DD1D5737CB ] Synth3dVsc C:\Windows\System32\drivers\Synth3dVsc.sys
00:53:15.0623 0x0198 Synth3dVsc - ok
00:53:15.0641 0x0198 [ E9DBEB25D6CF143645FC46881DAE8A44, 584E5E1B558B142423B6E545DE214B65980C24FDA354719A4CD13F49130C7C5B ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
00:53:15.0668 0x0198 SynTP - ok
00:53:15.0694 0x0198 [ FED48B19D6F55D7A3AB498D85729D1BA, FA5E0E02BC2E2DE108C55991E3B063CC947072228B53539F42F922661510DE7C ] SysMain C:\Windows\system32\sysmain.dll
00:53:15.0754 0x0198 SysMain - ok
00:53:15.0768 0x0198 [ D9FEA79BF6AF136F8E656AE045C2FEC8, E6F08A93348E035185F0F1C6B6277E636F4F25D1136E3ACCA63488DAEEC7114B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
00:53:15.0799 0x0198 SystemEventsBroker - ok
00:53:15.0807 0x0198 [ 2BE3A44B764D6C43CBF4650E862CB807, 78920DA47F3A0C26503FB62EF159455A860E57A9A39C72AEE23A9324168EC1D2 ] SystemUsageReportSvc_WILLAMETTE C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
00:53:15.0858 0x0198 SystemUsageReportSvc_WILLAMETTE - ok
00:53:15.0869 0x0198 [ 86E7FD5C8DBEC1EB51C4368561402B75, 86EE61414CD5854E39E33F67BF5DA4377B569B3ED4D18882C470BC6784891DA1 ] TabletInputService C:\Windows\System32\TabSvc.dll
00:53:15.0895 0x0198 TabletInputService - ok
00:53:15.0901 0x0198 [ D765F43CBEA72D14C04AF3D2B9C8E54B, 89C5CA1440DF186497CE158EB71C0C6BF570A75B6BC1880EAC7C87A0250201C0 ] tap0901 C:\Windows\System32\drivers\tap0901.sys
00:53:15.0919 0x0198 tap0901 - ok
00:53:15.0931 0x0198 [ 3929C8FC134AC672C4F3F85160956257, CD3195CA58BA6F55EA0DDA2BE6AB58280AD1CA488D7AAA1539DD05FB99374F36 ] TapiSrv C:\Windows\System32\tapisrv.dll
00:53:15.0959 0x0198 TapiSrv - ok
00:53:16.0020 0x0198 [ 172B5A199F917B4BACB38F13BCAA11CB, 8491C9E284658920544F5EFED7125D50135C43360BD50B78F962578D9716C719 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
00:53:16.0109 0x0198 Tcpip - ok
00:53:16.0170 0x0198 [ 172B5A199F917B4BACB38F13BCAA11CB, 8491C9E284658920544F5EFED7125D50135C43360BD50B78F962578D9716C719 ] Tcpip6 C:\Windows\system32\drivers\tcpip.sys
00:53:16.0266 0x0198 Tcpip6 - ok
00:53:16.0278 0x0198 [ 8DBB1BE20C36E6D19BCC89EEA00B953C, 8B97A7E53E1D77363AFF6A5AAEAD89EBAE28DCB8D82753C804FD7CD5646500AF ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
00:53:16.0294 0x0198 tcpipreg - ok
00:53:16.0304 0x0198 [ 9D2DD64A0B51C56285512DC9454340F6, ABB90CE6A55269F71AFB08E04969CF9A4EFD93F7A7189AF920EEE3E005214DDD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
00:53:16.0320 0x0198 tdx - ok
00:53:16.0327 0x0198 [ 06130AFFECEB94525FC2352936576B70, 10EBE2C8FDC087D29E2FFB328F0F7905A5374AB8CC9FAE8699E7676DBC8CBF91 ] terminpt C:\Windows\System32\drivers\terminpt.sys
00:53:16.0340 0x0198 terminpt - ok
00:53:16.0366 0x0198 [ FB68E5F02316C42BE7282DA492351C6F, AC31D841FEA58B776127E138DB20F8D48E26FD8C00CE2FA9695EA14EBF159A0A ] TermService C:\Windows\System32\termsrv.dll
00:53:16.0426 0x0198 TermService - ok
00:53:16.0434 0x0198 [ 2AF438EC0D361A7BBB70E604A686602C, 4BE6A0461EB2CB94288614434A1CEC81C2ED46241721FD5BBD8ABE0680F7C804 ] Themes C:\Windows\system32\themeservice.dll
00:53:16.0461 0x0198 Themes - ok
00:53:16.0472 0x0198 [ 1482B8ED5CACA87992A882B853B83CEE, 613247F0E362A109090E8563D977DECC50C64D45D6962905FA84A2D59329045C ] TieringEngineService C:\Windows\system32\TieringEngineService.exe
00:53:16.0504 0x0198 TieringEngineService - ok
00:53:16.0521 0x0198 [ 3B3C607C3C62DFBEF61938DA2CAB94DF, E5EEA7F45A7BBFDF6F0003CD77E39958C451DD1B4B401876B5619A3C20F5C370 ] tiledatamodelsvc C:\Windows\system32\tileobjserver.dll
00:53:16.0563 0x0198 tiledatamodelsvc - ok
00:53:16.0573 0x0198 [ C1F8CBE2D4843E0CCC3EFEA2EC60D4AB, 9D07527D982066922318C77AECE99280DE55034C375ACE145E827A6BEB5C3B70 ] TimeBrokerSvc C:\Windows\System32\TimeBrokerServer.dll
00:53:16.0596 0x0198 TimeBrokerSvc - ok
00:53:16.0604 0x0198 [ D6265A9008DC7B6411ACBAEB7CA26F75, C4992ACB4BB2BBB7249B52791BF4E5ED67AC854998733A7BBC6CEB3275D6726D ] TPHKLOAD C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
00:53:16.0615 0x0198 TPHKLOAD - ok
00:53:16.0625 0x0198 [ 798C8CB861EB09C5AFB77468E5449BBB, F6631E779159B99B097A59792D11713809CA493618B6A210A4BC905F16782094 ] TPM C:\Windows\System32\drivers\tpm.sys
00:53:16.0642 0x0198 TPM - ok
00:53:16.0651 0x0198 [ 3B91F35089240F6187AD681A5EC28BDE, 3D035CB73BC8E7831DCD0FB7D9DAD91CE51D3D0F9D9C8B866A0009BD508B6702 ] TrkWks C:\Windows\System32\trkwks.dll
00:53:16.0671 0x0198 TrkWks - ok
00:53:16.0678 0x0198 [ AF343840E793BE63A9C646760BE8F2CD, 483FE55873A01DB7ACEC99B6823DAACC9EA7C67D36C6F12698113B31A7D5B8BE ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
00:53:16.0698 0x0198 TrustedInstaller - ok
00:53:16.0706 0x0198 [ A6F4025664C9D4BC2A9EDAB4092706D7, 89808A1679C0E716F86F06EE7701DCC289200894F0FA1F120DA2AC3A45FDB312 ] tsusbflt C:\Windows\system32\drivers\TsUsbFlt.sys
00:53:16.0727 0x0198 tsusbflt - ok
00:53:16.0733 0x0198 [ 37A96AD493E110C0BF1EE0AC0F9E7DBD, F2A6894A4AEE18DF2B92222CDB0801A13AEEB7212071F0431430788339B30E23 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
00:53:16.0747 0x0198 TsUsbGD - ok
00:53:16.0755 0x0198 [ 5A91FDBA4D3FCB56DAEB8C091B3EB8E1, 8AB91F4423125267FA8509A1C3A9AD1CBD642FA6A96D8789F9AB8CB75ABAD58C ] tsusbhub C:\Windows\system32\drivers\tsusbhub.sys
00:53:16.0776 0x0198 tsusbhub - ok
00:53:16.0785 0x0198 [ 79E264287F17D56D768440B0270466DE, ABF9DC95C5E939B30BFD9BF9EDFDB3BD78A9DFCB055B945965303B6A60E6D7A7 ] tunnel C:\Windows\System32\drivers\tunnel.sys
00:53:16.0807 0x0198 tunnel - ok
00:53:16.0814 0x0198 [ 0F38FCE8C61CC14DE3718FAB5FFC0D3A, 527071956BDC0F2863DCDFEDD314DB5265A6AE525F810186F508E0D58A97D767 ] tzautoupdate C:\Windows\system32\tzautoupdate.dll
00:53:16.0836 0x0198 tzautoupdate - ok
00:53:16.0843 0x0198 [ AA65954F512BA097DD190790876DD991, C1BB2B8F54F064D01190327B5E7949EBBDA21D6FC6F94D9FCD20F685C2F855FA ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
00:53:16.0857 0x0198 UASPStor - ok
00:53:16.0864 0x0198 [ AB6268022C3A5B529075A39C33904DA6, 2717F1704640201F2681711543EA39A74C3E89C7DB232EC5DD89FD8AA6F07846 ] UcmCx0101 C:\Windows\system32\Drivers\UcmCx.sys
00:53:16.0883 0x0198 UcmCx0101 - ok
00:53:16.0890 0x0198 [ 7ED2EDA43D21C7A5F589A7960E265C52, 7DB8A595236FBB8A264D7AB155201357212855050ABB5B1036EF32F1223FDCC2 ] UcmTcpciCx0101 C:\Windows\system32\Drivers\UcmTcpciCx.sys
00:53:16.0908 0x0198 UcmTcpciCx0101 - ok
00:53:16.0914 0x0198 [ 169351463039B45F5CDED9768879F712, 990C8C4AEF9ED7FF6BCEAE67F7BDAA037777B142B8D96A74F8715C941A5C63C6 ] UcmUcsi C:\Windows\System32\drivers\UcmUcsi.sys
00:53:16.0930 0x0198 UcmUcsi - ok
00:53:16.0941 0x0198 [ 08A9E3AD29B215484FBB68CDC175DF3A, 3EFFF99C3BC4A1454E3D2B5177AE587ED3041AB4CE2A95BA7E28A2124E38E1E5 ] Ucx01000 C:\Windows\system32\drivers\ucx01000.sys
00:53:16.0960 0x0198 Ucx01000 - ok
00:53:16.0966 0x0198 [ DA70AEE267491AA56BC63AA0C0C96CA2, 0A0AADB27607F9292BB3CE000CFDDB19BD4CA09EAAD926C4925CB43B17817AD9 ] UdeCx C:\Windows\system32\drivers\udecx.sys
00:53:16.0983 0x0198 UdeCx - ok
00:53:16.0995 0x0198 [ FBC5ECF6D5A868D0B116C2DBB02B8168, 945AA76C60ABAD6075B5C8F9172C018F75BCF393A1CB8B329F5E68E664627775 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
00:53:17.0034 0x0198 udfs - ok
00:53:17.0040 0x0198 [ B918E40FAA9CD118CCA4AD388B748C98, 4B539B7B656F02C5E5BAEE52A677757B05CC11C5500D619850A564C28FAB8115 ] UEFI C:\Windows\System32\drivers\UEFI.sys
00:53:17.0055 0x0198 UEFI - ok
00:53:17.0061 0x0198 [ 166B17AE1DD24D8BA8CA474C7C31148F, D34E786277093278F58EFAC957279DC4ED43A190538C875B80F5B1E0A0C30381 ] UevAgentDriver C:\Windows\system32\drivers\UevAgentDriver.sys
00:53:17.0075 0x0198 UevAgentDriver - ok
00:53:17.0108 0x0198 [ FCA4D901FB9934DAB82ED31C4EE89A11, 8EDF8DD71C13DE77AC83D1086670E9E90C69DE379F1CF768C8B9C789254C04AA ] UevAgentService C:\Windows\system32\AgentService.exe
00:53:17.0170 0x0198 UevAgentService - ok
00:53:17.0182 0x0198 [ 0FD75222C1AD2687AB365BEBEA400DD4, AD10DBCA59EB7D34FD8F963CE267F36774A9BC613F8D637903B12AC88C328E8A ] Ufx01000 C:\Windows\system32\drivers\ufx01000.sys
00:53:17.0203 0x0198 Ufx01000 - ok
00:53:17.0211 0x0198 [ C1A78C53E01C641AE41BFA65797819F5, 0B9FE1BD724B3315199A1B1DA2F03255E4FE744DA3CE6CD0F77699A8E42E9359 ] UfxChipidea C:\Windows\System32\drivers\UfxChipidea.sys
00:53:17.0228 0x0198 UfxChipidea - ok
00:53:17.0236 0x0198 [ 767307212110EBEFB93EC9A5BE9E85B9, 368797400FE54802CE74F34B773CE2AF09EB8DEA6C035B55419A52F0B5A6FAD0 ] ufxsynopsys C:\Windows\System32\drivers\ufxsynopsys.sys
00:53:17.0254 0x0198 ufxsynopsys - ok
00:53:17.0265 0x0198 [ 8578F83EC5175920F2D8586FFF9DCE47, 049A16AC87F93E761150C8286633FFCA62EE85F5645DDE77D36BD0EB6481FF83 ] UI0Detect C:\Windows\system32\UI0Detect.exe
00:53:17.0286 0x0198 UI0Detect - ok
00:53:17.0292 0x0198 [ DC460AAA18CA2342FBBFB2DF9B044472, 14D45E059C596AE97506D26705F248CA1C2269160B31A60341060E8A93146CBD ] umbus C:\Windows\System32\drivers\umbus.sys
00:53:17.0308 0x0198 umbus - ok
00:53:17.0314 0x0198 [ C3CF0377917ECE6D65D7623E1E61568F, 4909695E04CBC86BFCFFBC15F332C367521054B7B4D3C141C7CA6B2E40E090B9 ] UmPass C:\Windows\System32\drivers\umpass.sys
00:53:17.0328 0x0198 UmPass - ok
00:53:17.0339 0x0198 [ 640CF093C1CF16D5FD317616CA348F31, BEC34D1AACA83BF5A84CE01F6A668E3CA5A33C56A446DC42EFFF7C43D22E1AE6 ] UmRdpService C:\Windows\System32\umrdp.dll
00:53:17.0368 0x0198 UmRdpService - ok
00:53:17.0404 0x0198 [ B8272BB8D4982C496FDC704809C38E02, F93855D932FB1DBBCC86E82C0FE0DC9ECF93BBD629D2CA9D0BE7E075E114B7FF ] UnistoreSvc C:\Windows\System32\unistore.dll
00:53:17.0465 0x0198 UnistoreSvc - ok
00:53:17.0485 0x0198 [ 6CDA3536F6BAB7896A57EAB7DC07F379, 8FBE6457ECD1ABB518D9800EBA8A017774FFAA8EABD2EDC0825181A12FE9AEF6 ] upnphost C:\Windows\System32\upnphost.dll
00:53:17.0525 0x0198 upnphost - ok
00:53:17.0531 0x0198 [ 6B46FC140C9AF68E6E7697D66D59CB4D, F018B4784D65F1A8140A6EA69C35D6A7ECE01738694052FD54AFD2B81A8F2FF8 ] UrsChipidea C:\Windows\System32\drivers\urschipidea.sys
00:53:17.0543 0x0198 UrsChipidea - ok
00:53:17.0549 0x0198 [ B4402E7F0923F660270442CE76877ABE, 1C2DD26EAB71F75EA576E8DAABAF71FD7DC3DF807CF025617C774CEF33C0B718 ] UrsCx01000 C:\Windows\system32\drivers\urscx01000.sys
00:53:17.0562 0x0198 UrsCx01000 - ok
00:53:17.0567 0x0198 [ 9DD431F1B94789CFB527E5D19261F124, 8F5A249A97C5B14B282E3147DD21951D2AD34B651E762814C12F4C26D74EC70C ] UrsSynopsys C:\Windows\System32\drivers\urssynopsys.sys
00:53:17.0582 0x0198 UrsSynopsys - ok
00:53:17.0592 0x0198 [ C87E32B90F085970D9637FBAD45EF6FE, C180EACD2EE479277DA5DBF39E43B428BD7945141B2451CB3946B0C1E495E76F ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
00:53:17.0609 0x0198 usbccgp - ok
00:53:17.0617 0x0198 [ 0B663856474AC41924D9E9112203858F, 9E09F2A6279B48CAC09F8C7AA1F1BE02864D540C2ED1460CBA9FABCF0A546A1E ] usbcir C:\Windows\System32\drivers\usbcir.sys
00:53:17.0636 0x0198 usbcir - ok
00:53:17.0644 0x0198 [ F83D2250256203AC5DA5E8601C1AFDD7, AC0D90E2DB3051798B9D287CF3D0E92FED4000822E65A82775A29CF896B76F04 ] usbehci C:\Windows\System32\drivers\usbehci.sys
00:53:17.0659 0x0198 usbehci - ok
00:53:17.0674 0x0198 [ 7FFD26742321919590ED77FCA556D65F, F7FAB63C36F8519F5A7B9091C507F3CB580C390322FAF9155CCE7F66C965B968 ] usbhub C:\Windows\System32\drivers\usbhub.sys
00:53:17.0707 0x0198 usbhub - ok
00:53:17.0727 0x0198 [ 7A749B2863B5561BE34B39E8E249AD8F, E5B67DFAF5407007FD0CC408D6B4BA19DF59584819FC715E9F9E0FBF3EA00AAB ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
00:53:17.0754 0x0198 USBHUB3 - ok
00:53:17.0761 0x0198 [ D2109F1F4FEBF1DAC415CDC5DE876479, C8A871EBD0E5EF004BA622A73DAC36C03608CD317FDCD0A6A98608DF4CC10D55 ] usbohci C:\Windows\System32\drivers\usbohci.sys
00:53:17.0775 0x0198 usbohci - ok
00:53:17.0781 0x0198 [ 29C9572F2D061CFC3C0BD48A3163E343, 2527DCC9E6D421F5DC40051C787A5270EB077746785465C9AA2A2AEEF47307D5 ] usbprint C:\Windows\System32\drivers\usbprint.sys
00:53:17.0809 0x0198 usbprint - ok
00:53:17.0817 0x0198 [ 2EC7B2C8123236B1233A77281D378DF7, D97DB59C9CAE2B8B33C707E8CEA7A65BF88712842CC715D270F7432A99D21BB6 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
00:53:17.0848 0x0198 usbscan - ok
00:53:17.0855 0x0198 [ 429477D6DEF3321FF7D3EF23CAAADA00, BB7D2AFE99736AAFFA8B0B2DABF7D6A6D5CB9563B1DE6A7E86CE7DC9D27F31C0 ] usbser C:\Windows\System32\drivers\usbser.sys
00:53:17.0871 0x0198 usbser - ok
00:53:17.0878 0x0198 [ 0CC16F7B91C57AE9A4E44425A295FDAA, 7CEE11955E5742DA390601F565412C14A7481B8747C495CCD246696C56B426DC ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
00:53:17.0895 0x0198 USBSTOR - ok
00:53:17.0901 0x0198 [ C917D09064CDBD18F75ADC9B2C48F847, A7F6223346CCD7E84186CD0C0715014F8E3A4398298925A43290224678620D23 ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
00:53:17.0917 0x0198 usbuhci - ok
00:53:17.0928 0x0198 [ CED4FE214D4D03E29BD1041597057F38, 67A8471DF97A6733E35F2A2585C4630441C83109B2FF74D31A25A8E7744E6880 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
00:53:17.0949 0x0198 usbvideo - ok
00:53:17.0964 0x0198 [ 95BCCEFBC40D06484CF16144FE79B8A5, 8ABA73C5FFEDD319FB96B807AD08716698E557522478DF1A2C5D662675636AE0 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
00:53:17.0990 0x0198 USBXHCI - ok
00:53:18.0028 0x0198 [ 4CC81AB9D380A6264FF4C0C1512CF965, 76C33053D1C9155B0F3F8392FF982AD4EABEE2BBBEE89EA41DBFE8E436973EB0 ] UserDataSvc C:\Windows\System32\userdataservice.dll
00:53:18.0110 0x0198 UserDataSvc - ok
00:53:18.0144 0x0198 [ 8F6DAAFDDDA27D83ACC8C7FF1536CAF6, 5E1B67A5B388CBB3B193C238546BAD4DC5F5DF54859E16607A60681E6D38FA73 ] UserManager C:\Windows\System32\usermgr.dll
00:53:18.0215 0x0198 UserManager - ok
00:53:18.0230 0x0198 [ F4D8F67474DDA4FEF3935393AAA0173F, 5EB1700895E33972816DE4C2B920769CCE5580B83CAB8B2D7A8A6264F3A42B80 ] USER_ESRV_SVC_WILLAMETTE C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
00:53:18.0267 0x0198 USER_ESRV_SVC_WILLAMETTE - ok
00:53:18.0287 0x0198 [ C7CC4F8EA7FC1DE4221103B39360ABA0, 00B12186D731C3869022DCE763B243123D4E0B9BD0EA52AD9C95F9416F13FFD1 ] UsoSvc C:\Windows\system32\usocore.dll
00:53:18.0334 0x0198 UsoSvc - ok
00:53:18.0340 0x0198 [ FD0FC10A8CFD7AFEC58BBBE649BAA470, 9BDBD540FCF33FC01AB896D50A872E2FB5A007225FA003C528E6DCBDBEE19C25 ] VaultSvc C:\Windows\system32\lsass.exe
00:53:18.0358 0x0198 VaultSvc - ok
00:53:18.0365 0x0198 [ 0CBDE344FB48E42D78E29469F202ADBC, A1C3FBA5409DD3BBEAF1D3CE2583D6C8A621C0E4F534155EC540AFD67BC9E8CA ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
00:53:18.0378 0x0198 vdrvroot - ok
00:53:18.0397 0x0198 [ 0783EDE1FA94649ED7F3CEF6A734041A, 1A13A613EF6B67459031C7994FFC6F32F73E02E0F123A171618E4F011C635684 ] vds C:\Windows\System32\vds.exe
00:53:18.0455 0x0198 vds - ok
00:53:18.0465 0x0198 [ 723195568C8755CAD57F7933C5F2C5C2, 5C403799F67223605F825BC16D217C1EF5E1A0DDF00AC6380FE8976339B67D9B ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
00:53:18.0483 0x0198 VerifierExt - ok
00:53:18.0506 0x0198 [ C12B4859FC255AA6B3021CF8BB14A11F, E95922351825D23ABCADD173E9256FC9AFFF28555DD1971CFF5666A2055958C5 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
00:53:18.0541 0x0198 vhdmp - ok
00:53:18.0547 0x0198 [ 7929228F0E8B0C2FA0495A17A4FC27F6, 1F1667B10A96B1D85ED165F62A5C0EF28C37F828B8280EA08BFCC1BAC03F2C90 ] vhf C:\Windows\System32\drivers\vhf.sys
00:53:18.0561 0x0198 vhf - ok
00:53:18.0569 0x0198 [ AEE432ED868831B1F068E373598F6D93, BAE91F47B0CB94B826CA010B490AD924D7B715911DF3FCE62F9165F3B571105C ] vmbus C:\Windows\system32\drivers\vmbus.sys
00:53:18.0585 0x0198 vmbus - ok
00:53:18.0591 0x0198 [ 9444B23FC694B5F90F21B0FC7F10D8DD, 86F92856F5C985DD8E5993B51E85E1F47EF8C9B2FB37468998C94266963BB4BD ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
00:53:18.0607 0x0198 VMBusHID - ok
00:53:18.0612 0x0198 [ 4D0287F566B36536DD812A54C015FC4A, 01D6508CA59CF04A47902B1F7C202FD14A81240E0B447588D919DD1072B040CF ] vmgid C:\Windows\System32\drivers\vmgid.sys
00:53:18.0627 0x0198 vmgid - ok
00:53:18.0639 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicguestinterface C:\Windows\System32\icsvc.dll
00:53:18.0668 0x0198 vmicguestinterface - ok
00:53:18.0678 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicheartbeat C:\Windows\System32\icsvc.dll
00:53:18.0703 0x0198 vmicheartbeat - ok
00:53:18.0714 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmickvpexchange C:\Windows\System32\icsvc.dll
00:53:18.0742 0x0198 vmickvpexchange - ok
00:53:18.0756 0x0198 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicrdv C:\Windows\System32\icsvcext.dll
00:53:18.0787 0x0198 vmicrdv - ok
00:53:18.0801 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicshutdown C:\Windows\System32\icsvc.dll
00:53:18.0827 0x0198 vmicshutdown - ok
00:53:18.0837 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmictimesync C:\Windows\System32\icsvc.dll
00:53:18.0865 0x0198 vmictimesync - ok
00:53:18.0875 0x0198 [ A6CA116884BE5352829D2E538AD56A87, 9C58A15E15433EA92E3DDB38BB446700BD620D43B0F46EDD578349676B4B4D76 ] vmicvmsession C:\Windows\System32\icsvc.dll
00:53:18.0899 0x0198 vmicvmsession - ok
00:53:18.0912 0x0198 [ DC3172A6EB5DDB5EF94CB734CB7D4E63, 812971E0C2C18C876FFC9A46F1563801894C2EE9DD01CE1A641A0C68C0C1C6E2 ] vmicvss C:\Windows\System32\icsvcext.dll
00:53:18.0940 0x0198 vmicvss - ok
00:53:18.0948 0x0198 [ 29075915F9BDC3437F8BED71C067D399, 2C7718080C11DFDD4C9A2085537F78F5633369B4A27D9C64168F0249594A4AA2 ] volmgr C:\Windows\system32\drivers\volmgr.sys
00:53:18.0962 0x0198 volmgr - ok
00:53:18.0976 0x0198 [ 6BDB6CE6D2D9E3D3F28F1C97E12B62E2, 5E77D7AF858D7B90FF395F39B86D6F96413D1DDEA28BC9FB40C5524A4DF6DAD0 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
00:53:19.0002 0x0198 volmgrx - ok
00:53:19.0017 0x0198 [ BF2546583BB75F01DDA60A7921DFB230, 579BD0BC55F4F03CD8D1FCDAC3975A1649C688820F2F7FC1AD354132D9E3BEE9 ] volsnap C:\Windows\system32\drivers\volsnap.sys
00:53:19.0042 0x0198 volsnap - ok
00:53:19.0048 0x0198 [ AC2E20A74D09D24485BE8396CE04F07B, 23FCE8BEE01B89E5CDCA536D75DBA6DCE3E92E13178A66836CEB7829310A89D1 ] volume C:\Windows\system32\drivers\volume.sys
00:53:19.0060 0x0198 volume - ok
00:53:19.0068 0x0198 [ 04BEC879AD7B3FDDD0339B19FECB0160, 8C92755DDB41AD7DDA1643D7F32FAA0FCA7E2C65C69611EB5EC1B3276EA8DBC7 ] vpci C:\Windows\System32\drivers\vpci.sys
00:53:19.0082 0x0198 vpci - ok
00:53:19.0091 0x0198 [ FD9BCB8920973CEAD4D49DC7A6D8A618, 34AB4A485FB40DF737600006D8323BE927FB0BDA2BC170F4C123BE775EAE7CC8 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
00:53:19.0111 0x0198 vsmraid - ok
00:53:19.0152 0x0198 [ 01FFD5AF533F2CFDF26DDDC9313731C1, BFF0F2E57CD2358AC8F519F6F5692A46D97EC4E9B763D47101CEF31712FD4738 ] VSS C:\Windows\system32\vssvc.exe
00:53:19.0229 0x0198 VSS - ok
00:53:19.0244 0x0198 [ 0C111F220798CCE80484026E06822379, B98A5E44D3ABA67E6DE99E18BF3C2C606923E6269E262665C721F672ACBBED2A ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
00:53:19.0267 0x0198 VSTXRAID - ok
00:53:19.0273 0x0198 [ 607639716E9DB1CEF4E18B5B229293B4, 1D997177093F907EFE8A04AD10443BB9C355C0D7657DBD449E7EE7FCABC3ECBC ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
00:53:19.0290 0x0198 vwifibus - ok
00:53:19.0297 0x0198 [ B1ED64E628763148BF84FBE23F2AD711, 6182A39675E6049BC3DD353694720795A8E3D0331509AA8ABA4883D5C569AD5E ] vwififlt C:\Windows\system32\drivers\vwififlt.sys
00:53:19.0316 0x0198 vwififlt - ok
00:53:19.0322 0x0198 [ 59920894C38A827091A06AF559834E47, 8B40FE0B1BA3B2A79BFF70803D039DB921F85C978724722E5E5AFF188FA75471 ] vwifimp C:\Windows\System32\drivers\vwifimp.sys
00:53:19.0336 0x0198 vwifimp - ok
00:53:19.0352 0x0198 [ E7DE2794DF35F02868513D9594BF10FD, 89CB88814A5F7ACCFAC6FB5E3388B6922E1F8DCBB275531826DD04419BF74A7A ] W32Time C:\Windows\system32\w32time.dll
00:53:19.0393 0x0198 W32Time - ok
00:53:19.0400 0x0198 [ 55D00B785A7587F4263D125817871283, B92400B229099C1E243F2B149881A1423A2E9C8CA2D77D868B9B923BFDEC7FF2 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
00:53:19.0418 0x0198 WacomPen - ok
00:53:19.0434 0x0198 [ 1483BE4D0135C378CB61D3CD73AB3E03, B7309C9E4F370860C507BF52D17234CDF4A7FAE95D2D822714E07EF5DEC0249B ] WalletService C:\Windows\system32\WalletService.dll
00:53:19.0469 0x0198 WalletService - ok
00:53:19.0476 0x0198 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarp C:\Windows\system32\DRIVERS\wanarp.sys
00:53:19.0500 0x0198 wanarp - ok
00:53:19.0506 0x0198 [ CEF3D306C09BEC1A800E9B4A06F859F6, 75D21F97E9F94FA97024F945AF512FEC94F88DD8073F3FAD92A6E0A9FDC586DB ] wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
00:53:19.0530 0x0198 wanarpv6 - ok
00:53:19.0567 0x0198 [ 30B8286F8FE1AE90A583100D45E02247, 3C86A4A5E21F9A1267EA231B20914E0A162BA4C25FE8917AD3AB6D504DA5BE0C ] wbengine C:\Windows\system32\wbengine.exe
00:53:19.0642 0x0198 wbengine - ok
00:53:19.0669 0x0198 [ 6BE945D6DE02713BAD8627205CDF9F48, F6548EAF5D67DA4682D8B31E5B565606DEAAB9276B44F25F1A4203AB61B9400B ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
00:53:19.0722 0x0198 WbioSrvc - ok
00:53:19.0732 0x0198 [ CD24DEEA22152524CCFE859591D12A57, C60ACF77647E5D6EDC10BBBCF974DF264145123C8EDB6506AFA9C949EBA53D7F ] wcifs C:\Windows\system32\drivers\wcifs.sys
00:53:19.0747 0x0198 wcifs - ok
00:53:19.0769 0x0198 [ 32960EA9CF836D7DD77767DCB68CE230, 679446A4FAB0331C181D2716CAEA225267C6164BB9867E360C5B3D6AB1083195 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
00:53:19.0823 0x0198 Wcmsvc - ok
00:53:19.0840 0x0198 [ D50645235A507B0546B1B5CF7D0B8849, 19F5FE10C953B8EE8EEDA9A9F7F2E97AA193BB085E7FC364066686089ADD1C9F ] wcncsvc C:\Windows\System32\wcncsvc.dll
00:53:19.0880 0x0198 wcncsvc - ok
00:53:19.0888 0x0198 [ AEA1093B751339267D8C8C1EF3D669CF, 8F3325E7FB16BD856A0593C36F2E3E018909038C52CD5F92E116E0C1366F31CB ] wcnfs C:\Windows\system32\drivers\wcnfs.sys
00:53:19.0905 0x0198 wcnfs - ok
00:53:19.0912 0x0198 [ D520B1B849B6D4D707AB31722B952C2D, 149BABB7BD63C1F212ADD9306C84FFB2A5CE6DC435BD3213EAB787E9B222C61F ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
00:53:19.0926 0x0198 WdBoot - ok
00:53:19.0951 0x0198 [ 5030C76047D756263093A47B82970868, E772F15973F6DE36851DD230F1F4190746CD81CA1E7284DC074711C4BF45CAF0 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
00:53:19.0986 0x0198 Wdf01000 - ok
00:53:19.0998 0x0198 [ 29FF9199EDEB4F5470BB134D1A2563D2, 94713F98A6EA6042203D5DD0DE6758F5F0F331F7D4BB05E91EF20CEEEBD6780F ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
00:53:20.0017 0x0198 WdFilter - ok
00:53:20.0025 0x0198 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiServiceHost C:\Windows\system32\wdi.dll
00:53:20.0049 0x0198 WdiServiceHost - ok
00:53:20.0055 0x0198 [ E7A7E8803E66B7CCED95D327A4DBC135, 401ECD953D4014A95C9022822D9ACEC1A68C917281DBA2365503A473FC6D9507 ] WdiSystemHost C:\Windows\system32\wdi.dll
00:53:20.0083 0x0198 WdiSystemHost - ok
00:53:20.0103 0x0198 [ 373DF27CD5D5E50FFA2A90FEE0C0D994, 09E6C6C690AEE1C1A9A84BBA87A934040B2A20F677E5F5B2D24F8433B61BD81E ] wdiwifi C:\Windows\system32\DRIVERS\wdiwifi.sys
00:53:20.0144 0x0198 wdiwifi - ok
00:53:20.0152 0x0198 [ 17CF416CFF408190F5A4CBD79AB12E55, E376C8865C7EA633AE20D2CF940E4C7584AC783BAAF7941780FB6C4C84802F33 ] WdNisDrv C:\Windows\system32\Drivers\WdNisDrv.sys
00:53:20.0166 0x0198 WdNisDrv - ok
00:53:20.0171 0x0198 WdNisSvc - ok
00:53:20.0183 0x0198 [ 3570C4E14F85CE0B537D126727ACA91C, A474C9E6B6E4E5945C63367C1D3D24D4782C4A4FEB00FAE15DFED099D8283078 ] WebClient C:\Windows\System32\webclnt.dll
00:53:20.0217 0x0198 WebClient - ok
00:53:20.0227 0x0198 [ 1785F9C96A0BDEC1F6E0C79EF412F342, D6D4EDA69457BEDDA69C2F60FC4C2FAC97D46CD8E9C1804CCD68F169383583E3 ] Wecsvc C:\Windows\system32\wecsvc.dll
00:53:20.0261 0x0198 Wecsvc - ok
00:53:20.0267 0x0198 [ B9175D63527B05131F2FA504CF0265F2, 1E43A17788F1B6A29E2889C81E0BE100D64BD3A9DEE7C154D9581F01D2D7D05F ] WEPHOSTSVC C:\Windows\system32\wephostsvc.dll
00:53:20.0287 0x0198 WEPHOSTSVC - ok
00:53:20.0295 0x0198 [ 5C58EC0C9D4DE04DCDE56F6DCEA62080, 8ED386EDF4C39C339CE0BB2AC7E199C38705E5A6B3F56A4987B9A8ABD19BB59F ] wercplsupport C:\Windows\System32\wercplsupport.dll
00:53:20.0325 0x0198 wercplsupport - ok
00:53:20.0335 0x0198 [ F899B355CC95AF26AB36E84E8A0DD685, C400F2F80FFF6473FEF066943C4A2AFF0FFE988A4F755757A2E5005C2A10DAD8 ] WerSvc C:\Windows\System32\WerSvc.dll
00:53:20.0363 0x0198 WerSvc - ok
00:53:20.0373 0x0198 [ E1785942AC51FEE6826CDF02075C5AA9, 56FE7017684086F4F9C3A2C0D3AC00369BA0938BA3987EEBEE9A75B8E3CA0AE1 ] WFPLWFS C:\Windows\system32\drivers\wfplwfs.sys
00:53:20.0388 0x0198 WFPLWFS - ok
00:53:20.0396 0x0198 [ B154618505A6A9026EFA6AB8C4123BF1, 713648D71AA027B4472E7E75B942630DBE7383687984B02A5E99C9E4192C95EB ] WiaRpc C:\Windows\System32\wiarpc.dll
00:53:20.0420 0x0198 WiaRpc - ok
00:53:20.0426 0x0198 [ 0CF79A0EACFFBB75A50A469A27696D02, E112BF7B5A8D0B0AD2EA0E7B9FD4E8CFEC9371C8E94A60248292D688AFE715C4 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
00:53:20.0439 0x0198 WIMMount - ok
00:53:20.0443 0x0198 WinDefend - ok
00:53:20.0459 0x0198 [ 0DE131733317EB4BE67028366B0CAAC6, AC7DADBF03A3752B4D33CA19F03DBCEDD6F56893C2DA25C98B0AB07063D990E3 ] WindowsTrustedRT C:\Windows\system32\drivers\WindowsTrustedRT.sys
00:53:20.0474 0x0198 WindowsTrustedRT - ok
00:53:20.0480 0x0198 [ 92EB5D38BDF10C790450F3E46BF93A0E, 0FC027398DBD43EDC1F7D703C0B6DB20294DF34E67C9288442039B1A5663CE1B ] WindowsTrustedRTProxy C:\Windows\system32\drivers\WindowsTrustedRTProxy.sys
00:53:20.0493 0x0198 WindowsTrustedRTProxy - ok
00:53:20.0519 0x0198 [ C9E7D91A044B77CBCB4121C06610A86C, 9FF039D67A5CE4732920EA4F1F5CFD9DE0AAADC34829A007EA697030D42D3623 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
00:53:20.0569 0x0198 WinHttpAutoProxySvc - ok
00:53:20.0575 0x0198 [ F95DE20312ACCA7761446DE152BD1F7C, F6C5ACA500C2182437F4A7402BD81C3A2B77C0BBD78BA31FB574DC1997FCBFE6 ] WinMad C:\Windows\System32\drivers\winmad.sys
00:53:20.0592 0x0198 WinMad - ok
00:53:20.0608 0x0198 [ CD49CA8E3280ACEEC5ECF431A59F5EFD, 75F48EFC6DEE9E06B490703EE47602AFDEA51505285B02D2CF884601E71857CC ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
00:53:20.0635 0x0198 Winmgmt - ok
00:53:20.0702 0x0198 [ F86E9029774478D276E0AAB7D169896D, EDCB96F745E1F16BDFF70B140B38412096FA29A407157183223AE6111CBB4B38 ] WinRM C:\Windows\system32\WsmSvc.dll
00:53:20.0822 0x0198 WinRM - ok
00:53:20.0836 0x0198 [ 4EFB346BFDAEEB29316AA52BBB9852B1, 4BC5554F44BD9549D0A929D77BD410FA3EB502A7D0170303D369268672505494 ] WINUSB C:\Windows\System32\drivers\WinUSB.SYS
00:53:20.0853 0x0198 WINUSB - ok
00:53:20.0859 0x0198 [ 8B9AFF5F08E66A6F1F1063DEC9457FB6, 98F2AF6988D125521FD34CAA48B9652922F0C8ECFAE9B0C1DF4B3CE6B9CF500F ] WinVerbs C:\Windows\System32\drivers\winverbs.sys
00:53:20.0873 0x0198 WinVerbs - ok
00:53:20.0892 0x0198 [ 4D694EDF85F1BFC463B15846D4E00A9B, 4ED44C0E22D2843121E4C8A58F97B526BB7D85C0D7A0BB4B1158A970258C791E ] wisvc C:\Windows\system32\flightsettings.dll
00:53:20.0930 0x0198 wisvc - ok
00:53:20.0989 0x0198 [ B155B02AFF09DEFBC7FC8B359747B2C3, 6F759629305B4BDF08FC9C99C8EE3F328D87E8703819D98E1452D6A9F5D9896C ] WlanSvc C:\Windows\System32\wlansvc.dll
00:53:21.0103 0x0198 WlanSvc - ok
00:53:21.0155 0x0198 [ 7A98AF088E0B1A5EB98863B14F493716, 8B2F8D02AC0637C72859AF29C05C01D7D1C81C6A15CBE2D579F27F3254E66076 ] wlidsvc C:\Windows\system32\wlidsvc.dll
00:53:21.0261 0x0198 wlidsvc - ok
00:53:21.0270 0x0198 [ 6F4F4F5A007D1710BD76FB311DA97C07, FC0FEA4364F6BA4E31DBC82735D09D429CA3BE9AFCFF5D5E1263D8B27FC2CE3E ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
00:53:21.0286 0x0198 WmiAcpi - ok
00:53:21.0298 0x0198 [ 3CDDFF6CAD962C5EF1C52FD667C358B6, F6F09145E9461EB17172988D26749FCF36920A1A683459334D04A6D072B31A92 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
00:53:21.0320 0x0198 wmiApSrv - ok
00:53:21.0325 0x0198 WMPNetworkSvc - ok
00:53:21.0336 0x0198 [ EDADABA8665AB5C51BF59C4E2566BA7E, C85337881856B466F61DFA1E69FC2FD8250085D299A5DE052BFA80C83FD5EFD0 ] Wof C:\Windows\system32\drivers\Wof.sys
|
|
15.08.2016, 00:01
| #5 |
| | Windows Defender meldet Trojan:DOS/Shetwirl.K (3/3) Code:
ATTFilter 00:53:21.0353 0x0198 Wof - ok
00:53:21.0401 0x0198 [ 909CB4BBF7B08E78C363000E09E79A6F, 217205D1B5EE03274AFF9405AED6D2A5665CBA4C3876E84B53DA44920CDF9CB1 ] workfolderssvc C:\Windows\system32\workfolderssvc.dll
00:53:21.0494 0x0198 workfolderssvc - ok
00:53:21.0504 0x0198 [ F02930EB91596042F2221397D60AFCE5, 10E2AB0993B67CBAA9E11C68280608965064EC9F7E0C570F5B453FACADB8AB5D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
00:53:21.0525 0x0198 WPDBusEnum - ok
00:53:21.0531 0x0198 [ 75A9284F01FE7CB1A7D5EAE5C1EB4F33, 390EF23AEA06D8711555F7979FF8BE0620B53C1A551638C4EC6FB7C6678965B3 ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
00:53:21.0545 0x0198 WpdUpFltr - ok
00:53:21.0558 0x0198 [ 60E2EB3E7B7F15C25E02462159F90707, D8344B529EEC0D4922CAC3E6897CC9F191ACF1376017BE38ED6BF6019F1ED181 ] WpnService C:\Windows\system32\WpnService.dll
00:53:21.0588 0x0198 WpnService - ok
00:53:21.0596 0x0198 [ C7C91FB86A3C6CD7619725A88ED1884C, 132C43C518F37BF303D768BD5FB0AB835F693C43FE693937D804A34E940D770F ] WpnUserService C:\Windows\System32\WpnUserService.dll
00:53:21.0617 0x0198 WpnUserService - ok
00:53:21.0625 0x0198 [ 36D7B73ADC3E10607ED6EC874AFB5D1E, 1737B3E4D2CA76BB27903BF460E4960E6A0BC32D35069AC7C5E4B07F625F3282 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
00:53:21.0641 0x0198 ws2ifsl - ok
00:53:21.0651 0x0198 [ 519806FBCF00A0B17B8E03297DB0F551, 1911EA7168B06DBF3D36833120E4731437BF1ACC294C289B132C50280A40F548 ] wscsvc C:\Windows\System32\wscsvc.dll
00:53:21.0676 0x0198 wscsvc - ok
00:53:21.0682 0x0198 WSearch - ok
00:53:21.0741 0x0198 [ DB38A10568D01CCCDA442C8F52EDF657, C48AE43F8AE22B1A68E73E452C09CE8913885A549DCD33D017A16350AEA5EAB5 ] wuauserv C:\Windows\system32\wuaueng.dll
00:53:21.0850 0x0198 wuauserv - ok
00:53:21.0861 0x0198 [ AED7FE551E8672B824A56324076183EB, FFE543AAEFDEFFE6B20C244DB141A9425BDA88ED36F4870F0B70FEC433BDF0C1 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
00:53:21.0883 0x0198 WudfPf - ok
00:53:21.0893 0x0198 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFRd C:\Windows\system32\drivers\WudfRd.sys
00:53:21.0915 0x0198 WUDFRd - ok
00:53:21.0924 0x0198 [ 47F6450F28BAA32B2AB0D6BE00996249, C8A47D6ADF89AD613AB685C6224B9099DCEFDCD8ABCF703542AFDC356404116E ] wudfsvc C:\Windows\System32\WUDFSvc.dll
00:53:21.0948 0x0198 wudfsvc - ok
00:53:21.0958 0x0198 [ CEFAB17FD7DFCFA515626C306262E89D, 9D2B728DDD478580987E2DB7AA4DA81D77F3362F536AC1CADED20EB6ECEBB55D ] WUDFWpdFs C:\Windows\system32\DRIVERS\WUDFRd.sys
00:53:21.0980 0x0198 WUDFWpdFs - ok
00:53:22.0014 0x0198 [ 42DF36725C1B28EF40F94363BA9213ED, 87F7355FEF000326BFFC9ED24D6E32D05F36A549779A1D319603F94E6D8223FD ] WwanSvc C:\Windows\System32\wwansvc.dll
00:53:22.0084 0x0198 WwanSvc - ok
00:53:22.0115 0x0198 [ 38DDEB2AFE7D72B43DB116DACBFB97CD, 516368980793E22034298CA9C800D1AAD5B89979771182B74EB6E5FBC8BA1016 ] XblAuthManager C:\Windows\System32\XblAuthManager.dll
00:53:22.0180 0x0198 XblAuthManager - ok
00:53:22.0214 0x0198 [ 765FF96467A26C4C03281ECA426EC2D9, 2526B03C518D72F429C29BA4D4F11707AF277BF71520A1A92238A932950AE161 ] XblGameSave C:\Windows\System32\XblGameSave.dll
00:53:22.0276 0x0198 XblGameSave - ok
00:53:22.0288 0x0198 [ 59335CEA021FB89E07AD5DB5D17F09D0, 33FEFD5798BFA306FBEDCC8F2D0D984B6546A61B5026E921A8AC0466ADF2B698 ] xboxgip C:\Windows\System32\drivers\xboxgip.sys
00:53:22.0313 0x0198 xboxgip - ok
00:53:22.0341 0x0198 [ 335E6F2BE58523B295945C840C185B00, 94ED7E2CB212A3D55B8A2CB90CD1D02A6AF92DC0DDD487CB5B7CAC9883343460 ] XboxNetApiSvc C:\Windows\system32\XboxNetApiSvc.dll
00:53:22.0403 0x0198 XboxNetApiSvc - ok
00:53:22.0411 0x0198 [ 864F4209B03BE4267DDE09B067A165CA, C6751CB80940F320A742C38295E4FEEC85F99BE7D6C564AC5F5068E85A82421D ] xinputhid C:\Windows\System32\drivers\xinputhid.sys
00:53:22.0426 0x0198 xinputhid - ok
00:53:22.0429 0x0198 ================ Scan global ===============================
00:53:22.0436 0x0198 [ 0C710DB449712EE13ACE733695DB7780, BBC7875B38D318CE4E88979D083AC72E8993254A466A8A6882DDE9E0C3B687A3 ] C:\Windows\system32\basesrv.dll
00:53:22.0446 0x0198 [ 1FEF9536BA2779E2F3CB524E34BAC715, 6387C7E2FD538EFD9AC19B622AEC81F6F924576FDAB6F003AF5B6CBD33F6A379 ] C:\Windows\system32\winsrv.dll
00:53:22.0459 0x0198 [ 1EE06E957B0B2CA52D26DA7861E160EF, 4B743A1C7010138F5F6684BBCF7CAD6FD05F49920BDD3FDB776347AA6B44AB94 ] C:\Windows\system32\sxssrv.dll
00:53:22.0477 0x0198 [ 133390D061D94917125DC666DA67ECD0, 69D6FFF3E0A0C4D77A62B4D71E1E3A8D10D93C46782A1B05F0EC4B8919C384B9 ] C:\Windows\system32\services.exe
00:53:22.0490 0x0198 [ Global ] - ok
00:53:22.0490 0x0198 ================ Scan MBR ==================================
00:53:22.0493 0x0198 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
00:53:22.0592 0x0198 \Device\Harddisk0\DR0 - ok
00:53:22.0596 0x0198 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk1\DR1
00:53:23.0282 0x0198 \Device\Harddisk1\DR1 – ok
00:53:23.0283 0x0198 ================ Scan VBR ==================================
00:53:23.0285 0x0198 [ F311D3F1B828AF0A991AFC0E44D8E35D ] \Device\Harddisk0\DR0\Partition1
00:53:23.0287 0x0198 \Device\Harddisk0\DR0\Partition1 - ok
00:53:23.0290 0x0198 [ 3F3E1D72A6F82ABF4B8A59396381C303 ] \Device\Harddisk0\DR0\Partition2
00:53:23.0292 0x0198 \Device\Harddisk0\DR0\Partition2 - ok
00:53:23.0295 0x0198 [ FE1BF1CA55D403BDDA9C33BF49CAAF87 ] \Device\Harddisk0\DR0\Partition3
00:53:23.0297 0x0198 \Device\Harddisk0\DR0\Partition3 - ok
00:53:23.0301 0x0198 [ 870FB2C2B9921D274BBB16BA32363CF9 ] \Device\Harddisk1\DR1\Partition1
00:53:23.0304 0x0198 \Device\Harddisk1\DR1\Partition1 - ok
00:53:23.0304 0x0198 ================ Scan generic autorun ======================
00:53:23.0305 0x0198 WindowsDefender - ok
00:53:23.0630 0x0198 [ BF225BCD0EC2D85719C382019B5B4250, 7FE5A85209BD930FC1622600AB74E59854488986AA052A0D03D5FC7B361F247D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
00:53:23.0995 0x0198 RtHDVCpl - ok
00:53:24.0045 0x0198 [ DC64C1C5948E69DD5815BD5421DDED9B, F8BC8B0E92D9250EFE840CF87DB2C02821EF7EF456C726BE651E1755F37B306D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:53:24.0088 0x0198 RtHDVBg_Dolby - ok
00:53:24.0124 0x0198 [ DC64C1C5948E69DD5815BD5421DDED9B, F8BC8B0E92D9250EFE840CF87DB2C02821EF7EF456C726BE651E1755F37B306D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
00:53:24.0166 0x0198 RtHDVBg_LENOVO_MICPKEY - ok
00:53:24.0168 0x0198 SynTPEnh - ok
00:53:24.0172 0x0198 SynLenovoHelper - ok
00:53:24.0259 0x0198 [ 948EB9C552C05DF39F79587E6979D9F5, 402B155395C32005A8D78C8B0F00F2391542CB41188AF944FF17ADE6BE97A62D ] C:\Program Files\Logitech\SetPointP\SetPoint.exe
00:53:24.0357 0x0198 EvtMgr6 - ok
00:53:24.0365 0x0198 Dropbox - ok
00:53:24.0593 0x0198 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
00:53:24.0828 0x0198 OneDriveSetup - ok
00:53:25.0033 0x0198 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
00:53:25.0257 0x0198 OneDriveSetup - ok
00:53:25.0465 0x0198 [ 1496120E3867FD75AE5D4EAD6E618E7A, 8D8A2FD43D33A3F7A177783921BB7E50FECBAEF1E09CD42BCDC851375F3294D1 ] C:\Windows\SysWOW64\OneDriveSetup.exe
00:53:25.0687 0x0198 OneDriveSetup - ok
00:53:25.0717 0x0198 [ 8F2EA5EE0695CCE2285D92C44108375C, 2C96A8E7E41E87C27B6A3325526F99A03333357EF2682C17A4892BE4A58D157E ] C:\Users\xxx\AppData\Local\Microsoft\OneDrive\OneDrive.exe
00:53:25.0743 0x0198 OneDrive - ok
00:53:25.0786 0x0198 [ 0D28681183514A3E064AAA9C12D9DC7B, F32FA1A7565E1A2737B67E7DAF8ACC5FDF253D5D9AFC94DB0CB4F0C63117B313 ] C:\Users\xxx\AppData\Roaming\Spotify\SpotifyWebHelper.exe
00:53:26.0030 0x0198 Spotify Web Helper - ok
00:53:26.0187 0x0198 [ 33527CE93566F5728535C7DA68C6C11D, CF26D17E6BD44F0482DB85A400F42CF9B33BE74B27B9DBE3FA18DFB4D14C3485 ] C:\Users\xxx\AppData\Roaming\Spotify\Spotify.exe
00:53:31.0588 0x0198 Spotify - ok
00:53:31.0596 0x0198 Waiting for KSN requests completion. In queue: 1
00:53:32.0613 0x0198 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.10.14393.0 ), 0x61100 ( enabled : updated )
00:53:32.0619 0x0198 Win FW state via NFP2: enabled ( trusted )
00:53:32.0737 0x0198 ============================================================
00:53:32.0737 0x0198 Scan finished
00:53:32.0737 0x0198 ============================================================
00:53:32.0745 0x2380 Detected object count: 0
00:53:32.0745 0x2380 Actual detected object count: 0
|
|
15.08.2016, 09:41
| #6 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Defender meldet Trojan:DOS/Shetwirl.K Findet der Defender jetzt noch was?
__________________ --> Windows Defender meldet Trojan:DOS/Shetwirl.K |
|
15.08.2016, 19:07
| #7 | |
| | Windows Defender meldet Trojan:DOS/Shetwirl.KZitat:
|
|
16.08.2016, 09:11
| #8 |
| /// TB-Ausbilder /// Anleitungs-Guru | Windows Defender meldet Trojan:DOS/Shetwirl.K Mal Deine externe Platte anstecken. Schritt 1 Wichtig beim ESET-Scan: Bitte unter "Computer-Prüfeinstellungen/...zu prüfende Objekte" die checkbox bei Computer setzen.  ESET Online Scanner
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Windows Defender meldet Trojan:DOS/Shetwirl.K |
| anschluss, boot, c:\windows, code, defender, error, fehlermeldung, festplatte, harddisk, neu, neuinstallation, notebook, onboard, problem, probleme, runterfahren, spam, svchost.exe, system, system32, trojan, trojaner, update, version, windows, windowsapps |
Linear-Darstellung
