Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: avast meldet rootkit in .../SysWOW64-Ordner

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 28.12.2015, 23:09   #1
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner



Hallo liebe Community,
ich bin neu hier im Tojaner-board und versuche mein Problem gemäß der Anleitung zu beschreiben.
Bei dem (möglicherweise) befallenen System handelt es sich um die 64-bit-Version von Windows 8. Das installierte Virenprogramm ist Avast und dieses hat gemeldet, dass es ein Win32 rootkit gefunden und dieses in die Quarantäne (Container) verschoben hätte.
Der Dateiname lautet scanseuting.dll [sic!] und befindet sich im SysWOW64-Ordner, also an der Stelle an der auch .dll-Dateien zur Ausführung von 32-bit-Programmen gespeichert sind. Symptome eines Befalls weist das System jedoch nicht auf. Weder gibt es auffällige Netzwerkaktivitäten, noch meldet Avast bei einem Scan Malware/Trojaner/etc.
Daher meine Frage: Kennt jemand die Datei und kann eine Aussage über die Funktion und Herkunft geben? Handelt es sich vielleicht um ein echte Windows-dll? Diese könnte natürlich ersetzt worden sein. Aber Avast scheint sehr häufig Fehlmeldungen über Rootkits zu produzieren, zumindest liest man hier im Forum einige Einträge dazu.
Eine Beurteilung an Hand dieser spärlichen Informationen ist mit Sicherheit nur schwer möglich. Da es sich nicht um meinen eigenen Rechner handelt (Familienmitglied), bin ich noch nicht dazu gekommen FRST zu installieren, werde dies aber morgen nachholen können und den logfile hochladen.
Schonmal vorab vielen Dank für euere Hilfe

VG, Quax

Alt 28.12.2015, 23:31   #2
Bootsektor
/// TB-Ausbilder
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner





Mein Name ist Sandra und ich werde Dir bei Deinem Problem behilflich sein.
  • Bitte arbeite alle Schritte der Reihe nach ab.
  • Lese die Anleitungen sorgfältig durch bevor Du beginnst. Wenn es Probleme gibt oder Du etwas nicht verstehst, dann stoppe mit Deiner Ausführung und beschreibe mir das Problem
  • Führe bitte nur Scans durch zu denen Du von mir aufgefordert wirst.
  • Bitte kein Crossposting ( posten in mehreren Foren).
  • Installiere oder deinstalliere während der Bereinigung keine Software, ausser Du wurdest dazu aufgefordert.
  • Poste die Logfiles direkt in deinen Thread in Code-Tags.
  • Bedenke, dass wir hier alle während unserer Freizeit tätig sind, wenn du innerhalb von 2 Tagen nichts von mir hörst, dann schreibe mir bitte eine PM.

Hinweis: Ich kann Dir niemals eine Garantie geben, dass ich auch alles finde. Eine Formatierung ist meist der schnellere und bei einem Befall durch Malware immer der sicherste Weg. Adware lässt sich in den allermeisten Fällen problemlos entfernen.
Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Dir jemand vom Team sagt, dass Du clean bist.

Ja, bitte einmal FRST und bist du dir sicher, dass diese Datei nicht scansetting.dll heisst?

Kannst du bitte bei AVAST nochmal nachschauen, und mir einen Screenshot machen?
__________________

__________________

Alt 29.12.2015, 13:57   #3
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Name der Datei



Hallo Sandra,
vielen Dank für die schnelle Antwort! Den Computer zu formatieren war auch mein erster Gedanke. Das ist schließlich immer eine saubere Lösung. Die Idee hinter dem Post geht eher in die Richtung, dass ich sicher gehen möchte nicht Opfer meiner eigenen Paranoia zu werden und unnötig zu formatieren.
Der file-Name ist wirklich scanseuting.dll (Das "sic!" hatte ich dahinter gesetzt um das zu verdeutlichen, ist aber vielleicht etwas altmodisch )
Über den Scan mit FRST hinaus habe ich überlegt mit hiew mal auf die Platte zu gucken um zu sehen was da so geskripted ist. Ich muss aber gestehen, dass meine Fähigkeiten da etwas eingerostet sind und man damit leider auch sehr schnell sehr viel kaputt machen kann.
Morgen werde ich den Scan machen und hoffentlich sind wir dann schlauer.
Ich schaue auch nochmal nach den logfiles von Avast und schicke dir einen screenshot des GUI mit der Virenmeldung.
VG, Quax

Hallo Sandra,
hier sind die versprochenen Logfiles von FRST:
FRST Logfile:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:28-12-2015
durchgeführt von Ute (Administrator) auf UTE2 (29-12-2015 13:49:28)
Gestartet von C:\Users\Ute\Downloads
Geladene Profile: Ute (Verfügbare Profile: Ute)
Platform: Windows 8.1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
() C:\Windows\System32\DnsBlockUpdateSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Online Games Manager\ogmservice.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe
(Lenovo) C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(Vimicro) C:\Program Files (x86)\USB Camera\VM331STI.EXE
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1012000 2013-05-16] (NVIDIA Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [286704 2013-04-30] (Intel Corporation)
HKLM\...\Run: [DolbyTrayApp] => c:\program files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-08-31] (Dolby Laboratories Inc.)
HKLM\...\Run: [OnekeyStudio] => C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe [4196432 2012-09-14] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15794160 2013-11-09] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80368 2013-11-09] (Lenovo(beijing) Limited)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778864 2013-08-30] (Synaptics Incorporated)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [169768 2015-04-06] (Apple Inc.)
HKLM-x32\...\Run: [331BigDog] => C:\Program Files (x86)\USB Camera\VM331STI.EXE [552960 2013-05-14] (Vimicro)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [168464 2012-10-30] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [217088 2012-04-18] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-08] (CyberLink Corp.)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [7021880 2015-12-04] (AVAST Software)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452272 2012-08-31] (CANON INC.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1342390441-2180902221-2313439-1002\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
AppInit_DLLs: C:\WINDOWS\system32\nvinitx.dll => C:\WINDOWS\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-12-04] (AVAST Software)
ShellIconOverlayIdentifiers: [SugarSyncBackedUp] -> {0C4A258A-3F3B-4FFF-80A7-9B3BEC139472} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncPending] -> {62CCD8E3-9C21-41E1-B55E-1E26DFC68511} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncRoot] -> {A759AFF6-5851-457D-A540-F4ECED148351} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
ShellIconOverlayIdentifiers: [SugarSyncShared] -> {1574C9EF-7D58-488F-B358-8B78C1538F51} => C:\Program Files (x86)\SugarSync\SugarSyncShellExt_x64.dll [2012-05-14] (SugarSync, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2013-11-09]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicy: Beschränkung - Chrome <======= ACHTUNG
CHR HKLM\SOFTWARE\Policies\Google: Beschränkung <======= ACHTUNG

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

HKLM\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings: [ProxySettingsPerUser] 0 <======= ACHTUNG (Beschränkung - ProxySettings)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{3C3E47A9-E21A-4F65-9C7E-35289B4B70BE}: [DhcpNameServer] 128.16.1.1
Tcpip\..\Interfaces\{CBA62344-B355-417B-A142-AF9E94D1E9BD}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Beschränkung <======= ACHTUNG
HKU\S-1-5-21-1342390441-2180902221-2313439-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130853239320548559&GUID=010EB6CD-685E-4EAB-92DF-3A39EF49744C
HKU\S-1-5-21-1342390441-2180902221-2313439-1002\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
HKU\S-1-5-21-1342390441-2180902221-2313439-1002\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com
SearchScopes: HKLM -> DefaultScope {33703CE9-C1A4-4DC2-91A2-15EF96CE7D46} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKLM -> {33703CE9-C1A4-4DC2-91A2-15EF96CE7D46} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1342390441-2180902221-2313439-1002 -> DefaultScope {33703CE9-C1A4-4DC2-91A2-15EF96CE7D46} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
SearchScopes: HKU\S-1-5-21-1342390441-2180902221-2313439-1002 -> {33703CE9-C1A4-4DC2-91A2-15EF96CE7D46} URL = hxxp://www.google.de/search?q={searchTerms}&hl=de&gl=de&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
BHO: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_60\bin\ssv.dll [2015-10-16] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files\{B490D2B2-ACA3-46E9-B118-AF7A8CD5CC6E}\{220AF290-C174-4EE0-81DA-B5026B1A9E6A}.bin [2015-12-20] (Download Protect)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-10-16] (Oracle Corporation)
BHO-x32: Canon Easy-WebPrint EX BHO -> {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} -> C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll [2013-11-28] (CANON INC.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: DownloadProtect Extension -> {C654F3FE-8E84-4BB7-87CF-8D9171FC3C73} -> C:\Program Files (x86)\{62F232A2-2342-4436-BF82-D152A8A1F80B}\{B3ACEA9C-5CC4-4BB9-9A86-183D63FC42D7}.bin [2015-12-20] (Download Protect)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\addon64\ewpexhlp.dll [2013-11-28] (CANON INC.)
Toolbar: HKLM - Kein Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  Keine Datei
Toolbar: HKLM-x32 - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll [2013-11-28] (CANON INC.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1440163277&z=f43ee655665009c39ad7199g9z5zce4gdq2cfg5bct&from=smt&uid=ST1000LM024XHN-M101MBB_S30YJ9ED804033

FireFox:
========
FF ProfilePath: C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\4ubmiij7.default
FF NewTab: about:newtab
FF DefaultSearchEngine: Google (avast)
FF DefaultSearchUrl: hxxps://www.google.com/search?trackid=sp-006
FF SearchEngineOrder.1: Google (avast)
FF SelectedSearchEngine: Google (avast)
FF SelectedSearchEngine: google
FF Homepage: hxxps://www.google.com/?trackid=sp-006
FF Keyword.URL: hxxps://www.google.com/search?trackid=sp-006
FF Keyword.URL: hxxp://www.google.de/search?hl=de&gl=de&lr=&ie=utf-8&oe=utf-8&meta=lr=lang_de&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-24] ()
FF Plugin: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-10-16] (Oracle Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-24] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2014-10-30] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.5.29 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-05-17] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll [2012-12-13] (Nitro PDF)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1342390441-2180902221-2313439-1002: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Ute\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-01-26] (Unity Technologies ApS)
FF SearchPlugin: C:\Users\Ute\AppData\Roaming\Mozilla\Firefox\Profiles\4ubmiij7.default\searchplugins\google-avast.xml [2015-12-28]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-04]
FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: Avast SafePrice - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2015-12-04]
FF HKLM-x32\...\Firefox\Extensions: [{D2D6C4A9-B579-42FB-8EE1-780E03A83F9C}] - C:\WINDOWS\Installer\{5EC95738-8033-4ACD-AB19-ED59262C18FA}\{D2D6C4A9-B579-42FB-8EE1-780E03A83F9C}.xpi => nicht gefunden
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => nicht gefunden

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-12-04]

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-01-19] (Apple Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [226440 2015-12-04] (AVAST Software)
S2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2252504 2013-09-04] (Broadcom Corporation.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [958680 2013-05-28] (Broadcom Corporation.)
R2 DnsBlockUpdateSvc; C:\WINDOWS\system32\DnsBlockUpdateSvc.exe [149024 2015-10-29] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15344 2013-04-30] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [731648 2013-02-13] (Intel(R) Corporation) [Datei ist nicht signiert]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [820184 2013-02-13] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-05-17] (Intel Corporation)
S2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2012-12-13] (Nitro PDF Software)
U2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 ogmservice; C:\Program Files (x86)\Online Games Manager\ogmservice.exe [581568 2014-03-27] (RealNetworks, Inc.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [337920 2013-07-04] (IDT, Inc.) [Datei ist nicht signiert]
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2013-11-09] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [X]

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-12-04] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [97648 2015-12-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-12-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-12-04] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1055560 2015-12-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [451040 2015-12-19] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [155304 2015-12-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [273784 2015-12-04] (AVAST Software)
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-09-04] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 btwpanfl; C:\WINDOWS\system32\drivers\btwpanfl.sys [44912 2013-01-20] (Broadcom Corporation.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-04-27] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [100184 2013-04-09] (Intel Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-30] (Synaptics Incorporated)
R3 vm331avs; C:\Windows\System32\Drivers\vm331avs.sys [1064704 2013-05-31] (Vimicro Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-13] ("CyberLink)
S2 VBoxAswDrv; \??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-29 13:49 - 2015-12-29 13:49 - 00022047 _____ C:\Users\Ute\Downloads\FRST.txt
2015-12-29 13:45 - 2015-12-29 13:49 - 00000000 ____D C:\FRST
2015-12-29 13:44 - 2015-12-29 13:44 - 02370560 _____ (Farbar) C:\Users\Ute\Downloads\FRST64.exe
2015-12-29 13:41 - 2015-12-29 13:41 - 01721856 _____ (Farbar) C:\Users\Ute\Downloads\FRST.exe
2015-12-28 18:51 - 2015-12-28 18:51 - 00007482 _____ C:\Users\Ute\Documents\free_av_11.1.2245_2015-12-28_18-51-44.avastconfig
2015-12-20 14:51 - 2015-12-20 14:51 - 00007613 _____ C:\Users\Ute\AppData\Local\Resmon.ResmonCfg
2015-12-20 14:43 - 2015-12-20 14:43 - 00000000 ____D C:\Program Files (x86)\{62F232A2-2342-4436-BF82-D152A8A1F80B}
2015-12-20 14:42 - 2015-12-20 14:42 - 00000000 ____D C:\Program Files\{B490D2B2-ACA3-46E9-B118-AF7A8CD5CC6E}
2015-12-20 14:12 - 2015-12-20 14:44 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-12-20 12:26 - 2015-12-20 13:01 - 00000000 ____D C:\Users\Ute\Downloads\cover
2015-12-09 14:59 - 2015-11-05 09:59 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rmcast.sys
2015-12-09 14:58 - 2015-11-22 07:59 - 07455064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2015-12-09 14:58 - 2015-11-22 07:59 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2015-12-09 14:58 - 2015-11-22 07:59 - 01659568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2015-12-09 14:58 - 2015-11-22 07:59 - 01519592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2015-12-09 14:58 - 2015-11-22 07:59 - 01487008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2015-12-09 14:58 - 2015-11-22 07:59 - 01355848 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2015-12-09 14:58 - 2015-11-22 07:58 - 01499920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2015-12-09 14:58 - 2015-11-21 19:32 - 00016896 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntvdm64.dll
2015-12-09 14:58 - 2015-11-21 18:50 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntvdm64.dll
2015-12-09 14:58 - 2015-11-21 17:59 - 01706496 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2015-12-09 14:58 - 2015-11-21 17:49 - 01344000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2015-12-09 14:58 - 2015-11-21 17:47 - 00522240 _____ (Microsoft Corporation) C:\WINDOWS\system32\catsrvut.dll
2015-12-09 14:58 - 2015-11-21 17:40 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\catsrvut.dll
2015-12-09 14:58 - 2015-11-11 17:21 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2015-12-09 14:58 - 2015-11-11 17:00 - 12856832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2015-12-09 14:58 - 2015-11-11 16:44 - 00279040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2015-12-09 14:58 - 2015-11-11 16:44 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2015-12-09 14:58 - 2015-11-11 16:41 - 20366848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2015-12-09 14:58 - 2015-11-11 16:12 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2015-12-09 14:58 - 2015-11-10 01:13 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2015-12-09 14:58 - 2015-11-10 01:11 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2015-12-09 14:58 - 2015-11-10 01:08 - 02280448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2015-12-09 14:58 - 2015-11-10 01:04 - 00476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2015-12-09 14:58 - 2015-11-10 01:02 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2015-12-09 14:58 - 2015-11-10 00:46 - 04514816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2015-12-09 14:58 - 2015-11-10 00:41 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2015-12-09 14:58 - 2015-11-10 00:37 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2015-12-09 14:58 - 2015-11-10 00:36 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2015-12-09 14:58 - 2015-11-10 00:36 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2015-12-09 14:58 - 2015-11-10 00:36 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2015-12-09 14:58 - 2015-11-10 00:25 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2015-12-09 14:58 - 2015-11-10 00:17 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2015-12-09 14:58 - 2015-11-10 00:14 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2015-12-09 14:58 - 2015-11-10 00:12 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2015-12-09 14:58 - 2015-11-09 01:41 - 01540728 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2015-12-09 14:58 - 2015-11-08 23:30 - 04176384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2015-12-09 14:58 - 2015-11-08 23:15 - 02887168 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2015-12-09 14:58 - 2015-11-08 23:15 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2015-12-09 14:58 - 2015-11-08 23:04 - 05923840 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2015-12-09 14:58 - 2015-11-08 23:02 - 00615936 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2015-12-09 14:58 - 2015-11-08 23:01 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2015-12-09 14:58 - 2015-11-08 22:32 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2015-12-09 14:58 - 2015-11-08 22:32 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2015-12-09 14:58 - 2015-11-08 22:25 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2015-12-09 14:58 - 2015-11-08 22:23 - 01994752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2015-12-09 14:58 - 2015-11-08 22:18 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2015-12-09 14:58 - 2015-11-08 22:16 - 00372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2015-12-09 14:58 - 2015-11-08 22:15 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2015-12-09 14:58 - 2015-11-08 22:15 - 00718336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2015-12-09 14:58 - 2015-11-08 22:14 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2015-12-09 14:58 - 2015-11-08 22:13 - 02123264 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2015-12-09 14:58 - 2015-11-08 22:13 - 01383936 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2015-12-09 14:58 - 2015-11-08 22:01 - 01753600 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2015-12-09 14:58 - 2015-11-08 21:53 - 02880000 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2015-12-09 14:58 - 2015-11-08 21:53 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2015-12-09 14:58 - 2015-11-08 21:52 - 01559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2015-12-09 14:58 - 2015-11-08 21:48 - 01376256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2015-12-09 14:58 - 2015-11-08 21:42 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2015-12-09 14:58 - 2015-11-08 21:41 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2015-12-09 14:58 - 2015-11-08 21:30 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2015-12-09 14:58 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\kbdgeoqw.dll
2015-12-09 14:58 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZST.DLL
2015-12-09 14:58 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZEL.DLL
2015-12-09 14:58 - 2015-10-22 18:43 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDAZE.DLL
2015-12-09 14:58 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kbdgeoqw.dll
2015-12-09 14:58 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZST.DLL
2015-12-09 14:58 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZEL.DLL
2015-12-09 14:58 - 2015-10-22 17:59 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDAZE.DLL
2015-12-09 14:58 - 2015-10-22 17:21 - 01200128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2015-12-09 14:58 - 2015-10-22 17:21 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2015-12-09 14:58 - 2015-10-22 16:58 - 00868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2015-12-09 14:58 - 2015-10-22 16:58 - 00200704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GlobCollationHost.dll
2015-12-09 14:58 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\SysWOW64\locale.nls
2015-12-09 14:58 - 2015-10-22 15:08 - 00513456 _____ C:\WINDOWS\system32\locale.nls
2015-12-09 14:58 - 2015-10-10 18:20 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2015-12-09 14:58 - 2015-10-03 20:41 - 01385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2015-12-09 14:58 - 2015-10-03 20:41 - 01124384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2015-12-09 14:57 - 2015-11-20 23:47 - 00136904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2015-12-09 14:57 - 2015-11-20 19:18 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2015-12-09 14:57 - 2015-11-20 17:58 - 03706880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2015-12-09 14:57 - 2015-11-20 17:47 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2015-12-09 14:57 - 2015-11-20 17:46 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2015-12-09 14:57 - 2015-11-20 17:44 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2015-12-09 14:57 - 2015-11-20 17:44 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2015-12-09 14:57 - 2015-11-20 17:43 - 00897024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2015-12-09 14:57 - 2015-11-20 17:42 - 02243584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2015-12-09 14:57 - 2015-11-20 17:30 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2015-12-09 14:57 - 2015-11-20 17:29 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2015-12-09 14:57 - 2015-11-20 17:28 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2015-12-09 14:57 - 2015-11-20 17:27 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2015-12-09 14:57 - 2015-10-28 16:49 - 02775552 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2015-12-09 14:57 - 2015-10-28 16:29 - 02462720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2015-12-09 14:57 - 2015-10-11 07:34 - 00468824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2015-12-09 14:57 - 2015-10-11 07:34 - 00462168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2015-12-09 14:57 - 2015-10-11 07:34 - 00443224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2015-12-09 14:57 - 2015-10-11 07:34 - 00092504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2015-12-09 14:57 - 2015-10-11 07:34 - 00027992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2015-12-09 14:57 - 2015-10-10 19:41 - 00037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2015-12-09 14:57 - 2015-10-10 19:41 - 00030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbohci.sys
2015-12-09 14:57 - 2015-10-08 17:11 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2015-12-09 14:57 - 2015-10-08 16:50 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2015-12-09 14:57 - 2015-10-05 19:28 - 00146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininit.exe
2015-12-09 14:57 - 2015-10-05 19:25 - 00572928 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2015-12-04 10:56 - 2015-12-04 10:56 - 00386096 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2015-12-04 10:56 - 2015-12-04 10:56 - 00043112 _____ (AVAST Software) C:\WINDOWS\avastSS.scr
2015-12-04 10:56 - 2015-12-04 10:56 - 00000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2015-12-04 10:56 - 2015-12-04 10:56 - 00000000 ____D C:\Program Files\Common Files\AV

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-29 13:45 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2015-12-29 13:34 - 2014-01-01 20:21 - 00000000 __RDO C:\Users\Ute\SkyDrive
2015-12-28 19:04 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2015-12-28 18:59 - 2013-12-25 21:05 - 00003594 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1342390441-2180902221-2313439-1002
2015-12-28 18:32 - 2013-12-25 21:07 - 00001142 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-12-28 18:32 - 2013-12-25 21:07 - 00001142 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-12-20 16:22 - 2014-01-01 19:55 - 00000000 ____D C:\Users\Ute
2015-12-20 14:44 - 2013-12-25 21:07 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-12-20 14:43 - 2015-08-21 14:23 - 00000306 __RSH C:\ProgramData\ntuser.pol
2015-12-20 14:41 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2015-12-19 10:41 - 2013-12-25 21:13 - 00451040 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswsp.sys
2015-12-19 10:41 - 2013-12-25 21:13 - 00097648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswmonflt.sys
2015-12-18 09:55 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-18 09:54 - 2015-04-04 10:21 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-18 09:54 - 2015-04-04 10:21 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-17 13:15 - 2013-12-25 21:14 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-13 20:51 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\rescache
2015-12-13 19:22 - 2013-08-22 15:44 - 00509008 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2015-12-09 16:03 - 2013-11-09 20:07 - 00016896 _____ C:\WINDOWS\system32\VfService.trf
2015-12-09 16:03 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2015-12-09 15:13 - 2014-04-27 15:34 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-12-09 15:09 - 2013-12-25 22:04 - 140158008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2015-12-09 15:09 - 2013-12-25 22:04 - 00000000 ____D C:\WINDOWS\system32\MRT
2015-12-04 10:56 - 2014-05-05 16:20 - 00028656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2015-12-04 10:56 - 2013-12-25 21:13 - 01055560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2015-12-04 10:56 - 2013-12-25 21:13 - 00273784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2015-12-04 10:56 - 2013-12-25 21:13 - 00155304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2015-12-04 10:56 - 2013-12-25 21:13 - 00093528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2015-12-04 10:56 - 2013-12-25 21:13 - 00065224 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2015-12-01 18:19 - 2015-11-12 10:57 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-01 18:19 - 2015-11-12 10:57 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2015-12-20 14:51 - 2015-12-20 14:51 - 0007613 _____ () C:\Users\Ute\AppData\Local\Resmon.ResmonCfg
2013-11-09 19:48 - 2013-11-09 19:48 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-08-21 14:21 - 2015-08-21 14:21 - 0000124 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Einige Dateien in TEMP:
====================
C:\Users\Ute\AppData\Local\Temp\FileSystemView.dll
C:\Users\Ute\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Ute\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Ute\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Ute\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Ute\AppData\Local\Temp\jre-8u51-windows-au.exe
C:\Users\Ute\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\Ute\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Ute\AppData\Local\Temp\ose00000.exe
C:\Users\Ute\AppData\Local\Temp\setup.exe
C:\Users\Ute\AppData\Local\Temp\uninstall.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\WINDOWS\system32\winlogon.exe => Datei ist digital signiert
C:\WINDOWS\system32\wininit.exe => Datei ist digital signiert
C:\WINDOWS\explorer.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\explorer.exe => Datei ist digital signiert
C:\WINDOWS\system32\svchost.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\svchost.exe => Datei ist digital signiert
C:\WINDOWS\system32\services.exe => Datei ist digital signiert
C:\WINDOWS\system32\User32.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\User32.dll => Datei ist digital signiert
C:\WINDOWS\system32\userinit.exe => Datei ist digital signiert
C:\WINDOWS\SysWOW64\userinit.exe => Datei ist digital signiert
C:\WINDOWS\system32\rpcss.dll => Datei ist digital signiert
C:\WINDOWS\system32\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\WINDOWS\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-28 18:59

==================== Ende von FRST.txt ============================
         
--- --- ---FRST Additions Logfile:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:28-12-2015
durchgeführt von Ute (2015-12-29 13:50:18)
Gestartet von C:\Users\Ute\Downloads
Windows 8.1 (X64) (2014-01-01 19:18:39)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1342390441-2180902221-2313439-500 - Administrator - Disabled)
Gast (S-1-5-21-1342390441-2180902221-2313439-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1342390441-2180902221-2313439-1006 - Limited - Enabled)
Ute (S-1-5-21-1342390441-2180902221-2313439-1002 - Administrator - Enabled) => C:\Users\Ute

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.226 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.13) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\AmUStor) (Version: 3.1.1245.72250 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 3.1.1245.72250 - Alcor Micro Corp.) Hidden
Apple Application Support (32-Bit) (HKLM-x32\...\{AFA1153A-F547-409B-B837-3A0D6C5A3FEC}) (Version: 3.1.3 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{D7B824DE-DA32-4772-9E5E-39C5158136A7}) (Version: 3.1.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{C4123106-B685-48E6-B9BD-E4F911841EB4}) (Version: 8.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 11.1.2245 - AVAST Software)
Benutzerhandbuch (x32 Version: 1.0.0.15 - Lenovo) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon Easy-WebPrint EX (HKLM-x32\...\Easy-WebPrint EX) (Version: 1.4.0.0 - Canon Inc.)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - Canon Inc.)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.2.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - Canon Inc.)
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: 1.3.0 - Canon Inc.)
Canon MX920 series Benutzerregistrierung (HKLM-x32\...\Canon MX920 series Benutzerregistrierung) (Version:  - *Canon Inc.)
Canon MX920 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX920_series) (Version: 1.00 - Canon Inc.)
Canon MX920 series On-screen Manual (HKLM-x32\...\Canon MX920 series On-screen Manual) (Version: 7.6.0 - Canon Inc.)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.1.0 - Canon Inc.)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Delicious Promo (HKLM-x32\...\8b567f6f25e6a3d6abf028aeb1d36a31) (Version:  - Zylom)
DNSBlock (HKLM\...\{7b5da7f5-de7d-4e00-b330-a2e08e460095}) (Version: 1.0.0 - NETNS GMBH)
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.0.28 - Lenovo)
Energy Manager (x32 Version: 1.0.0.28 - Lenovo) Hidden
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6486.0 - IDT)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33057) (Version: 3.6.1.33057.10 - Intel)
Intel Collaborative Processor Performance Control (HKLM-x32\...\0E7DAF70-FB54-4B91-B192-7E771C25AEEB) (Version: 1.0.0.1010 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.0.10.1372 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3379 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
iTunes (HKLM\...\{93F2A022-6C37-48B8-B241-FFABD9F60C30}) (Version: 12.1.2.27 - Apple Inc.)
Java 8 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418060F0}) (Version: 8.0.600.27 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.7000 - Broadcom Corporation)
Lenovo EasyCamera (HKLM-x32\...\{ADE16A9D-FBDC-4ecc-B6BD-9C31E51D0332}) (Version: 3.13.531.1 - Vimicro)
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.1219 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.1219 - CyberLink Corp.) Hidden
Lenovo Photos (HKLM-x32\...\Lenovo Photos) (Version: 4.8.5 - CEWE COLOR AG u Co. OHG)
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5108.52 - CyberLink Corp.)
Lenovo PowerDVD10 (x32 Version: 10.0.5108.52 - CyberLink Corp.) Hidden
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 4.1.3423 - CyberLink Corp.)
Lenovo YouCam (x32 Version: 4.1.3423 - CyberLink Corp.) Hidden
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.75 - Lenovo)
Mahjongg Fortuna (HKLM-x32\...\b78c8d913ae136387442e0609b8898e4) (Version:  - Zylom)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 43.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 de)) (Version: 43.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla)
Nitro Pro 8 (HKLM\...\{34BE77EE-B563-49D7-A8A0-FFD76D29BBD3}) (Version: 8.0.10.7 - Nitro)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Grafiktreiber 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Onekey Theater (HKLM-x32\...\{91CC5BAE-A098-40D3-A43B-C0DC7CE263FE}) (Version: 3.0.1.2 - Lenovo)
Online Games Manager v1.30 (HKLM-x32\...\Online Games Manager) (Version: 1.30.14 - Real Networks, Inc.)
OpenOffice 4.0.1 (HKLM-x32\...\{0AEC308E-7EB3-47F7-BB59-F2C9C6166B27}) (Version: 4.01.9714 - Apache Software Foundation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.9109 - CyberLink Corp.)
Qualcomm Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.16 - Qualcomm Atheros Communications Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
SugarSync Manager (HKLM-x32\...\SugarSync) (Version: 1.9.61.90905 - SugarSync, Inc.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.10.7 - Synaptics Incorporated)
Unity Web Player (HKU\S-1-5-21-1342390441-2180902221-2313439-1002\...\UnityWebPlayer) (Version: 4.6.2f1 - Unity Technologies ApS)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
Windows-Treiberpaket - Lenovo (ACPIVPC) System  (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows-Treiberpaket - Lenovo (WUDFRd) LenovoVhid  (06/19/2012 10.13.29.733) (HKLM\...\8A223E56FB1ED4F697B54E5BF96F1EB63B512684) (Version: 06/19/2012 10.13.29.733 - Lenovo)
WinRAR 5.21 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version:  - Zylom Games)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {0C6585FD-5B5F-458D-97C0-B3B055B5CF59} - System32\Tasks\Dolby Selector => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [2012-08-31] (Dolby Laboratories Inc.)
Task: {5BE2F97E-2AC2-486A-822F-E2A0FCB1CB7B} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {8927B61E-C7C8-4C4B-A93A-1A3DD1A6F0AB} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-16] (AVAST Software)
Task: {93A8D007-7AEC-4C57-AE4A-888BCACB5805} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {A9C4F009-407E-4EEC-9BCC-272944E53F1E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {D60429FC-22A0-46AC-9A0A-7CE0E298F08A} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-12-04] (AVAST Software)
Task: {FEDB9DBF-224A-45F1-8330-C9244DBE4A36} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2015-12-09] (Microsoft Corporation)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2015-02-13 04:20 - 2015-02-13 04:20 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-02-13 04:20 - 2015-02-13 04:20 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-05-28 16:55 - 2013-05-28 16:55 - 00049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-08-21 14:21 - 2015-10-29 13:09 - 00149024 _____ () C:\WINDOWS\system32\DnsBlockUpdateSvc.exe
2013-11-09 20:07 - 2013-11-09 20:07 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2013-11-09 20:07 - 2013-11-09 20:07 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2013-09-05 02:36 - 2013-09-05 02:36 - 00013088 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-12-04 10:56 - 2015-12-04 10:56 - 00103888 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-12-04 10:56 - 2015-12-04 10:56 - 00125512 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-12-20 11:36 - 2015-12-20 11:36 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15121901\algo.dll
2015-12-04 10:56 - 2015-12-04 10:56 - 00469008 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2015-12-20 14:41 - 2015-12-20 14:41 - 02805760 _____ () C:\Program Files\AVAST Software\Avast\defs\15122000\algo.dll
2015-12-29 13:36 - 2015-12-29 13:36 - 02806272 _____ () C:\Program Files\AVAST Software\Avast\defs\15122900\algo.dll
2013-11-09 19:46 - 2013-05-17 00:06 - 01199576 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00891392 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtNetwork4.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 02281984 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtCore4.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00016896 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\featureController.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\osEvents.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00322048 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\log4cplus.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00339456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\QtXml4.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00400384 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\sqlite3.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00195584 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\libgsoap.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00062464 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\zlib1.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00446976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\deviceProfile.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00019456 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\eventsSender.dll
2013-11-09 20:08 - 2012-07-12 13:59 - 00062976 _____ () C:\Program Files (x86)\Intel\IntelAppStore\bin\serviceManagerStarter.dll
2015-12-04 10:56 - 2015-12-04 10:56 - 40539648 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)

AlternateDataStreams: C:\WINDOWS\system32\DnsBlockUpdateSvc.exe:IID

==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1342390441-2180902221-2313439-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Ute\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img7.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)


==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{7C3C67F9-F688-41FA-A2BF-920CFDD18357}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{2EF3B547-8950-4C07-AF34-F97317911BB4}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Block) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [UDP Query User{E0305A55-C17B-4DE8-BEA0-EC7D33A7EC8B}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [TCP Query User{5DD7A675-C028-4113-B652-D52039C1727F}C:\program files (x86)\intel\intelappstore\bin\ismagent.exe] => (Allow) C:\program files (x86)\intel\intelappstore\bin\ismagent.exe
FirewallRules: [{DDA7A213-F071-4054-9DAE-24FD6EFD9D6D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{A07E3B77-D279-4A88-93E9-0B7BD44B6CF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D706E223-E298-4F3D-8742-7300D62FDDEB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{D46ED2FD-5916-4D2E-9643-D7B23D423FDF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{0B40F828-D126-4E5F-AC30-7E237C8EDD40}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{A46A8DCD-9E87-4BC6-A899-F1078149415B}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{82933C2D-F27E-4ADA-A32A-E2A2DAEFA924}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{DC18F26C-9DC3-4DF7-AC99-0DC18B986BA4}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{81D8ECC9-2033-4366-85BD-485A4FA7BCC3}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{03C083D2-9058-4DB6-A3C5-400DFE83BFD8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{BE6B48F6-3F5A-4333-ACB2-32C4877DB795}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6394A6BA-CB7A-412D-9CCB-1310339C5269}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{78B69576-6C39-49B6-8EA6-69FFD33CEC87}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{274DC38C-078E-42E3-A834-222364FA1F6D}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{D63C4F5C-03FD-4598-8818-92991D93A902}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{8B1E1F02-90A7-47A2-9F7F-0A6A2C6AAB48}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{60DBE616-BB2F-47E4-B2B5-17E5A64E7632}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{DF67E14D-CAB8-4406-AF33-D0570D2540C8}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{EF6EEB42-BA83-4354-A566-98E5ED3FCD0B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C58FB6CA-1B82-48E6-834B-CD048724FF62}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{C582ADC1-EAC6-497D-BE15-E9BBD7AE2C37}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{70320CC8-BCD3-4169-8388-F79083FBB1BC}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{97A2CF5F-C64C-4ACB-94BC-4CEE4A4CEADF}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{1D724BAE-FE89-4FE0-8BFD-1195CABC584F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{810AB5B1-998E-405C-B9F9-CAD9D8AD7937}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Wiederherstellungspunkte =========================

09-12-2015 15:06:12 Windows Update
17-12-2015 12:56:06 Geplanter Prüfpunkt
28-12-2015 19:25:43 Geplanter Prüfpunkt

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Description: Unbekanntes USB-Gerät (Fehler beim Anfordern einer Gerätebeschreibung.)
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard-USB-Hostcontroller)
Service: 
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/28/2015 08:47:54 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (12/20/2015 02:37:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:56 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:51 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:46 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:41 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:36 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:31 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:25 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]

Error: (12/20/2015 02:36:20 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to kill already running streamer. [5]


Systemfehler:
=============
Error: (12/28/2015 08:36:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NitroPDFDriverCreatorReadSpool8" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/28/2015 06:28:56 PM) (Source: Schannel) (EventID: 4119) (User: NT-AUTORITÄT)
Description: Es wurde eine schwerwiegende Warnung vom Remoteendpunkt empfangen. Die schwerwiegende Warnung hat folgenden für das TLS-Protokoll definierten Code: 20.

Error: (12/20/2015 02:41:27 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "VBoxAsw Support Driver" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (12/20/2015 02:41:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am ‎20.‎12.‎2015 um 14:35:42 unerwartet heruntergefahren.

Error: (12/20/2015 12:57:15 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/20/2015 12:57:09 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/20/2015 12:57:02 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/20/2015 12:56:56 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/20/2015 12:56:49 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.

Error: (12/20/2015 12:56:43 PM) (Source: cdrom) (EventID: 7) (User: )
Description: Fehlerhafter Block bei Gerät \Device\CdRom0.


CodeIntegrity:
===================================
  Date: 2015-08-29 14:06:01.523
  Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM) i7-4700MQ CPU @ 2.40GHz
Prozentuale Nutzung des RAM: 28%
Installierter physikalischer RAM: 8104.27 MB
Verfügbarer physikalischer RAM: 5805.73 MB
Summe virtueller Speicher: 16296.27 MB
Verfügbarer virtueller Speicher: 13701.17 MB

==================== Laufwerke ================================

Drive c: (Windows8_OS) (Fixed) (Total:891.21 GB) (Free:747.84 GB) NTFS ==>[System mit Startkomponenten (eingeholt von Laufwerk)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.95 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 546BCE10)

Partition: GPT.

==================== Ende von Addition.txt ============================
         
--- --- ---
__________________

Alt 29.12.2015, 15:19   #4
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Avast screen-shot



Hier ist auch nochmal der Screenshot des Avast-Virencontainers. Vorhin bin ich leider unterbrochen worden, deshalb musste ich den Post splitten. Sorry
Miniaturansicht angehängter Grafiken
avast meldet rootkit in .../SysWOW64-Ordner-avast_scree.jpg  

Alt 29.12.2015, 22:13   #5
Bootsektor
/// TB-Ausbilder
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner



Hallo,

danke. Ich seh erstmal nur Adware aber die Datei ist vom Namen schon sehr ungewöhnlich, dem möchte ich nachgehen.

Bitte stelle die Datei aus der Quarantäne von Avast wieder her
(Folge dieser Anleitung Punkt: Dateien aus dem Viruscontainer extrahieren und verschiebe auf deinen Desktop, bitte schalte AVAST dazu aus, sonst killt es sie wahrscheinlich gleich wieder. )

und lade sie zu Virustotal hoch.

Schritt 1
Bitte lasse die Datei aus der Code-Box bei Virustotal überprüfen.
  • Klicke auf Wählen Sie eine
  • Kopiere nun folgendes in die Suchleiste
    Code:
    ATTFilter
    C:\Users\Ute\Desktop\scanseuting.dll
             
  • und klicke auf Öffnen.
  • Klicke auf Scannen!.
  • Warte bitte bis die Datei vollständig hochgeladen wurde. Solltest Du folgende Meldung bekommen
    Zitat:
    Diese Datei wurde bereits von VirusTotal analysiert...
    klicke auf Neu analysieren.
  • Warte bis dir das Analysedatum angezeigt wird und der Scan abgeschlossen ist.
  • Kopiere den Link aus deiner Adresszeile und poste ihn hier.

Und bitte demnächst auch die Tools direkt auf den Desktop speichern und von dort aus starten. Danke.


Alt 01.01.2016, 16:16   #6
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Analyse Virustotal



Hallo und ein fohes neues Jahr!
Hier ist der Link zur Analyse bei Virustotal:

https://www.virustotal.com/de/file/327b36c8718224e596a033275166b4342840ed6901bcda280fb02f1566b8ad91/analysis/1451658325/

Alt 01.01.2016, 21:36   #7
Bootsektor
/// TB-Ausbilder
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner



Ja,

dann graben wir da nochmal hinterher (um ganz sicherzugehen)


Schritt 1
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.


Schritt 2
Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Alt 02.01.2016, 18:13   #8
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Report TDSSKiller



Ok, ohne langes Vorwort der Report:

Code:
ATTFilter
17:58:14.0231 0x10c8  TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
17:58:14.0231 0x10c8  UEFI system
17:58:17.0315 0x10c8  ============================================================
17:58:17.0315 0x10c8  Current date / time: 2016/01/02 17:58:17.0315
17:58:17.0315 0x10c8  SystemInfo:
17:58:17.0315 0x10c8  
17:58:17.0315 0x10c8  OS Version: 6.3.9600 ServicePack: 0.0
17:58:17.0315 0x10c8  Product type: Workstation
17:58:17.0315 0x10c8  ComputerName: UTE2
17:58:17.0315 0x10c8  UserName: Ute
17:58:17.0315 0x10c8  Windows directory: C:\WINDOWS
17:58:17.0315 0x10c8  System windows directory: C:\WINDOWS
17:58:17.0315 0x10c8  Running under WOW64
17:58:17.0315 0x10c8  Processor architecture: Intel x64
17:58:17.0315 0x10c8  Number of processors: 8
17:58:17.0315 0x10c8  Page size: 0x1000
17:58:17.0315 0x10c8  Boot type: Normal boot
17:58:17.0315 0x10c8  ============================================================
17:58:17.0878 0x10c8  KLMD registered as C:\WINDOWS\system32\drivers\23569273.sys
17:58:17.0988 0x10c8  System UUID: {F63A13BB-E0C1-794F-E6B0-A79897CD9B70}
17:58:18.0285 0x10c8  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:58:18.0285 0x10c8  ============================================================
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0:
17:58:18.0285 0x10c8  GPT partitions:
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {4F9ED45C-3D77-421D-BA89-7B82E44FB3FE}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {94B7A645-5C03-4CA1-8DAA-65D1C3113954}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {6CF9CE37-5371-474C-A1AF-2A649FCBDF47}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {A78A4FCE-7D0E-4CB2-9E09-266A87CF725B}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {9E3B4081-4EB3-4DDD-BE40-8E5AFE49BBB3}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x6F66A800
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {64712B7D-60ED-4AB3-9AD7-61E6FCBBCE12}, Name: , StartLBA 0x6FB15000, BlocksNum 0xAF000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {1DA1CEB5-0B42-49A2-9A76-CF35BDD435A3}, Name: Basic data partition, StartLBA 0x6FBC4000, BlocksNum 0x3200000
17:58:18.0285 0x10c8  \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {206838B2-477B-448A-8B1A-67B63144AB84}, Name: Basic data partition, StartLBA 0x72DC4000, BlocksNum 0x1942800
17:58:18.0285 0x10c8  MBR partitions:
17:58:18.0285 0x10c8  ============================================================
17:58:18.0316 0x10c8  C: <-> \Device\Harddisk0\DR0\Partition5
17:58:18.0347 0x10c8  D: <-> \Device\Harddisk0\DR0\Partition7
17:58:18.0347 0x10c8  ============================================================
17:58:18.0347 0x10c8  Initialize success
17:58:18.0347 0x10c8  ============================================================
17:58:20.0476 0x1688  ============================================================
17:58:20.0476 0x1688  Scan started
17:58:20.0476 0x1688  Mode: Manual; 
17:58:20.0476 0x1688  ============================================================
17:58:20.0476 0x1688  KSN ping started
17:58:22.0930 0x1688  KSN ping finished: true
17:58:25.0087 0x1688  ================ Scan system memory ========================
17:58:25.0087 0x1688  System memory - ok
17:58:25.0087 0x1688  ================ Scan services =============================
17:58:25.0243 0x1688  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
17:58:25.0259 0x1688  1394ohci - ok
17:58:25.0274 0x1688  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
17:58:25.0274 0x1688  3ware - ok
17:58:25.0321 0x1688  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
17:58:25.0321 0x1688  ACPI - ok
17:58:25.0337 0x1688  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
17:58:25.0337 0x1688  acpiex - ok
17:58:25.0352 0x1688  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
17:58:25.0352 0x1688  acpipagr - ok
17:58:25.0368 0x1688  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
17:58:25.0368 0x1688  AcpiPmi - ok
17:58:25.0384 0x1688  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
17:58:25.0384 0x1688  acpitime - ok
17:58:25.0415 0x1688  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
17:58:25.0415 0x1688  ACPIVPC - ok
17:58:25.0493 0x1688  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:58:25.0509 0x1688  AdobeARMservice - ok
17:58:25.0571 0x1688  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
17:58:25.0587 0x1688  ADP80XX - ok
17:58:25.0602 0x1688  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
17:58:25.0602 0x1688  AeLookupSvc - ok
17:58:25.0649 0x1688  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
17:58:25.0649 0x1688  AFD - ok
17:58:25.0665 0x1688  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
17:58:25.0665 0x1688  agp440 - ok
17:58:25.0681 0x1688  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
17:58:25.0696 0x1688  ahcache - ok
17:58:25.0712 0x1688  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
17:58:25.0727 0x1688  ALG - ok
17:58:25.0743 0x1688  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
17:58:25.0743 0x1688  AmdK8 - ok
17:58:25.0759 0x1688  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
17:58:25.0759 0x1688  AmdPPM - ok
17:58:25.0774 0x1688  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
17:58:25.0774 0x1688  amdsata - ok
17:58:25.0790 0x1688  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
17:58:25.0790 0x1688  amdsbs - ok
17:58:25.0806 0x1688  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
17:58:25.0806 0x1688  amdxata - ok
17:58:25.0821 0x1688  [ 7D676814DE129391D423F3D97F590414, F72ECCC2D80F6E2144B88D232E74DD17C7E9FEBB476A289759C7FF041C6E47B3 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
17:58:25.0821 0x1688  AmUStor - ok
17:58:25.0852 0x1688  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
17:58:25.0852 0x1688  AppID - ok
17:58:25.0868 0x1688  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
17:58:25.0884 0x1688  AppIDSvc - ok
17:58:25.0899 0x1688  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
17:58:25.0915 0x1688  Appinfo - ok
17:58:25.0977 0x1688  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:58:25.0977 0x1688  Apple Mobile Device Service - ok
17:58:26.0024 0x1688  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
17:58:26.0024 0x1688  AppReadiness - ok
17:58:26.0087 0x1688  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
17:58:26.0102 0x1688  AppXSvc - ok
17:58:26.0118 0x1688  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
17:58:26.0134 0x1688  arcsas - ok
17:58:26.0149 0x1688  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
17:58:26.0149 0x1688  aswHwid - ok
17:58:26.0165 0x1688  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
17:58:26.0181 0x1688  aswMonFlt - ok
17:58:26.0181 0x1688  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
17:58:26.0181 0x1688  aswRdr - ok
17:58:26.0212 0x1688  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
17:58:26.0212 0x1688  aswRvrt - ok
17:58:26.0243 0x1688  [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
17:58:26.0259 0x1688  aswSnx - ok
17:58:26.0290 0x1688  [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
17:58:26.0290 0x1688  aswSP - ok
17:58:26.0306 0x1688  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
17:58:26.0306 0x1688  aswStm - ok
17:58:26.0321 0x1688  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
17:58:26.0321 0x1688  aswVmm - ok
17:58:26.0352 0x1688  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
17:58:26.0352 0x1688  atapi - ok
17:58:26.0384 0x1688  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
17:58:26.0384 0x1688  AudioEndpointBuilder - ok
17:58:26.0418 0x1688  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
17:58:26.0449 0x1688  Audiosrv - ok
17:58:26.0496 0x1688  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:58:26.0512 0x1688  avast! Antivirus - ok
17:58:26.0559 0x1688  AvastVBoxSvc - ok
17:58:26.0590 0x1688  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
17:58:26.0606 0x1688  AxInstSV - ok
17:58:26.0653 0x1688  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
17:58:26.0668 0x1688  b06bdrv - ok
17:58:26.0699 0x1688  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
17:58:26.0699 0x1688  BasicDisplay - ok
17:58:26.0746 0x1688  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
17:58:26.0746 0x1688  BasicRender - ok
17:58:26.0778 0x1688  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
17:58:26.0778 0x1688  bcbtums - ok
17:58:26.0996 0x1688  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
17:58:27.0106 0x1688  BCM43XX - ok
17:58:27.0215 0x1688  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
17:58:27.0246 0x1688  BcmBtRSupport - ok
17:58:27.0262 0x1688  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
17:58:27.0262 0x1688  bcmfn2 - ok
17:58:27.0293 0x1688  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
17:58:27.0309 0x1688  BDESVC - ok
17:58:27.0340 0x1688  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
17:58:27.0340 0x1688  Beep - ok
17:58:27.0434 0x1688  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
17:58:27.0449 0x1688  BFE - ok
17:58:27.0496 0x1688  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
17:58:27.0512 0x1688  BITS - ok
17:58:27.0543 0x1688  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:58:27.0559 0x1688  Bonjour Service - ok
17:58:27.0559 0x1688  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
17:58:27.0574 0x1688  bowser - ok
17:58:27.0606 0x1688  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
17:58:27.0606 0x1688  BrokerInfrastructure - ok
17:58:27.0637 0x1688  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
17:58:27.0637 0x1688  Browser - ok
17:58:27.0668 0x1688  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
17:58:27.0668 0x1688  BthAvrcpTg - ok
17:58:27.0699 0x1688  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
17:58:27.0699 0x1688  BthEnum - ok
17:58:27.0731 0x1688  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
17:58:27.0731 0x1688  BthHFEnum - ok
17:58:27.0746 0x1688  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
17:58:27.0746 0x1688  bthhfhid - ok
17:58:27.0778 0x1688  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
17:58:27.0793 0x1688  BthHFSrv - ok
17:58:27.0840 0x1688  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
17:58:27.0856 0x1688  BthLEEnum - ok
17:58:27.0872 0x1688  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
17:58:27.0887 0x1688  BTHMODEM - ok
17:58:27.0918 0x1688  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
17:58:27.0918 0x1688  BthPan - ok
17:58:27.0996 0x1688  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
17:58:28.0028 0x1688  BTHPORT - ok
17:58:28.0043 0x1688  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
17:58:28.0043 0x1688  bthserv - ok
17:58:28.0106 0x1688  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
17:58:28.0106 0x1688  BTHUSB - ok
17:58:28.0137 0x1688  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
17:58:28.0153 0x1688  btwampfl - ok
17:58:28.0200 0x1688  [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys
17:58:28.0200 0x1688  btwaudio - ok
17:58:28.0215 0x1688  [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys
17:58:28.0231 0x1688  btwavdt - ok
17:58:28.0278 0x1688  [ 0CEB5F3E31011245D5E656E86082A6FB, 68FC17271D56EDA73B3F610BDD60905B4060150E3B6C7F8FF0DF6183A7018E31 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
17:58:28.0325 0x1688  btwdins - ok
17:58:28.0340 0x1688  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
17:58:28.0340 0x1688  btwl2cap - ok
17:58:28.0356 0x1688  [ 1D1591BB5356D4160C15F754886EEE98, 1DEF03F2B716026166047D83150C285561E159A26B15A38161368074A178E4ED ] btwpanfl        C:\WINDOWS\system32\drivers\btwpanfl.sys
17:58:28.0371 0x1688  btwpanfl - ok
17:58:28.0387 0x1688  [ B4327CB4CE628C9CA6C7F479BCF0D40A, F369070D443393037AE18BADA21DA55A2CF087192F83BE7F25D84F58B52564DD ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys
17:58:28.0387 0x1688  btwrchid - ok
17:58:28.0418 0x1688  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
17:58:28.0418 0x1688  cdfs - ok
17:58:28.0450 0x1688  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
17:58:28.0450 0x1688  cdrom - ok
17:58:28.0481 0x1688  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
17:58:28.0496 0x1688  CertPropSvc - ok
17:58:28.0528 0x1688  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
17:58:28.0528 0x1688  circlass - ok
17:58:28.0575 0x1688  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
17:58:28.0590 0x1688  CLFS - ok
17:58:28.0606 0x1688  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
17:58:28.0606 0x1688  CmBatt - ok
17:58:28.0653 0x1688  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
17:58:28.0668 0x1688  CNG - ok
17:58:28.0684 0x1688  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
17:58:28.0684 0x1688  CompositeBus - ok
17:58:28.0684 0x1688  COMSysApp - ok
17:58:28.0715 0x1688  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
17:58:28.0715 0x1688  condrv - ok
17:58:28.0779 0x1688  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
17:58:28.0795 0x1688  cphs - ok
17:58:28.0826 0x1688  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
17:58:28.0826 0x1688  CryptSvc - ok
17:58:28.0857 0x1688  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
17:58:28.0857 0x1688  dam - ok
17:58:28.0904 0x1688  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
17:58:28.0920 0x1688  DcomLaunch - ok
17:58:28.0951 0x1688  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
17:58:28.0966 0x1688  defragsvc - ok
17:58:28.0998 0x1688  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
17:58:28.0998 0x1688  DeviceAssociationService - ok
17:58:29.0029 0x1688  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
17:58:29.0029 0x1688  DeviceInstall - ok
17:58:29.0060 0x1688  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
17:58:29.0060 0x1688  Dfsc - ok
17:58:29.0091 0x1688  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
17:58:29.0091 0x1688  Dhcp - ok
17:58:29.0154 0x1688  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
17:58:29.0170 0x1688  DiagTrack - ok
17:58:29.0201 0x1688  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
17:58:29.0201 0x1688  disk - ok
17:58:29.0217 0x1688  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
17:58:29.0217 0x1688  dmvsc - ok
17:58:29.0248 0x1688  [ C480411B9883DB284D98F12C512BF009, A049ADB276A5451A5CAA5F3C46F109D2C40FC9690A23E0ABD79A50CFF10F95A2 ] DnsBlockUpdateSvc C:\WINDOWS\system32\DnsBlockUpdateSvc.exe
17:58:29.0248 0x1688  DnsBlockUpdateSvc - ok
17:58:29.0279 0x1688  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
17:58:29.0295 0x1688  Dnscache - ok
17:58:29.0326 0x1688  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
17:58:29.0342 0x1688  dot3svc - ok
17:58:29.0357 0x1688  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
17:58:29.0373 0x1688  DPS - ok
17:58:29.0388 0x1688  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
17:58:29.0388 0x1688  drmkaud - ok
17:58:29.0435 0x1688  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
17:58:29.0435 0x1688  DsmSvc - ok
17:58:29.0467 0x1688  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
17:58:29.0482 0x1688  dtsoftbus01 - ok
17:58:29.0576 0x1688  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
17:58:29.0592 0x1688  DXGKrnl - ok
17:58:29.0607 0x1688  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
17:58:29.0623 0x1688  Eaphost - ok
17:58:29.0763 0x1688  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
17:58:29.0810 0x1688  ebdrv - ok
17:58:29.0826 0x1688  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
17:58:29.0826 0x1688  EFS - ok
17:58:29.0842 0x1688  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
17:58:29.0842 0x1688  EhStorClass - ok
17:58:29.0876 0x1688  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
17:58:29.0876 0x1688  EhStorTcgDrv - ok
17:58:29.0885 0x1688  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
17:58:29.0885 0x1688  ErrDev - ok
17:58:29.0918 0x1688  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
17:58:29.0933 0x1688  EventSystem - ok
17:58:29.0949 0x1688  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
17:58:29.0949 0x1688  exfat - ok
17:58:29.0965 0x1688  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
17:58:29.0965 0x1688  fastfat - ok
17:58:30.0027 0x1688  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
17:58:30.0043 0x1688  Fax - ok
17:58:30.0043 0x1688  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
17:58:30.0043 0x1688  fdc - ok
17:58:30.0058 0x1688  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
17:58:30.0058 0x1688  fdPHost - ok
17:58:30.0074 0x1688  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
17:58:30.0090 0x1688  FDResPub - ok
17:58:30.0121 0x1688  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
17:58:30.0121 0x1688  fhsvc - ok
17:58:30.0152 0x1688  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
17:58:30.0152 0x1688  FileInfo - ok
17:58:30.0168 0x1688  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
17:58:30.0168 0x1688  Filetrace - ok
17:58:30.0183 0x1688  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
17:58:30.0183 0x1688  flpydisk - ok
17:58:30.0215 0x1688  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
17:58:30.0215 0x1688  FltMgr - ok
17:58:30.0277 0x1688  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
17:58:30.0308 0x1688  FontCache - ok
17:58:30.0402 0x1688  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:58:30.0402 0x1688  FontCache3.0.0.0 - ok
17:58:30.0433 0x1688  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
17:58:30.0449 0x1688  FsDepends - ok
17:58:30.0480 0x1688  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
17:58:30.0480 0x1688  Fs_Rec - ok
17:58:30.0574 0x1688  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
17:58:30.0590 0x1688  fvevol - ok
17:58:30.0621 0x1688  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
17:58:30.0621 0x1688  FxPPM - ok
17:58:30.0652 0x1688  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
17:58:30.0652 0x1688  gagp30kx - ok
17:58:30.0699 0x1688  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
17:58:30.0699 0x1688  GEARAspiWDM - ok
17:58:30.0730 0x1688  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
17:58:30.0730 0x1688  gencounter - ok
17:58:30.0777 0x1688  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
17:58:30.0793 0x1688  GPIOClx0101 - ok
17:58:30.0871 0x1688  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
17:58:30.0902 0x1688  gpsvc - ok
17:58:30.0933 0x1688  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
17:58:30.0933 0x1688  HDAudBus - ok
17:58:30.0965 0x1688  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
17:58:30.0965 0x1688  HidBatt - ok
17:58:30.0996 0x1688  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
17:58:30.0996 0x1688  HidBth - ok
17:58:31.0011 0x1688  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
17:58:31.0011 0x1688  hidi2c - ok
17:58:31.0043 0x1688  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
17:58:31.0043 0x1688  HidIr - ok
17:58:31.0058 0x1688  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
17:58:31.0074 0x1688  hidserv - ok
17:58:31.0105 0x1688  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
17:58:31.0105 0x1688  HidUsb - ok
17:58:31.0121 0x1688  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
17:58:31.0136 0x1688  hkmsvc - ok
17:58:31.0168 0x1688  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
17:58:31.0168 0x1688  HomeGroupListener - ok
17:58:31.0215 0x1688  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
17:58:31.0230 0x1688  HomeGroupProvider - ok
17:58:31.0246 0x1688  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
17:58:31.0246 0x1688  HpSAMD - ok
17:58:31.0293 0x1688  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
17:58:31.0308 0x1688  HTTP - ok
17:58:31.0340 0x1688  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
17:58:31.0340 0x1688  hwpolicy - ok
17:58:31.0355 0x1688  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
17:58:31.0355 0x1688  hyperkbd - ok
17:58:31.0371 0x1688  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
17:58:31.0371 0x1688  HyperVideo - ok
17:58:31.0387 0x1688  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
17:58:31.0402 0x1688  i8042prt - ok
17:58:31.0418 0x1688  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
17:58:31.0418 0x1688  iaLPSSi_GPIO - ok
17:58:31.0434 0x1688  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
17:58:31.0434 0x1688  iaLPSSi_I2C - ok
17:58:31.0465 0x1688  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
17:58:31.0480 0x1688  iaStorA - ok
17:58:31.0543 0x1688  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
17:58:31.0543 0x1688  iaStorAV - ok
17:58:31.0637 0x1688  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
17:58:31.0637 0x1688  IAStorDataMgrSvc - ok
17:58:31.0699 0x1688  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
17:58:31.0715 0x1688  iaStorV - ok
17:58:31.0715 0x1688  IEEtwCollectorService - ok
17:58:31.0855 0x1688  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
17:58:31.0918 0x1688  igfx - ok
17:58:31.0980 0x1688  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
17:58:32.0012 0x1688  IKEEXT - ok
17:58:32.0027 0x1688  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
17:58:32.0027 0x1688  intaud_WaveExtensible - ok
17:58:32.0121 0x1688  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
17:58:32.0137 0x1688  Intel(R) Capability Licensing Service Interface - ok
17:58:32.0168 0x1688  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
17:58:32.0170 0x1688  Intel(R) Capability Licensing Service TCP IP Interface - ok
17:58:32.0202 0x1688  [ 0DA6BAF6CF50F4F0A04334BF0DCF6C9A, DA78102C133D8978942BE8236F34B690F6F15068C2ADF1F18E26D7D5FBAD8B05 ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
17:58:32.0202 0x1688  IntelHSWPcc - ok
17:58:32.0217 0x1688  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
17:58:32.0217 0x1688  intelide - ok
17:58:32.0233 0x1688  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
17:58:32.0233 0x1688  intelpep - ok
17:58:32.0248 0x1688  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
17:58:32.0248 0x1688  intelppm - ok
17:58:32.0280 0x1688  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
17:58:32.0280 0x1688  IpFilterDriver - ok
17:58:32.0327 0x1688  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
17:58:32.0327 0x1688  iphlpsvc - ok
17:58:32.0358 0x1688  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
17:58:32.0358 0x1688  IPMIDRV - ok
17:58:32.0389 0x1688  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
17:58:32.0389 0x1688  IPNAT - ok
17:58:32.0420 0x1688  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:58:32.0420 0x1688  iPod Service - ok
17:58:32.0436 0x1688  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
17:58:32.0436 0x1688  IRENUM - ok
17:58:32.0467 0x1688  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
17:58:32.0467 0x1688  isapnp - ok
17:58:32.0498 0x1688  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
17:58:32.0498 0x1688  iScsiPrt - ok
17:58:32.0530 0x1688  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
17:58:32.0530 0x1688  iwdbus - ok
17:58:32.0655 0x1688  [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
17:58:32.0655 0x1688  jhi_service - ok
17:58:32.0686 0x1688  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
17:58:32.0686 0x1688  kbdclass - ok
17:58:32.0702 0x1688  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
17:58:32.0702 0x1688  kbdhid - ok
17:58:32.0717 0x1688  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
17:58:32.0717 0x1688  kdnic - ok
17:58:32.0733 0x1688  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
17:58:32.0733 0x1688  KeyIso - ok
17:58:32.0764 0x1688  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
17:58:32.0764 0x1688  KSecDD - ok
17:58:32.0811 0x1688  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
17:58:32.0811 0x1688  KSecPkg - ok
17:58:32.0827 0x1688  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
17:58:32.0827 0x1688  ksthunk - ok
17:58:32.0873 0x1688  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
17:58:32.0889 0x1688  KtmRm - ok
17:58:32.0936 0x1688  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
17:58:32.0936 0x1688  L1C - ok
17:58:32.0983 0x1688  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
17:58:32.0999 0x1688  LanmanServer - ok
17:58:33.0030 0x1688  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
17:58:33.0045 0x1688  LanmanWorkstation - ok
17:58:33.0077 0x1688  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
17:58:33.0092 0x1688  lfsvc - ok
17:58:33.0124 0x1688  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
17:58:33.0124 0x1688  lltdio - ok
17:58:33.0155 0x1688  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
17:58:33.0155 0x1688  lltdsvc - ok
17:58:33.0186 0x1688  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
17:58:33.0186 0x1688  lmhosts - ok
17:58:33.0233 0x1688  [ 53CC0D5394A28C3344285357E85B2DA1, F02B892E21DABC14143770BA2F710CACDC6437811CEB86EECAB0A6A6F3F8359E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:58:33.0249 0x1688  LMS - ok
17:58:33.0264 0x1688  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
17:58:33.0264 0x1688  LSI_SAS - ok
17:58:33.0295 0x1688  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
17:58:33.0295 0x1688  LSI_SAS2 - ok
17:58:33.0311 0x1688  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
17:58:33.0311 0x1688  LSI_SAS3 - ok
17:58:33.0327 0x1688  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
17:58:33.0327 0x1688  LSI_SSS - ok
17:58:33.0374 0x1688  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
17:58:33.0389 0x1688  LSM - ok
17:58:33.0436 0x1688  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
17:58:33.0436 0x1688  luafv - ok
17:58:33.0452 0x1688  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
17:58:33.0452 0x1688  megasas - ok
17:58:33.0483 0x1688  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
17:58:33.0483 0x1688  megasr - ok
17:58:33.0514 0x1688  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
17:58:33.0514 0x1688  MEIx64 - ok
17:58:33.0561 0x1688  Microsoft SharePoint Workspace Audit Service - ok
17:58:33.0592 0x1688  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
17:58:33.0592 0x1688  MMCSS - ok
17:58:33.0639 0x1688  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
17:58:33.0639 0x1688  Modem - ok
17:58:33.0655 0x1688  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
17:58:33.0655 0x1688  monitor - ok
17:58:33.0670 0x1688  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
17:58:33.0686 0x1688  mouclass - ok
17:58:33.0702 0x1688  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
17:58:33.0702 0x1688  mouhid - ok
17:58:33.0733 0x1688  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
17:58:33.0733 0x1688  mountmgr - ok
17:58:33.0780 0x1688  [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
17:58:33.0780 0x1688  MozillaMaintenance - ok
17:58:33.0811 0x1688  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
17:58:33.0827 0x1688  mpsdrv - ok
17:58:33.0889 0x1688  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
17:58:33.0905 0x1688  MpsSvc - ok
17:58:33.0936 0x1688  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
17:58:33.0936 0x1688  MRxDAV - ok
17:58:33.0967 0x1688  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
17:58:33.0967 0x1688  mrxsmb - ok
17:58:33.0999 0x1688  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
17:58:33.0999 0x1688  mrxsmb10 - ok
17:58:34.0030 0x1688  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
17:58:34.0030 0x1688  mrxsmb20 - ok
17:58:34.0061 0x1688  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
17:58:34.0061 0x1688  MsBridge - ok
17:58:34.0092 0x1688  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
17:58:34.0108 0x1688  MSDTC - ok
17:58:34.0139 0x1688  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
17:58:34.0139 0x1688  Msfs - ok
17:58:34.0171 0x1688  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
17:58:34.0171 0x1688  msgpiowin32 - ok
17:58:34.0186 0x1688  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
17:58:34.0186 0x1688  mshidkmdf - ok
17:58:34.0217 0x1688  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
17:58:34.0217 0x1688  mshidumdf - ok
17:58:34.0233 0x1688  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
17:58:34.0233 0x1688  msisadrv - ok
17:58:34.0280 0x1688  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
17:58:34.0296 0x1688  MSiSCSI - ok
17:58:34.0296 0x1688  msiserver - ok
17:58:34.0311 0x1688  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
17:58:34.0311 0x1688  MSKSSRV - ok
17:58:34.0342 0x1688  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
17:58:34.0342 0x1688  MsLldp - ok
17:58:34.0358 0x1688  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
17:58:34.0358 0x1688  MSPCLOCK - ok
17:58:34.0374 0x1688  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
17:58:34.0374 0x1688  MSPQM - ok
17:58:34.0405 0x1688  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
17:58:34.0405 0x1688  MsRPC - ok
17:58:34.0421 0x1688  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
17:58:34.0421 0x1688  mssmbios - ok
17:58:34.0436 0x1688  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
17:58:34.0436 0x1688  MSTEE - ok
17:58:34.0452 0x1688  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
17:58:34.0452 0x1688  MTConfig - ok
17:58:34.0483 0x1688  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
17:58:34.0483 0x1688  Mup - ok
17:58:34.0514 0x1688  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
17:58:34.0514 0x1688  mvumis - ok
17:58:34.0546 0x1688  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
17:58:34.0561 0x1688  napagent - ok
17:58:34.0592 0x1688  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
17:58:34.0592 0x1688  NativeWifiP - ok
17:58:34.0608 0x1688  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
17:58:34.0624 0x1688  NcaSvc - ok
17:58:34.0639 0x1688  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
17:58:34.0655 0x1688  NcbService - ok
17:58:34.0671 0x1688  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
17:58:34.0686 0x1688  NcdAutoSetup - ok
17:58:34.0717 0x1688  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
17:58:34.0733 0x1688  NDIS - ok
17:58:34.0764 0x1688  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
17:58:34.0764 0x1688  NdisCap - ok
17:58:34.0796 0x1688  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
17:58:34.0796 0x1688  NdisImPlatform - ok
17:58:34.0811 0x1688  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
17:58:34.0811 0x1688  NdisTapi - ok
17:58:34.0827 0x1688  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
17:58:34.0842 0x1688  Ndisuio - ok
17:58:34.0858 0x1688  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
17:58:34.0858 0x1688  NdisVirtualBus - ok
17:58:34.0874 0x1688  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:58:34.0874 0x1688  NdisWan - ok
17:58:34.0889 0x1688  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
17:58:34.0889 0x1688  NdisWanLegacy - ok
17:58:34.0921 0x1688  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
17:58:34.0921 0x1688  NDProxy - ok
17:58:34.0936 0x1688  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
17:58:34.0936 0x1688  Ndu - ok
17:58:34.0967 0x1688  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
17:58:34.0967 0x1688  NetBIOS - ok
17:58:34.0983 0x1688  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
17:58:34.0983 0x1688  NetBT - ok
17:58:34.0999 0x1688  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
17:58:34.0999 0x1688  Netlogon - ok
17:58:35.0049 0x1688  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
17:58:35.0064 0x1688  Netman - ok
17:58:35.0096 0x1688  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
17:58:35.0111 0x1688  netprofm - ok
17:58:35.0158 0x1688  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:58:35.0158 0x1688  NetTcpPortSharing - ok
17:58:35.0174 0x1688  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
17:58:35.0174 0x1688  netvsc - ok
17:58:35.0236 0x1688  [ FC91D7804B8FE5C2F0B12585C612F592, 0F43466D0F52D6A5282BD076005AC5F615C8CFCAC0D4B17B152E8AD0F556CB08 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
17:58:35.0252 0x1688  NitroDriverReadSpool8 - ok
17:58:35.0299 0x1688  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
17:58:35.0314 0x1688  NlaSvc - ok
17:58:35.0361 0x1688  [ 21D28C3448983A072B907E9BAC93D223, 27EF785F8A26E461EE9CDA18445E4896EB5BAE73ABE77262639320D45BC6A512 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
17:58:35.0361 0x1688  nlsX86cc - ok
17:58:35.0393 0x1688  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
17:58:35.0393 0x1688  Npfs - ok
17:58:35.0439 0x1688  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
17:58:35.0439 0x1688  npsvctrig - ok
17:58:35.0455 0x1688  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
17:58:35.0471 0x1688  nsi - ok
17:58:35.0486 0x1688  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
17:58:35.0486 0x1688  nsiproxy - ok
17:58:35.0612 0x1688  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
17:58:35.0628 0x1688  Ntfs - ok
17:58:35.0644 0x1688  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
17:58:35.0659 0x1688  Null - ok
17:58:35.0956 0x1688  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
17:58:36.0081 0x1688  nvlddmkm - ok
17:58:36.0237 0x1688  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
17:58:36.0253 0x1688  NvNetworkService - ok
17:58:36.0269 0x1688  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
17:58:36.0269 0x1688  nvpciflt - ok
17:58:36.0300 0x1688  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
17:58:36.0316 0x1688  nvraid - ok
17:58:36.0347 0x1688  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
17:58:36.0347 0x1688  nvstor - ok
17:58:36.0753 0x1688  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
17:58:36.0925 0x1688  NvStreamSvc - ok
17:58:37.0034 0x1688  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
17:58:37.0066 0x1688  nvsvc - ok
17:58:37.0081 0x1688  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
17:58:37.0081 0x1688  nvvad_WaveExtensible - ok
17:58:37.0113 0x1688  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
17:58:37.0113 0x1688  nv_agp - ok
17:58:37.0144 0x1688  [ B3E5887095F1DE8737DA3441D29F60E4, 722DCC5F8AE62C7EE87C14AFA447EB630EDDB23C56E921E5FA8C72C12011C676 ] ogmservice      C:\Program Files (x86)\Online Games Manager\ogmservice.exe
17:58:37.0159 0x1688  ogmservice - ok
17:58:37.0206 0x1688  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:58:37.0222 0x1688  ose - ok
17:58:37.0425 0x1688  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:58:37.0472 0x1688  osppsvc - ok
17:58:37.0519 0x1688  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
17:58:37.0534 0x1688  p2pimsvc - ok
17:58:37.0581 0x1688  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
17:58:37.0597 0x1688  p2psvc - ok
17:58:37.0613 0x1688  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
17:58:37.0613 0x1688  Parport - ok
17:58:37.0644 0x1688  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
17:58:37.0644 0x1688  partmgr - ok
17:58:37.0675 0x1688  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
17:58:37.0675 0x1688  PcaSvc - ok
17:58:37.0706 0x1688  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
17:58:37.0722 0x1688  pci - ok
17:58:37.0722 0x1688  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
17:58:37.0722 0x1688  pciide - ok
17:58:37.0738 0x1688  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
17:58:37.0738 0x1688  pcmcia - ok
17:58:37.0753 0x1688  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
17:58:37.0753 0x1688  pcw - ok
17:58:37.0769 0x1688  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
17:58:37.0784 0x1688  pdc - ok
17:58:37.0816 0x1688  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
17:58:37.0816 0x1688  PEAUTH - ok
17:58:37.0847 0x1688  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
17:58:37.0863 0x1688  PerfHost - ok
17:58:37.0941 0x1688  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
17:58:37.0972 0x1688  pla - ok
17:58:38.0003 0x1688  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
17:58:38.0003 0x1688  PlugPlay - ok
17:58:38.0034 0x1688  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
17:58:38.0034 0x1688  PNRPAutoReg - ok
17:58:38.0050 0x1688  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
17:58:38.0066 0x1688  PNRPsvc - ok
17:58:38.0097 0x1688  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
17:58:38.0097 0x1688  PolicyAgent - ok
17:58:38.0113 0x1688  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
17:58:38.0128 0x1688  Power - ok
17:58:38.0316 0x1688  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
17:58:38.0347 0x1688  PrintNotify - ok
17:58:38.0394 0x1688  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
17:58:38.0394 0x1688  Processor - ok
17:58:38.0425 0x1688  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
17:58:38.0441 0x1688  ProfSvc - ok
17:58:38.0472 0x1688  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
17:58:38.0472 0x1688  Psched - ok
17:58:38.0504 0x1688  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
17:58:38.0519 0x1688  QWAVE - ok
17:58:38.0550 0x1688  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
17:58:38.0550 0x1688  QWAVEdrv - ok
17:58:38.0582 0x1688  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
17:58:38.0582 0x1688  RasAcd - ok
17:58:38.0613 0x1688  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
17:58:38.0613 0x1688  RasAuto - ok
17:58:38.0660 0x1688  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
17:58:38.0675 0x1688  RasMan - ok
17:58:38.0691 0x1688  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
17:58:38.0691 0x1688  RasPppoe - ok
17:58:38.0738 0x1688  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
17:58:38.0738 0x1688  rdbss - ok
17:58:38.0785 0x1688  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
17:58:38.0785 0x1688  rdpbus - ok
17:58:38.0800 0x1688  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
17:58:38.0816 0x1688  RDPDR - ok
17:58:38.0832 0x1688  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
17:58:38.0832 0x1688  RdpVideoMiniport - ok
17:58:38.0863 0x1688  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
17:58:38.0879 0x1688  rdyboost - ok
17:58:38.0925 0x1688  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
17:58:38.0925 0x1688  ReFS - ok
17:58:38.0972 0x1688  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
17:58:38.0988 0x1688  RemoteAccess - ok
17:58:39.0004 0x1688  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
17:58:39.0019 0x1688  RemoteRegistry - ok
17:58:39.0066 0x1688  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
17:58:39.0066 0x1688  RFCOMM - ok
17:58:39.0113 0x1688  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
17:58:39.0113 0x1688  RpcEptMapper - ok
17:58:39.0144 0x1688  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
17:58:39.0144 0x1688  RpcLocator - ok
17:58:39.0222 0x1688  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
17:58:39.0222 0x1688  RpcSs - ok
17:58:39.0254 0x1688  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
17:58:39.0254 0x1688  rspndr - ok
17:58:39.0285 0x1688  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
17:58:39.0285 0x1688  s3cap - ok
17:58:39.0300 0x1688  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
17:58:39.0300 0x1688  SamSs - ok
17:58:39.0316 0x1688  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
17:58:39.0332 0x1688  sbp2port - ok
17:58:39.0347 0x1688  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
17:58:39.0347 0x1688  SCardSvr - ok
17:58:39.0394 0x1688  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
17:58:39.0394 0x1688  ScDeviceEnum - ok
17:58:39.0425 0x1688  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
17:58:39.0425 0x1688  scfilter - ok
17:58:39.0488 0x1688  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
17:58:39.0504 0x1688  Schedule - ok
17:58:39.0566 0x1688  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
17:58:39.0566 0x1688  SCPolicySvc - ok
17:58:39.0613 0x1688  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
17:58:39.0613 0x1688  sdbus - ok
17:58:39.0660 0x1688  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
17:58:39.0660 0x1688  sdstor - ok
17:58:39.0691 0x1688  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
17:58:39.0691 0x1688  secdrv - ok
17:58:39.0738 0x1688  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
17:58:39.0754 0x1688  seclogon - ok
17:58:39.0785 0x1688  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
17:58:39.0800 0x1688  SENS - ok
17:58:39.0832 0x1688  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
17:58:39.0847 0x1688  SensrSvc - ok
17:58:39.0863 0x1688  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
17:58:39.0863 0x1688  SerCx - ok
17:58:39.0894 0x1688  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
17:58:39.0910 0x1688  SerCx2 - ok
17:58:39.0926 0x1688  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
17:58:39.0926 0x1688  Serenum - ok
17:58:39.0941 0x1688  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
17:58:39.0941 0x1688  Serial - ok
17:58:39.0957 0x1688  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
17:58:39.0957 0x1688  sermouse - ok
17:58:40.0004 0x1688  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
17:58:40.0019 0x1688  SessionEnv - ok
17:58:40.0019 0x1688  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
17:58:40.0019 0x1688  sfloppy - ok
17:58:40.0051 0x1688  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
17:58:40.0066 0x1688  SharedAccess - ok
17:58:40.0098 0x1688  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
17:58:40.0113 0x1688  ShellHWDetection - ok
17:58:40.0144 0x1688  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
17:58:40.0144 0x1688  SiSRaid2 - ok
17:58:40.0160 0x1688  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
17:58:40.0160 0x1688  SiSRaid4 - ok
17:58:40.0176 0x1688  [ 7C954BD3BE2B7448AA7340D82605DF48, 6F0997EDE9F160308823427CBD64F41AE1FB5149AF2A5483658A9279A57DA97F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
17:58:40.0191 0x1688  SmbDrvI - ok
17:58:40.0207 0x1688  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
17:58:40.0222 0x1688  smphost - ok
17:58:40.0238 0x1688  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
17:58:40.0238 0x1688  SNMPTRAP - ok
17:58:40.0269 0x1688  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
17:58:40.0269 0x1688  spaceport - ok
17:58:40.0285 0x1688  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
17:58:40.0285 0x1688  SpbCx - ok
17:58:40.0363 0x1688  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
17:58:40.0379 0x1688  Spooler - ok
17:58:40.0582 0x1688  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
17:58:40.0660 0x1688  sppsvc - ok
17:58:40.0691 0x1688  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
17:58:40.0691 0x1688  srv - ok
17:58:40.0723 0x1688  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
17:58:40.0738 0x1688  srv2 - ok
17:58:40.0769 0x1688  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
17:58:40.0769 0x1688  srvnet - ok
17:58:40.0801 0x1688  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
17:58:40.0801 0x1688  SSDPSRV - ok
17:58:40.0832 0x1688  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
17:58:40.0832 0x1688  SstpSvc - ok
17:58:40.0926 0x1688  [ 580777FCF0DA9AE78B4D07A11E5F14CD, 2F2BE84ECB035C5E9DA538409398A1F56C62F4BD4F304EF088DAD49CA82735FD ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
17:58:40.0941 0x1688  STacSV - ok
17:58:40.0988 0x1688  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
17:58:40.0988 0x1688  stexstor - ok
17:58:41.0051 0x1688  [ 54ED2C1F251CF19EB3E965857BACF6F7, 38415A17FE41A9FA0CFBC9E3B041DF77B3FB97B255AE3B4E10FD6F22D9E871E2 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
17:58:41.0066 0x1688  STHDA - ok
17:58:41.0113 0x1688  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
17:58:41.0144 0x1688  stisvc - ok
17:58:41.0160 0x1688  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
17:58:41.0160 0x1688  storahci - ok
17:58:41.0191 0x1688  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
17:58:41.0191 0x1688  storflt - ok
17:58:41.0223 0x1688  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
17:58:41.0223 0x1688  stornvme - ok
17:58:41.0238 0x1688  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
17:58:41.0254 0x1688  StorSvc - ok
17:58:41.0269 0x1688  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
17:58:41.0269 0x1688  storvsc - ok
17:58:41.0285 0x1688  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
17:58:41.0301 0x1688  svsvc - ok
17:58:41.0316 0x1688  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
17:58:41.0316 0x1688  swenum - ok
17:58:41.0400 0x1688  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
17:58:41.0416 0x1688  swprv - ok
17:58:41.0478 0x1688  [ 890D687A16CFFBEC96905CA25AAF4F4E, E96D5E65585192297343555F65ABA66624DC146C8DFE30085F7E004843B22DEE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
17:58:41.0494 0x1688  SynTP - ok
17:58:41.0541 0x1688  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
17:58:41.0588 0x1688  SysMain - ok
17:58:41.0619 0x1688  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
17:58:41.0635 0x1688  SystemEventsBroker - ok
17:58:41.0666 0x1688  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
17:58:41.0666 0x1688  TabletInputService - ok
17:58:41.0697 0x1688  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
17:58:41.0697 0x1688  TapiSrv - ok
17:58:41.0807 0x1688  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
17:58:41.0838 0x1688  Tcpip - ok
17:58:41.0885 0x1688  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
17:58:41.0916 0x1688  TCPIP6 - ok
17:58:41.0947 0x1688  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
17:58:41.0947 0x1688  tcpipreg - ok
17:58:41.0978 0x1688  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
17:58:41.0978 0x1688  tdx - ok
17:58:42.0010 0x1688  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
17:58:42.0010 0x1688  terminpt - ok
17:58:42.0057 0x1688  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
17:58:42.0072 0x1688  TermService - ok
17:58:42.0103 0x1688  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
17:58:42.0103 0x1688  Themes - ok
17:58:42.0135 0x1688  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
17:58:42.0135 0x1688  THREADORDER - ok
17:58:42.0166 0x1688  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
17:58:42.0166 0x1688  TimeBroker - ok
17:58:42.0197 0x1688  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
17:58:42.0197 0x1688  TPM - ok
17:58:42.0213 0x1688  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
17:58:42.0213 0x1688  TrkWks - ok
17:58:42.0247 0x1688  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
17:58:42.0247 0x1688  TrustedInstaller - ok
17:58:42.0262 0x1688  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
17:58:42.0262 0x1688  TsUsbFlt - ok
17:58:42.0293 0x1688  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
17:58:42.0293 0x1688  TsUsbGD - ok
17:58:42.0309 0x1688  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
17:58:42.0325 0x1688  tunnel - ok
17:58:42.0340 0x1688  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
17:58:42.0340 0x1688  uagp35 - ok
17:58:42.0356 0x1688  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
17:58:42.0356 0x1688  UASPStor - ok
17:58:42.0387 0x1688  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
17:58:42.0387 0x1688  UCX01000 - ok
17:58:42.0418 0x1688  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
17:58:42.0434 0x1688  udfs - ok
17:58:42.0450 0x1688  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
17:58:42.0450 0x1688  UEFI - ok
17:58:42.0481 0x1688  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
17:58:42.0481 0x1688  UI0Detect - ok
17:58:42.0497 0x1688  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
17:58:42.0497 0x1688  uliagpkx - ok
17:58:42.0512 0x1688  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
17:58:42.0512 0x1688  umbus - ok
17:58:42.0543 0x1688  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
17:58:42.0543 0x1688  UmPass - ok
17:58:42.0559 0x1688  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
17:58:42.0575 0x1688  UmRdpService - ok
17:58:42.0622 0x1688  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
17:58:42.0622 0x1688  upnphost - ok
17:58:42.0653 0x1688  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
17:58:42.0653 0x1688  USBAAPL64 - ok
17:58:42.0684 0x1688  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
17:58:42.0684 0x1688  usbccgp - ok
17:58:42.0700 0x1688  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
17:58:42.0700 0x1688  usbcir - ok
17:58:42.0747 0x1688  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
17:58:42.0747 0x1688  usbehci - ok
17:58:42.0762 0x1688  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
17:58:42.0778 0x1688  usbhub - ok
17:58:42.0825 0x1688  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
17:58:42.0840 0x1688  USBHUB3 - ok
17:58:42.0872 0x1688  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
17:58:42.0872 0x1688  usbohci - ok
17:58:42.0903 0x1688  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
17:58:42.0903 0x1688  usbprint - ok
17:58:42.0934 0x1688  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
17:58:42.0950 0x1688  USBSTOR - ok
17:58:42.0981 0x1688  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
17:58:42.0981 0x1688  usbuhci - ok
17:58:43.0028 0x1688  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
17:58:43.0028 0x1688  USBXHCI - ok
17:58:43.0059 0x1688  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
17:58:43.0059 0x1688  VaultSvc - ok
17:58:43.0122 0x1688  VBoxAswDrv - ok
17:58:43.0153 0x1688  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
17:58:43.0153 0x1688  vdrvroot - ok
17:58:43.0231 0x1688  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
17:58:43.0262 0x1688  vds - ok
17:58:43.0356 0x1688  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
17:58:43.0356 0x1688  VeriFaceSrv - ok
17:58:43.0403 0x1688  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
17:58:43.0403 0x1688  VerifierExt - ok
17:58:43.0481 0x1688  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
17:58:43.0497 0x1688  vhdmp - ok
17:58:43.0528 0x1688  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
17:58:43.0528 0x1688  viaide - ok
17:58:43.0606 0x1688  [ 596B4C350D0E7F4EE634C41F87FD0ED6, C856DAED8D749A600B8AC5DCEE84AB71EFA12B2181BE417174EF2C5C331A131C ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
17:58:43.0622 0x1688  vm331avs - ok
17:58:43.0653 0x1688  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
17:58:43.0653 0x1688  vmbus - ok
17:58:43.0668 0x1688  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
17:58:43.0668 0x1688  VMBusHID - ok
17:58:43.0700 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
17:58:43.0715 0x1688  vmicguestinterface - ok
17:58:43.0731 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
17:58:43.0731 0x1688  vmicheartbeat - ok
17:58:43.0747 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
17:58:43.0747 0x1688  vmickvpexchange - ok
17:58:43.0762 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
17:58:43.0762 0x1688  vmicrdv - ok
17:58:43.0778 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
17:58:43.0793 0x1688  vmicshutdown - ok
17:58:43.0793 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
17:58:43.0809 0x1688  vmictimesync - ok
17:58:43.0825 0x1688  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
17:58:43.0825 0x1688  vmicvss - ok
17:58:43.0840 0x1688  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
17:58:43.0840 0x1688  volmgr - ok
17:58:43.0840 0x1688  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
17:58:43.0856 0x1688  volmgrx - ok
17:58:43.0888 0x1688  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
17:58:43.0888 0x1688  volsnap - ok
17:58:43.0904 0x1688  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
17:58:43.0904 0x1688  vpci - ok
17:58:43.0919 0x1688  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
17:58:43.0935 0x1688  vsmraid - ok
17:58:43.0997 0x1688  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
17:58:44.0013 0x1688  VSS - ok
17:58:44.0029 0x1688  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
17:58:44.0029 0x1688  VSTXRAID - ok
17:58:44.0075 0x1688  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
17:58:44.0075 0x1688  vwifibus - ok
17:58:44.0107 0x1688  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
17:58:44.0122 0x1688  vwififlt - ok
17:58:44.0138 0x1688  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
17:58:44.0138 0x1688  vwifimp - ok
17:58:44.0200 0x1688  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
17:58:44.0216 0x1688  W32Time - ok
17:58:44.0263 0x1688  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
17:58:44.0263 0x1688  WacomPen - ok
17:58:44.0357 0x1688  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
17:58:44.0388 0x1688  wbengine - ok
17:58:44.0419 0x1688  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
17:58:44.0419 0x1688  WbioSrvc - ok
17:58:44.0450 0x1688  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
17:58:44.0466 0x1688  Wcmsvc - ok
17:58:44.0482 0x1688  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
17:58:44.0497 0x1688  wcncsvc - ok
17:58:44.0529 0x1688  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
17:58:44.0529 0x1688  WcsPlugInService - ok
17:58:44.0544 0x1688  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
17:58:44.0544 0x1688  WdBoot - ok
17:58:44.0591 0x1688  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
17:58:44.0607 0x1688  Wdf01000 - ok
17:58:44.0638 0x1688  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
17:58:44.0638 0x1688  WdFilter - ok
17:58:44.0669 0x1688  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
17:58:44.0685 0x1688  WdiServiceHost - ok
17:58:44.0700 0x1688  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
17:58:44.0700 0x1688  WdiSystemHost - ok
17:58:44.0732 0x1688  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
17:58:44.0732 0x1688  WdNisDrv - ok
17:58:44.0763 0x1688  WdNisSvc - ok
17:58:44.0810 0x1688  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
17:58:44.0810 0x1688  WebClient - ok
17:58:44.0841 0x1688  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
17:58:44.0841 0x1688  Wecsvc - ok
17:58:44.0857 0x1688  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
17:58:44.0857 0x1688  WEPHOSTSVC - ok
17:58:44.0890 0x1688  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
17:58:44.0905 0x1688  wercplsupport - ok
17:58:44.0921 0x1688  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
17:58:44.0937 0x1688  WerSvc - ok
17:58:44.0952 0x1688  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
17:58:44.0952 0x1688  WFPLWFS - ok
17:58:44.0999 0x1688  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
17:58:44.0999 0x1688  WiaRpc - ok
17:58:45.0030 0x1688  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
17:58:45.0030 0x1688  WIMMount - ok
17:58:45.0030 0x1688  WinDefend - ok
17:58:45.0077 0x1688  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
17:58:45.0109 0x1688  WinHttpAutoProxySvc - ok
17:58:45.0187 0x1688  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
17:58:45.0187 0x1688  Winmgmt - ok
17:58:45.0312 0x1688  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
17:58:45.0343 0x1688  WinRM - ok
17:58:45.0374 0x1688  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
17:58:45.0374 0x1688  WinUsb - ok
17:58:45.0452 0x1688  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
17:58:45.0468 0x1688  WlanSvc - ok
17:58:45.0562 0x1688  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
17:58:45.0593 0x1688  wlidsvc - ok
17:58:45.0624 0x1688  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
17:58:45.0624 0x1688  WmiAcpi - ok
17:58:45.0655 0x1688  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
17:58:45.0655 0x1688  wmiApSrv - ok
17:58:45.0684 0x1688  WMPNetworkSvc - ok
17:58:45.0715 0x1688  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
17:58:45.0715 0x1688  Wof - ok
17:58:45.0762 0x1688  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
17:58:45.0794 0x1688  workfolderssvc - ok
17:58:45.0825 0x1688  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
17:58:45.0825 0x1688  wpcfltr - ok
17:58:45.0840 0x1688  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
17:58:45.0840 0x1688  WPCSvc - ok
17:58:45.0872 0x1688  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
17:58:45.0872 0x1688  WPDBusEnum - ok
17:58:45.0903 0x1688  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
17:58:45.0903 0x1688  WpdUpFltr - ok
17:58:45.0919 0x1688  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
17:58:45.0934 0x1688  ws2ifsl - ok
17:58:45.0950 0x1688  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
17:58:45.0965 0x1688  wscsvc - ok
17:58:45.0981 0x1688  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
17:58:45.0981 0x1688  WSDPrintDevice - ok
17:58:46.0012 0x1688  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
17:58:46.0012 0x1688  WSDScan - ok
17:58:46.0012 0x1688  WSearch - ok
17:58:46.0106 0x1688  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
17:58:46.0153 0x1688  WSService - ok
17:58:46.0184 0x1688  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
17:58:46.0184 0x1688  wsvd - ok
17:58:46.0325 0x1688  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
17:58:46.0372 0x1688  wuauserv - ok
17:58:46.0403 0x1688  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
17:58:46.0403 0x1688  WudfPf - ok
17:58:46.0434 0x1688  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
17:58:46.0434 0x1688  WUDFRd - ok
17:58:46.0465 0x1688  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
17:58:46.0465 0x1688  wudfsvc - ok
17:58:46.0481 0x1688  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
17:58:46.0481 0x1688  WUDFWpdFs - ok
17:58:46.0481 0x1688  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
17:58:46.0481 0x1688  WUDFWpdMtp - ok
17:58:46.0512 0x1688  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
17:58:46.0528 0x1688  WwanSvc - ok
17:58:46.0528 0x1688  ================ Scan global ===============================
17:58:46.0575 0x1688  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
17:58:46.0606 0x1688  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
17:58:46.0637 0x1688  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
17:58:46.0684 0x1688  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
17:58:46.0684 0x1688  [ Global ] - ok
17:58:46.0684 0x1688  ================ Scan MBR ==================================
17:58:46.0700 0x1688  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
17:58:46.0700 0x1688  \Device\Harddisk0\DR0 - ok
17:58:46.0700 0x1688  ================ Scan VBR ==================================
17:58:46.0715 0x1688  [ 45E6E1CC4750360B30853052D02D092E ] \Device\Harddisk0\DR0\Partition1
17:58:46.0762 0x1688  \Device\Harddisk0\DR0\Partition1 - ok
17:58:46.0794 0x1688  [ 45FCF55B66ACFD5B2B3DA455CE66592F ] \Device\Harddisk0\DR0\Partition2
17:58:46.0856 0x1688  \Device\Harddisk0\DR0\Partition2 - ok
17:58:46.0872 0x1688  [ BB108EFC330C8D7DE26516A9861ECFEA ] \Device\Harddisk0\DR0\Partition3
17:58:46.0919 0x1688  \Device\Harddisk0\DR0\Partition3 - ok
17:58:46.0934 0x1688  [ 75B198DDEABD11957D0A8CE751F5275D ] \Device\Harddisk0\DR0\Partition4
17:58:46.0934 0x1688  \Device\Harddisk0\DR0\Partition4 - ok
17:58:46.0950 0x1688  [ A0E19FEA4E6CBC7D11F8512BD0051EF7 ] \Device\Harddisk0\DR0\Partition5
17:58:47.0028 0x1688  \Device\Harddisk0\DR0\Partition5 - ok
17:58:47.0044 0x1688  [ 8C186B5FEF83644D78D50A58511B353F ] \Device\Harddisk0\DR0\Partition6
17:58:47.0059 0x1688  \Device\Harddisk0\DR0\Partition6 - ok
17:58:47.0075 0x1688  [ C8015BFEB4BCD688A221E75FDA2E83C1 ] \Device\Harddisk0\DR0\Partition7
17:58:47.0091 0x1688  \Device\Harddisk0\DR0\Partition7 - ok
17:58:47.0106 0x1688  [ 543D6D4AB04BF3DAF87850E87AF20115 ] \Device\Harddisk0\DR0\Partition8
17:58:47.0106 0x1688  \Device\Harddisk0\DR0\Partition8 - ok
17:58:47.0106 0x1688  ================ Scan generic autorun ======================
17:58:47.0169 0x1688  [ 2FA26C993349B4D2016CBE21A49E5432, 9AD05224E1E2306271D1E2D74B63253F3807D4C60F8B94B661527B311D7E892A ] C:\WINDOWS\system32\igfxtray.exe
17:58:47.0200 0x1688  IgfxTray - ok
17:58:47.0231 0x1688  [ A608F8BDF259CB3C323247CC1A533A10, 82126BA52DBF2C97884BAFD5E5A74ABDCA3E092DACB8A4CADFF2851520727E5B ] C:\WINDOWS\system32\hkcmd.exe
17:58:47.0247 0x1688  HotKeysCmds - ok
17:58:47.0263 0x1688  [ 47189B3FB35A23FD5A491A79EDBEDA0D, 04986B81A450F65E16A974AA7F2987273887A0F9FFEE2D904D0FC64E8D3CDE22 ] C:\WINDOWS\system32\igfxpers.exe
17:58:47.0278 0x1688  Persistence - ok
17:58:47.0372 0x1688  [ 6B08632F7634F344372B25A507DA7C47, C955BFB0F4601A4D1077119B204785FE4CB975E961D2AEE9C2BFA6EDC27E3CE2 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
17:58:47.0388 0x1688  Nvtmru - ok
17:58:47.0434 0x1688  [ 353C3D309B32642C329518FB2A3CC317, 9F1EDA8398203D65C2B05874052F5544DB1F662C24ECEEC9C95D5C397ABDAF76 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
17:58:47.0434 0x1688  IAStorIcon - ok
17:58:47.0497 0x1688  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] c:\program files (x86)\Dolby Home Theater v4\pcee4.exe
17:58:47.0497 0x1688  DolbyTrayApp - ok
17:58:47.0638 0x1688  [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
17:58:47.0684 0x1688  OnekeyStudio - ok
17:58:48.0091 0x1688  [ C26A1B3F9BA8086BC0A22F056703E0F4, 17DCFB6AAFB42E9F26817FF043868E9D82BC4BEDFDFD34021A9352B720DBFEF8 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
17:58:48.0263 0x1688  Energy Manager - ok
17:58:48.0294 0x1688  [ CA8486284806BF318BA56CE9CFC36D94, 66804050E39EE7AB671DBF87F32CCA21F869B530A208D393998CCD80ADE0D327 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
17:58:48.0294 0x1688  Lenovo Utility - ok
17:58:48.0403 0x1688  [ 05C5CBE5C0C26EFF48AF60639F30F4F5, 29B20E80D0251B488CFAC1576FF9350BB79BDB33667BC5F38DF8B0FB4C7FB17C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
17:58:48.0419 0x1688  NvBackend - ok
17:58:48.0450 0x1688  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
17:58:48.0450 0x1688  ShadowPlay - ok
17:58:48.0450 0x1688  SynTPEnh - ok
17:58:48.0450 0x1688  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
17:58:48.0450 0x1688  Logitech Download Assistant - ok
17:58:48.0498 0x1688  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
17:58:48.0498 0x1688  iTunesHelper - ok
17:58:48.0560 0x1688  [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
17:58:48.0576 0x1688  331BigDog - ok
17:58:48.0623 0x1688  [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
17:58:48.0638 0x1688  YouCam Tray - ok
17:58:48.0717 0x1688  [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
17:58:48.0717 0x1688  UpdateP2GShortCut - ok
17:58:48.0763 0x1688  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
17:58:48.0779 0x1688  RemoteControl10 - ok
17:58:48.0842 0x1688  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
17:58:48.0842 0x1688  Intel AppUp(SM) center - ok
17:58:49.0045 0x1688  [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:58:49.0123 0x1688  AvastUI.exe - ok
17:58:49.0248 0x1688  [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
17:58:49.0263 0x1688  IJNetworkScannerSelectorEX - ok
17:58:49.0326 0x1688  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
17:58:49.0326 0x1688  BCSSync - ok
17:58:49.0388 0x1688  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
17:58:49.0420 0x1688  SunJavaUpdateSched - ok
17:58:49.0560 0x1688  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
17:58:49.0592 0x1688  DAEMON Tools Lite - ok
17:58:49.0607 0x1688  Waiting for KSN requests completion. In queue: 140
17:58:50.0623 0x1688  Waiting for KSN requests completion. In queue: 140
17:58:51.0623 0x1688  Waiting for KSN requests completion. In queue: 140
17:58:52.0186 0x1ee0  Object required for P2P: [ 8A312D5764B4FC4C55CEDDEED4652CF1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:58:52.0623 0x1688  Waiting for KSN requests completion. In queue: 5
17:58:53.0624 0x1688  Waiting for KSN requests completion. In queue: 5
17:58:54.0624 0x1688  Waiting for KSN requests completion. In queue: 5
17:58:55.0280 0x1ee0  Object send P2P result: true
17:58:55.0640 0x1688  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
17:58:55.0640 0x1688  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
17:58:55.0655 0x1688  Win FW state via NFP2: enabled ( trusted )
17:58:58.0147 0x1688  ============================================================
17:58:58.0147 0x1688  Scan finished
17:58:58.0147 0x1688  ============================================================
17:58:58.0147 0x111c  Detected object count: 0
17:58:58.0147 0x111c  Actual detected object count: 0
18:01:24.0149 0x1bb0  ============================================================
18:01:24.0149 0x1bb0  Scan started
18:01:24.0149 0x1bb0  Mode: Manual; 
18:01:24.0149 0x1bb0
         

Alt 02.01.2016, 18:15   #9
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Report TDSSKiller Teil 2



Code:
ATTFilter
============================================================
18:01:24.0149 0x1bb0  KSN ping started
18:01:26.0619 0x1bb0  KSN ping finished: true
18:01:27.0963 0x1bb0  ================ Scan system memory ========================
18:01:27.0963 0x1bb0  System memory - ok
18:01:27.0963 0x1bb0  ================ Scan services =============================
18:01:28.0126 0x1bb0  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:01:28.0126 0x1bb0  1394ohci - ok
18:01:28.0142 0x1bb0  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:01:28.0142 0x1bb0  3ware - ok
18:01:28.0204 0x1bb0  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:01:28.0204 0x1bb0  ACPI - ok
18:01:28.0220 0x1bb0  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:01:28.0220 0x1bb0  acpiex - ok
18:01:28.0235 0x1bb0  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:01:28.0235 0x1bb0  acpipagr - ok
18:01:28.0267 0x1bb0  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:01:28.0267 0x1bb0  AcpiPmi - ok
18:01:28.0282 0x1bb0  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:01:28.0282 0x1bb0  acpitime - ok
18:01:28.0298 0x1bb0  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
18:01:28.0298 0x1bb0  ACPIVPC - ok
18:01:28.0407 0x1bb0  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:01:28.0407 0x1bb0  AdobeARMservice - ok
18:01:28.0454 0x1bb0  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:01:28.0454 0x1bb0  ADP80XX - ok
18:01:28.0485 0x1bb0  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:01:28.0485 0x1bb0  AeLookupSvc - ok
18:01:28.0517 0x1bb0  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:01:28.0548 0x1bb0  AFD - ok
18:01:28.0579 0x1bb0  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:01:28.0579 0x1bb0  agp440 - ok
18:01:28.0610 0x1bb0  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:01:28.0610 0x1bb0  ahcache - ok
18:01:28.0642 0x1bb0  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
18:01:28.0642 0x1bb0  ALG - ok
18:01:28.0657 0x1bb0  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:01:28.0657 0x1bb0  AmdK8 - ok
18:01:28.0673 0x1bb0  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:01:28.0673 0x1bb0  AmdPPM - ok
18:01:28.0704 0x1bb0  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:01:28.0704 0x1bb0  amdsata - ok
18:01:28.0704 0x1bb0  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:01:28.0720 0x1bb0  amdsbs - ok
18:01:28.0735 0x1bb0  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:01:28.0735 0x1bb0  amdxata - ok
18:01:28.0751 0x1bb0  [ 7D676814DE129391D423F3D97F590414, F72ECCC2D80F6E2144B88D232E74DD17C7E9FEBB476A289759C7FF041C6E47B3 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
18:01:28.0751 0x1bb0  AmUStor - ok
18:01:28.0782 0x1bb0  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:01:28.0782 0x1bb0  AppID - ok
18:01:28.0814 0x1bb0  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:01:28.0814 0x1bb0  AppIDSvc - ok
18:01:28.0845 0x1bb0  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:01:28.0845 0x1bb0  Appinfo - ok
18:01:28.0907 0x1bb0  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:01:28.0923 0x1bb0  Apple Mobile Device Service - ok
18:01:28.0970 0x1bb0  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:01:28.0985 0x1bb0  AppReadiness - ok
18:01:29.0032 0x1bb0  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:01:29.0048 0x1bb0  AppXSvc - ok
18:01:29.0064 0x1bb0  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:01:29.0064 0x1bb0  arcsas - ok
18:01:29.0079 0x1bb0  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
18:01:29.0079 0x1bb0  aswHwid - ok
18:01:29.0110 0x1bb0  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:01:29.0110 0x1bb0  aswMonFlt - ok
18:01:29.0126 0x1bb0  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
18:01:29.0126 0x1bb0  aswRdr - ok
18:01:29.0142 0x1bb0  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
18:01:29.0142 0x1bb0  aswRvrt - ok
18:01:29.0173 0x1bb0  [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
18:01:29.0189 0x1bb0  aswSnx - ok
18:01:29.0204 0x1bb0  [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
18:01:29.0220 0x1bb0  aswSP - ok
18:01:29.0235 0x1bb0  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
18:01:29.0235 0x1bb0  aswStm - ok
18:01:29.0235 0x1bb0  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
18:01:29.0251 0x1bb0  aswVmm - ok
18:01:29.0267 0x1bb0  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:01:29.0267 0x1bb0  atapi - ok
18:01:29.0298 0x1bb0  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:01:29.0314 0x1bb0  AudioEndpointBuilder - ok
18:01:29.0345 0x1bb0  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:01:29.0361 0x1bb0  Audiosrv - ok
18:01:29.0408 0x1bb0  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:01:29.0423 0x1bb0  avast! Antivirus - ok
18:01:29.0470 0x1bb0  AvastVBoxSvc - ok
18:01:29.0501 0x1bb0  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:01:29.0517 0x1bb0  AxInstSV - ok
18:01:29.0579 0x1bb0  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:01:29.0595 0x1bb0  b06bdrv - ok
18:01:29.0611 0x1bb0  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:01:29.0611 0x1bb0  BasicDisplay - ok
18:01:29.0658 0x1bb0  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:01:29.0658 0x1bb0  BasicRender - ok
18:01:29.0689 0x1bb0  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
18:01:29.0689 0x1bb0  bcbtums - ok
18:01:29.0923 0x1bb0  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys

18:01:30.0017 0x1bb0  BCM43XX - ok
18:01:30.0126 0x1bb0  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
18:01:30.0142 0x1bb0  BcmBtRSupport - ok
18:01:30.0173 0x1bb0  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:01:30.0173 0x1bb0  bcmfn2 - ok
18:01:30.0220 0x1bb0  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:01:30.0236 0x1bb0  BDESVC - ok
18:01:30.0251 0x1bb0  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:01:30.0251 0x1bb0  Beep - ok
18:01:30.0314 0x1bb0  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
18:01:30.0329 0x1bb0  BFE - ok
18:01:30.0376 0x1bb0  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:01:30.0423 0x1bb0  BITS - ok
18:01:30.0454 0x1bb0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:01:30.0454 0x1bb0  Bonjour Service - ok
18:01:30.0470 0x1bb0  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:01:30.0486 0x1bb0  bowser - ok
18:01:30.0517 0x1bb0  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:01:30.0517 0x1bb0  BrokerInfrastructure - ok
18:01:30.0548 0x1bb0  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
18:01:30.0548 0x1bb0  Browser - ok
18:01:30.0579 0x1bb0  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:01:30.0579 0x1bb0  BthAvrcpTg - ok
18:01:30.0611 0x1bb0  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:01:30.0611 0x1bb0  BthEnum - ok
18:01:30.0642 0x1bb0  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:01:30.0642 0x1bb0  BthHFEnum - ok
18:01:30.0658 0x1bb0  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:01:30.0658 0x1bb0  bthhfhid - ok
18:01:30.0689 0x1bb0  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:01:30.0704 0x1bb0  BthHFSrv - ok
18:01:30.0751 0x1bb0  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
18:01:30.0767 0x1bb0  BthLEEnum - ok
18:01:30.0782 0x1bb0  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:01:30.0798 0x1bb0  BTHMODEM - ok
18:01:30.0829 0x1bb0  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:01:30.0829 0x1bb0  BthPan - ok
18:01:30.0892 0x1bb0  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
18:01:30.0907 0x1bb0  BTHPORT - ok
18:01:30.0939 0x1bb0  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:01:30.0939 0x1bb0  bthserv - ok
18:01:30.0986 0x1bb0  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:01:30.0986 0x1bb0  BTHUSB - ok
18:01:31.0017 0x1bb0  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
18:01:31.0017 0x1bb0  btwampfl - ok
18:01:31.0048 0x1bb0  [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys
18:01:31.0048 0x1bb0  btwaudio - ok
18:01:31.0064 0x1bb0  [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys
18:01:31.0064 0x1bb0  btwavdt - ok
18:01:31.0142 0x1bb0  [ 0CEB5F3E31011245D5E656E86082A6FB, 68FC17271D56EDA73B3F610BDD60905B4060150E3B6C7F8FF0DF6183A7018E31 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
18:01:31.0158 0x1bb0  btwdins - ok
18:01:31.0173 0x1bb0  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
18:01:31.0173 0x1bb0  btwl2cap - ok
18:01:31.0204 0x1bb0  [ 1D1591BB5356D4160C15F754886EEE98, 1DEF03F2B716026166047D83150C285561E159A26B15A38161368074A178E4ED ] btwpanfl        C:\WINDOWS\system32\drivers\btwpanfl.sys
18:01:31.0204 0x1bb0  btwpanfl - ok
18:01:31.0222 0x1bb0  [ B4327CB4CE628C9CA6C7F479BCF0D40A, F369070D443393037AE18BADA21DA55A2CF087192F83BE7F25D84F58B52564DD ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys
18:01:31.0222 0x1bb0  btwrchid - ok
18:01:31.0239 0x1bb0  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:01:31.0239 0x1bb0  cdfs - ok
18:01:31.0270 0x1bb0  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:01:31.0270 0x1bb0  cdrom - ok
18:01:31.0302 0x1bb0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:01:31.0302 0x1bb0  CertPropSvc - ok
18:01:31.0333 0x1bb0  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:01:31.0333 0x1bb0  circlass - ok
18:01:31.0364 0x1bb0  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:01:31.0380 0x1bb0  CLFS - ok
18:01:31.0395 0x1bb0  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:01:31.0395 0x1bb0  CmBatt - ok
18:01:31.0427 0x1bb0  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:01:31.0427 0x1bb0  CNG - ok
18:01:31.0458 0x1bb0  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:01:31.0458 0x1bb0  CompositeBus - ok
18:01:31.0473 0x1bb0  COMSysApp - ok
18:01:31.0505 0x1bb0  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:01:31.0505 0x1bb0  condrv - ok
18:01:31.0583 0x1bb0  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:01:31.0599 0x1bb0  cphs - ok
18:01:31.0645 0x1bb0  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:01:31.0661 0x1bb0  CryptSvc - ok
18:01:31.0677 0x1bb0  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:01:31.0677 0x1bb0  dam - ok
18:01:31.0739 0x1bb0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:01:31.0755 0x1bb0  DcomLaunch - ok
18:01:31.0802 0x1bb0  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:01:31.0802 0x1bb0  defragsvc - ok
18:01:31.0848 0x1bb0  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:01:31.0848 0x1bb0  DeviceAssociationService - ok
18:01:31.0864 0x1bb0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:01:31.0880 0x1bb0  DeviceInstall - ok
18:01:31.0895 0x1bb0  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:01:31.0911 0x1bb0  Dfsc - ok
18:01:31.0927 0x1bb0  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:01:31.0942 0x1bb0  Dhcp - ok
18:01:31.0989 0x1bb0  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:01:32.0020 0x1bb0  DiagTrack - ok
18:01:32.0052 0x1bb0  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:01:32.0052 0x1bb0  disk - ok
18:01:32.0067 0x1bb0  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:01:32.0067 0x1bb0  dmvsc - ok
18:01:32.0099 0x1bb0  [ C480411B9883DB284D98F12C512BF009, A049ADB276A5451A5CAA5F3C46F109D2C40FC9690A23E0ABD79A50CFF10F95A2 ] DnsBlockUpdateSvc C:\WINDOWS\system32\DnsBlockUpdateSvc.exe
18:01:32.0099 0x1bb0  DnsBlockUpdateSvc - ok
18:01:32.0130 0x1bb0  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:01:32.0130 0x1bb0  Dnscache - ok
18:01:32.0145 0x1bb0  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:01:32.0161 0x1bb0  dot3svc - ok
18:01:32.0177 0x1bb0  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
18:01:32.0177 0x1bb0  DPS - ok
18:01:32.0192 0x1bb0  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:01:32.0192 0x1bb0  drmkaud - ok
18:01:32.0239 0x1bb0  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:01:32.0239 0x1bb0  DsmSvc - ok
18:01:32.0255 0x1bb0  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
18:01:32.0270 0x1bb0  dtsoftbus01 - ok
18:01:32.0333 0x1bb0  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:01:32.0349 0x1bb0  DXGKrnl - ok
18:01:32.0364 0x1bb0  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:01:32.0364 0x1bb0  Eaphost - ok
18:01:32.0458 0x1bb0  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:01:32.0505 0x1bb0  ebdrv - ok
18:01:32.0536 0x1bb0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
18:01:32.0552 0x1bb0  EFS - ok
18:01:32.0567 0x1bb0  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:01:32.0583 0x1bb0  EhStorClass - ok
18:01:32.0614 0x1bb0  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:01:32.0614 0x1bb0  EhStorTcgDrv - ok
18:01:32.0630 0x1bb0  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:01:32.0630 0x1bb0  ErrDev - ok
18:01:32.0708 0x1bb0  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
18:01:32.0724 0x1bb0  EventSystem - ok
18:01:32.0739 0x1bb0  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:01:32.0739 0x1bb0  exfat - ok
18:01:32.0771 0x1bb0  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:01:32.0771 0x1bb0  fastfat - ok
18:01:32.0817 0x1bb0  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:01:32.0817 0x1bb0  Fax - ok
18:01:32.0833 0x1bb0  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:01:32.0833 0x1bb0  fdc - ok
18:01:32.0864 0x1bb0  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:01:32.0864 0x1bb0  fdPHost - ok
18:01:32.0880 0x1bb0  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:01:32.0880 0x1bb0  FDResPub - ok
18:01:32.0927 0x1bb0  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:01:32.0927 0x1bb0  fhsvc - ok
18:01:32.0974 0x1bb0  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:01:32.0974 0x1bb0  FileInfo - ok
18:01:32.0989 0x1bb0  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:01:32.0989 0x1bb0  Filetrace - ok
18:01:33.0005 0x1bb0  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:01:33.0005 0x1bb0  flpydisk - ok
18:01:33.0036 0x1bb0  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:01:33.0052 0x1bb0  FltMgr - ok
18:01:33.0146 0x1bb0  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:01:33.0161 0x1bb0  FontCache - ok
18:01:33.0255 0x1bb0  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:01:33.0271 0x1bb0  FontCache3.0.0.0 - ok
18:01:33.0286 0x1bb0  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:01:33.0302 0x1bb0  FsDepends - ok
18:01:33.0333 0x1bb0  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:01:33.0333 0x1bb0  Fs_Rec - ok
18:01:33.0396 0x1bb0  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:01:33.0411 0x1bb0  fvevol - ok
18:01:33.0427 0x1bb0  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:01:33.0427 0x1bb0  FxPPM - ok
18:01:33.0442 0x1bb0  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:01:33.0442 0x1bb0  gagp30kx - ok
18:01:33.0474 0x1bb0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:01:33.0474 0x1bb0  GEARAspiWDM - ok
18:01:33.0505 0x1bb0  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:01:33.0505 0x1bb0  gencounter - ok
18:01:33.0536 0x1bb0  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:01:33.0536 0x1bb0  GPIOClx0101 - ok
18:01:33.0583 0x1bb0  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:01:33.0614 0x1bb0  gpsvc - ok
18:01:33.0630 0x1bb0  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:01:33.0646 0x1bb0  HDAudBus - ok
18:01:33.0646 0x1bb0  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:01:33.0646 0x1bb0  HidBatt - ok
18:01:33.0677 0x1bb0  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:01:33.0677 0x1bb0  HidBth - ok
18:01:33.0692 0x1bb0  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:01:33.0692 0x1bb0  hidi2c - ok
18:01:33.0708 0x1bb0  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:01:33.0708 0x1bb0  HidIr - ok
18:01:33.0739 0x1bb0  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:01:33.0739 0x1bb0  hidserv - ok
18:01:33.0771 0x1bb0  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:01:33.0771 0x1bb0  HidUsb - ok
18:01:33.0802 0x1bb0  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:01:33.0802 0x1bb0  hkmsvc - ok
18:01:33.0833 0x1bb0  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:01:33.0833 0x1bb0  HomeGroupListener - ok
18:01:33.0864 0x1bb0  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:01:33.0880 0x1bb0  HomeGroupProvider - ok
18:01:33.0896 0x1bb0  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:01:33.0896 0x1bb0  HpSAMD - ok
18:01:33.0942 0x1bb0  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:01:33.0942 0x1bb0  HTTP - ok
18:01:33.0989 0x1bb0  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:01:33.0989 0x1bb0  hwpolicy - ok
18:01:34.0005 0x1bb0  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:01:34.0005 0x1bb0  hyperkbd - ok
18:01:34.0021 0x1bb0  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:01:34.0021 0x1bb0  HyperVideo - ok
18:01:34.0067 0x1bb0  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:01:34.0067 0x1bb0  i8042prt - ok
18:01:34.0083 0x1bb0  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:01:34.0083 0x1bb0  iaLPSSi_GPIO - ok
18:01:34.0099 0x1bb0  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:01:34.0099 0x1bb0  iaLPSSi_I2C - ok
18:01:34.0161 0x1bb0  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:01:34.0177 0x1bb0  iaStorA - ok
18:01:34.0193 0x1bb0  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:01:34.0208 0x1bb0  iaStorAV - ok
18:01:34.0303 0x1bb0  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:01:34.0303 0x1bb0  IAStorDataMgrSvc - ok
18:01:34.0350 0x1bb0  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:01:34.0366 0x1bb0  iaStorV - ok
18:01:34.0366 0x1bb0  IEEtwCollectorService - ok
18:01:34.0491 0x1bb0  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:01:34.0537 0x1bb0  igfx - ok
18:01:34.0600 0x1bb0  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:01:34.0631 0x1bb0  IKEEXT - ok
18:01:34.0662 0x1bb0  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:01:34.0662 0x1bb0  intaud_WaveExtensible - ok
18:01:34.0709 0x1bb0  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:01:34.0756 0x1bb0  Intel(R) Capability Licensing Service Interface - ok
18:01:34.0803 0x1bb0  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:01:34.0834 0x1bb0  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:01:34.0866 0x1bb0  [ 0DA6BAF6CF50F4F0A04334BF0DCF6C9A, DA78102C133D8978942BE8236F34B690F6F15068C2ADF1F18E26D7D5FBAD8B05 ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
18:01:34.0866 0x1bb0  IntelHSWPcc - ok
18:01:34.0881 0x1bb0  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:01:34.0881 0x1bb0  intelide - ok
18:01:34.0897 0x1bb0  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:01:34.0897 0x1bb0  intelpep - ok
18:01:34.0912 0x1bb0  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:01:34.0912 0x1bb0  intelppm - ok
18:01:34.0944 0x1bb0  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:01:34.0944 0x1bb0  IpFilterDriver - ok
18:01:34.0975 0x1bb0  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:01:34.0991 0x1bb0  iphlpsvc - ok
18:01:35.0006 0x1bb0  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:01:35.0022 0x1bb0  IPMIDRV - ok
18:01:35.0038 0x1bb0  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:01:35.0038 0x1bb0  IPNAT - ok
18:01:35.0069 0x1bb0  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:01:35.0084 0x1bb0  iPod Service - ok
18:01:35.0100 0x1bb0  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:01:35.0100 0x1bb0  IRENUM - ok
18:01:35.0131 0x1bb0  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:01:35.0131 0x1bb0  isapnp - ok
18:01:35.0163 0x1bb0  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:01:35.0163 0x1bb0  iScsiPrt - ok
18:01:35.0195 0x1bb0  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:01:35.0195 0x1bb0  iwdbus - ok
18:01:35.0304 0x1bb0  [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:01:35.0320 0x1bb0  jhi_service - ok
18:01:35.0335 0x1bb0  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:01:35.0335 0x1bb0  kbdclass - ok
18:01:35.0366 0x1bb0  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:01:35.0366 0x1bb0  kbdhid - ok
18:01:35.0413 0x1bb0  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:01:35.0413 0x1bb0  kdnic - ok
18:01:35.0429 0x1bb0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:01:35.0445 0x1bb0  KeyIso - ok
18:01:35.0460 0x1bb0  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:01:35.0476 0x1bb0  KSecDD - ok
18:01:35.0507 0x1bb0  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:01:35.0507 0x1bb0  KSecPkg - ok
18:01:35.0523 0x1bb0  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:01:35.0523 0x1bb0  ksthunk - ok
18:01:35.0554 0x1bb0  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:01:35.0570 0x1bb0  KtmRm - ok
18:01:35.0601 0x1bb0  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
18:01:35.0601 0x1bb0  L1C - ok
18:01:35.0632 0x1bb0  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:01:35.0632 0x1bb0  LanmanServer - ok
18:01:35.0679 0x1bb0  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:01:35.0679 0x1bb0  LanmanWorkstation - ok
18:01:35.0710 0x1bb0  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:01:35.0726 0x1bb0  lfsvc - ok
18:01:35.0742 0x1bb0  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:01:35.0742 0x1bb0  lltdio - ok
18:01:35.0773 0x1bb0  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:01:35.0773 0x1bb0  lltdsvc - ok
18:01:35.0788 0x1bb0  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:01:35.0804 0x1bb0  lmhosts - ok
18:01:35.0851 0x1bb0  [ 53CC0D5394A28C3344285357E85B2DA1, F02B892E21DABC14143770BA2F710CACDC6437811CEB86EECAB0A6A6F3F8359E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:01:35.0866 0x1bb0  LMS - ok
18:01:35.0898 0x1bb0  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:01:35.0913 0x1bb0  LSI_SAS - ok
18:01:35.0929 0x1bb0  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:01:35.0929 0x1bb0  LSI_SAS2 - ok
18:01:35.0945 0x1bb0  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:01:35.0945 0x1bb0  LSI_SAS3 - ok
18:01:35.0960 0x1bb0  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:01:35.0960 0x1bb0  LSI_SSS - ok
18:01:35.0991 0x1bb0  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
18:01:36.0007 0x1bb0  LSM - ok
18:01:36.0038 0x1bb0  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:01:36.0038 0x1bb0  luafv - ok
18:01:36.0054 0x1bb0  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:01:36.0054 0x1bb0  megasas - ok
18:01:36.0070 0x1bb0  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:01:36.0085 0x1bb0  megasr - ok
18:01:36.0116 0x1bb0  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:01:36.0116 0x1bb0  MEIx64 - ok
18:01:36.0163 0x1bb0  Microsoft SharePoint Workspace Audit Service - ok
18:01:36.0195 0x1bb0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:01:36.0210 0x1bb0  MMCSS - ok
18:01:36.0242 0x1bb0  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:01:36.0257 0x1bb0  Modem - ok
18:01:36.0273 0x1bb0  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:01:36.0273 0x1bb0  monitor - ok
18:01:36.0289 0x1bb0  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:01:36.0289 0x1bb0  mouclass - ok
18:01:36.0320 0x1bb0  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:01:36.0320 0x1bb0  mouhid - ok
18:01:36.0367 0x1bb0  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:01:36.0367 0x1bb0  mountmgr - ok
18:01:36.0398 0x1bb0  [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:01:36.0414 0x1bb0  MozillaMaintenance - ok
18:01:36.0445 0x1bb0  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:01:36.0445 0x1bb0  mpsdrv - ok
18:01:36.0507 0x1bb0  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:01:36.0523 0x1bb0  MpsSvc - ok
18:01:36.0554 0x1bb0  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:01:36.0554 0x1bb0  MRxDAV - ok
18:01:36.0586 0x1bb0  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:01:36.0586 0x1bb0  mrxsmb - ok
18:01:36.0617 0x1bb0  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:01:36.0617 0x1bb0  mrxsmb10 - ok
18:01:36.0648 0x1bb0  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:01:36.0648 0x1bb0  mrxsmb20 - ok
18:01:36.0679 0x1bb0  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:01:36.0679 0x1bb0  MsBridge - ok
18:01:36.0711 0x1bb0  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:01:36.0711 0x1bb0  MSDTC - ok
18:01:36.0757 0x1bb0  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:01:36.0757 0x1bb0  Msfs - ok
18:01:36.0789 0x1bb0  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:01:36.0789 0x1bb0  msgpiowin32 - ok
18:01:36.0804 0x1bb0  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:01:36.0804 0x1bb0  mshidkmdf - ok
18:01:36.0820 0x1bb0  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:01:36.0820 0x1bb0  mshidumdf - ok
18:01:36.0851 0x1bb0  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:01:36.0851 0x1bb0  msisadrv - ok
18:01:36.0882 0x1bb0  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:01:36.0882 0x1bb0  MSiSCSI - ok
18:01:36.0882 0x1bb0  msiserver - ok
18:01:36.0898 0x1bb0  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:01:36.0898 0x1bb0  MSKSSRV - ok
18:01:36.0929 0x1bb0  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:01:36.0929 0x1bb0  MsLldp - ok
18:01:36.0945 0x1bb0  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:01:36.0945 0x1bb0  MSPCLOCK - ok
18:01:36.0961 0x1bb0  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:01:36.0961 0x1bb0  MSPQM - ok
18:01:36.0976 0x1bb0  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:01:36.0992 0x1bb0  MsRPC - ok
18:01:36.0992 0x1bb0  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:01:36.0992 0x1bb0  mssmbios - ok
18:01:37.0008 0x1bb0  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:01:37.0008 0x1bb0  MSTEE - ok
18:01:37.0023 0x1bb0  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:01:37.0023 0x1bb0  MTConfig - ok
18:01:37.0039 0x1bb0  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:01:37.0039 0x1bb0  Mup - ok
18:01:37.0054 0x1bb0  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:01:37.0054 0x1bb0  mvumis - ok
18:01:37.0086 0x1bb0  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:01:37.0101 0x1bb0  napagent - ok
18:01:37.0133 0x1bb0  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:01:37.0148 0x1bb0  NativeWifiP - ok
18:01:37.0164 0x1bb0  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:01:37.0179 0x1bb0  NcaSvc - ok
18:01:37.0195 0x1bb0  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:01:37.0211 0x1bb0  NcbService - ok
18:01:37.0226 0x1bb0  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:01:37.0242 0x1bb0  NcdAutoSetup - ok
18:01:37.0289 0x1bb0  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:01:37.0289 0x1bb0  NDIS - ok
18:01:37.0336 0x1bb0  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:01:37.0336 0x1bb0  NdisCap - ok
18:01:37.0382 0x1bb0  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:01:37.0382 0x1bb0  NdisImPlatform - ok
18:01:37.0398 0x1bb0  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:01:37.0398 0x1bb0  NdisTapi - ok
18:01:37.0429 0x1bb0  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:01:37.0429 0x1bb0  Ndisuio - ok
18:01:37.0445 0x1bb0  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:01:37.0445 0x1bb0  NdisVirtualBus - ok
18:01:37.0476 0x1bb0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:01:37.0476 0x1bb0  NdisWan - ok
18:01:37.0492 0x1bb0  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:01:37.0492 0x1bb0  NdisWanLegacy - ok
18:01:37.0539 0x1bb0  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:01:37.0539 0x1bb0  NDProxy - ok
18:01:37.0570 0x1bb0  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:01:37.0570 0x1bb0  Ndu - ok
18:01:37.0601 0x1bb0  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:01:37.0601 0x1bb0  NetBIOS - ok
18:01:37.0648 0x1bb0  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:01:37.0664 0x1bb0  NetBT - ok
18:01:37.0679 0x1bb0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:01:37.0679 0x1bb0  Netlogon - ok
18:01:37.0726 0x1bb0  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
18:01:37.0726 0x1bb0  Netman - ok
18:01:37.0773 0x1bb0  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:01:37.0789 0x1bb0  netprofm - ok
18:01:37.0820 0x1bb0  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:01:37.0820 0x1bb0  NetTcpPortSharing - ok
18:01:37.0851 0x1bb0  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
18:01:37.0851 0x1bb0  netvsc - ok
18:01:37.0898 0x1bb0  [ FC91D7804B8FE5C2F0B12585C612F592, 0F43466D0F52D6A5282BD076005AC5F615C8CFCAC0D4B17B152E8AD0F556CB08 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
18:01:37.0914 0x1bb0  NitroDriverReadSpool8 - ok
18:01:37.0961 0x1bb0  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:01:37.0976 0x1bb0  NlaSvc - ok
18:01:38.0023 0x1bb0  [ 21D28C3448983A072B907E9BAC93D223, 27EF785F8A26E461EE9CDA18445E4896EB5BAE73ABE77262639320D45BC6A512 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
18:01:38.0023 0x1bb0  nlsX86cc - ok
18:01:38.0054 0x1bb0  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:01:38.0054 0x1bb0  Npfs - ok
18:01:38.0086 0x1bb0  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:01:38.0086 0x1bb0  npsvctrig - ok
18:01:38.0101 0x1bb0  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:01:38.0101 0x1bb0  nsi - ok
18:01:38.0132 0x1bb0  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:01:38.0132 0x1bb0  nsiproxy - ok
18:01:38.0242 0x1bb0  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:01:38.0273 0x1bb0  Ntfs - ok
18:01:38.0289 0x1bb0  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:01:38.0289 0x1bb0  Null - ok
18:01:38.0586 0x1bb0  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:01:38.0711 0x1bb0  nvlddmkm - ok
18:01:38.0851 0x1bb0  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:01:38.0867 0x1bb0  NvNetworkService - ok
18:01:38.0883 0x1bb0  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
18:01:38.0883 0x1bb0  nvpciflt - ok
18:01:38.0914 0x1bb0  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:01:38.0914 0x1bb0  nvraid - ok
18:01:38.0930 0x1bb0  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:01:38.0930 0x1bb0  nvstor - ok
18:01:39.0336 0x1bb0  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:01:39.0523 0x1bb0  NvStreamSvc - ok
18:01:39.0601 0x1bb0  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
18:01:39.0617 0x1bb0  nvsvc - ok
18:01:39.0648 0x1bb0  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:01:39.0648 0x1bb0  nvvad_WaveExtensible - ok
18:01:39.0664 0x1bb0  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:01:39.0664 0x1bb0  nv_agp - ok
18:01:39.0711 0x1bb0  [ B3E5887095F1DE8737DA3441D29F60E4, 722DCC5F8AE62C7EE87C14AFA447EB630EDDB23C56E921E5FA8C72C12011C676 ] ogmservice      C:\Program Files (x86)\Online Games Manager\ogmservice.exe
18:01:39.0711 0x1bb0  ogmservice - ok
18:01:39.0773 0x1bb0  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:01:39.0773 0x1bb0  ose - ok
18:01:39.0976 0x1bb0  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:01:40.0039 0x1bb0  osppsvc - ok
18:01:40.0070 0x1bb0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:01:40.0070 0x1bb0  p2pimsvc - ok
18:01:40.0101 0x1bb0  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:01:40.0117 0x1bb0  p2psvc - ok
18:01:40.0148 0x1bb0  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:01:40.0148 0x1bb0  Parport - ok
18:01:40.0164 0x1bb0  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:01:40.0164 0x1bb0  partmgr - ok
18:01:40.0195 0x1bb0  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:01:40.0195 0x1bb0  PcaSvc - ok
18:01:40.0226 0x1bb0  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:01:40.0226 0x1bb0  pci - ok
18:01:40.0242 0x1bb0  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:01:40.0242 0x1bb0  pciide - ok
18:01:40.0242 0x1bb0  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:01:40.0258 0x1bb0  pcmcia - ok
18:01:40.0258 0x1bb0  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:01:40.0258 0x1bb0  pcw - ok
18:01:40.0273 0x1bb0  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:01:40.0273 0x1bb0  pdc - ok
18:01:40.0305 0x1bb0  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:01:40.0320 0x1bb0  PEAUTH - ok
18:01:40.0352 0x1bb0  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:01:40.0352 0x1bb0  PerfHost - ok
18:01:40.0461 0x1bb0  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
18:01:40.0492 0x1bb0  pla - ok
18:01:40.0508 0x1bb0  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:01:40.0523 0x1bb0  PlugPlay - ok
18:01:40.0539 0x1bb0  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:01:40.0555 0x1bb0  PNRPAutoReg - ok
18:01:40.0570 0x1bb0  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:01:40.0570 0x1bb0  PNRPsvc - ok
18:01:40.0602 0x1bb0  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:01:40.0602 0x1bb0  PolicyAgent - ok
18:01:40.0633 0x1bb0  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
18:01:40.0633 0x1bb0  Power - ok
18:01:40.0805 0x1bb0  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:01:40.0836 0x1bb0  PrintNotify - ok
18:01:40.0867 0x1bb0  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:01:40.0867 0x1bb0  Processor - ok
18:01:40.0914 0x1bb0  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:01:40.0914 0x1bb0  ProfSvc - ok
18:01:40.0945 0x1bb0  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:01:40.0945 0x1bb0  Psched - ok
18:01:40.0977 0x1bb0  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:01:40.0977 0x1bb0  QWAVE - ok
18:01:41.0008 0x1bb0  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:01:41.0008 0x1bb0  QWAVEdrv - ok
18:01:41.0039 0x1bb0  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:01:41.0039 0x1bb0  RasAcd - ok
18:01:41.0070 0x1bb0  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:01:41.0086 0x1bb0  RasAuto - ok
18:01:41.0133 0x1bb0  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:01:41.0148 0x1bb0  RasMan - ok
18:01:41.0180 0x1bb0  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:01:41.0180 0x1bb0  RasPppoe - ok
18:01:41.0227 0x1bb0  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:01:41.0227 0x1bb0  rdbss - ok
18:01:41.0258 0x1bb0  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:01:41.0258 0x1bb0  rdpbus - ok
18:01:41.0273 0x1bb0  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:01:41.0289 0x1bb0  RDPDR - ok
18:01:41.0320 0x1bb0  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:01:41.0320 0x1bb0  RdpVideoMiniport - ok
18:01:41.0367 0x1bb0  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:01:41.0367 0x1bb0  rdyboost - ok
18:01:41.0430 0x1bb0  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:01:41.0445 0x1bb0  ReFS - ok
18:01:41.0477 0x1bb0  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:01:41.0477 0x1bb0  RemoteAccess - ok
18:01:41.0508 0x1bb0  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:01:41.0508 0x1bb0  RemoteRegistry - ok
18:01:41.0555 0x1bb0  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:01:41.0555 0x1bb0  RFCOMM - ok
18:01:41.0602 0x1bb0  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:01:41.0602 0x1bb0  RpcEptMapper - ok
18:01:41.0633 0x1bb0  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:01:41.0633 0x1bb0  RpcLocator - ok
18:01:41.0680 0x1bb0  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:01:41.0711 0x1bb0  RpcSs - ok
18:01:41.0742 0x1bb0  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:01:41.0742 0x1bb0  rspndr - ok
18:01:41.0758 0x1bb0  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:01:41.0758 0x1bb0  s3cap - ok
18:01:41.0789 0x1bb0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
18:01:41.0789 0x1bb0  SamSs - ok
18:01:41.0820 0x1bb0  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:01:41.0820 0x1bb0  sbp2port - ok
18:01:41.0852 0x1bb0  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:01:41.0867 0x1bb0  SCardSvr - ok
18:01:41.0914 0x1bb0  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:01:41.0914 0x1bb0  ScDeviceEnum - ok
18:01:41.0945 0x1bb0  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:01:41.0945 0x1bb0  scfilter - ok
18:01:42.0039 0x1bb0  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:01:42.0055 0x1bb0  Schedule - ok
18:01:42.0086 0x1bb0  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:01:42.0086 0x1bb0  SCPolicySvc - ok
18:01:42.0102 0x1bb0  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:01:42.0117 0x1bb0  sdbus - ok
18:01:42.0149 0x1bb0  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:01:42.0149 0x1bb0  sdstor - ok
18:01:42.0180 0x1bb0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:01:42.0180 0x1bb0  secdrv - ok
18:01:42.0211 0x1bb0  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:01:42.0211 0x1bb0  seclogon - ok
18:01:42.0242 0x1bb0  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
18:01:42.0242 0x1bb0  SENS - ok
18:01:42.0274 0x1bb0  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:01:42.0289 0x1bb0  SensrSvc - ok
18:01:42.0305 0x1bb0  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:01:42.0321 0x1bb0  SerCx - ok
18:01:42.0336 0x1bb0  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:01:42.0336 0x1bb0  SerCx2 - ok
18:01:42.0367 0x1bb0  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:01:42.0367 0x1bb0  Serenum - ok
18:01:42.0383 0x1bb0  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:01:42.0383 0x1bb0  Serial - ok
18:01:42.0414 0x1bb0  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:01:42.0414 0x1bb0  sermouse - ok
18:01:42.0461 0x1bb0  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:01:42.0461 0x1bb0  SessionEnv - ok
18:01:42.0477 0x1bb0  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:01:42.0477 0x1bb0  sfloppy - ok
18:01:42.0508 0x1bb0  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:01:42.0508 0x1bb0  SharedAccess - ok
18:01:42.0539 0x1bb0  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:01:42.0539 0x1bb0  ShellHWDetection - ok
18:01:42.0571 0x1bb0  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:01:42.0586 0x1bb0  SiSRaid2 - ok
18:01:42.0602 0x1bb0  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:01:42.0602 0x1bb0  SiSRaid4 - ok
18:01:42.0633 0x1bb0  [ 7C954BD3BE2B7448AA7340D82605DF48, 6F0997EDE9F160308823427CBD64F41AE1FB5149AF2A5483658A9279A57DA97F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:01:42.0633 0x1bb0  SmbDrvI - ok
18:01:42.0664 0x1bb0  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
18:01:42.0664 0x1bb0  smphost - ok
18:01:42.0696 0x1bb0  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:01:42.0696 0x1bb0  SNMPTRAP - ok
18:01:42.0742 0x1bb0  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:01:42.0758 0x1bb0  spaceport - ok
18:01:42.0774 0x1bb0  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:01:42.0774 0x1bb0  SpbCx - ok
18:01:42.0836 0x1bb0  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:01:42.0852 0x1bb0  Spooler - ok
18:01:43.0039 0x1bb0  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:01:43.0117 0x1bb0  sppsvc - ok
18:01:43.0149 0x1bb0  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:01:43.0149 0x1bb0  srv - ok
18:01:43.0180 0x1bb0  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:01:43.0196 0x1bb0  srv2 - ok
18:01:43.0227 0x1bb0  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:01:43.0227 0x1bb0  srvnet - ok
18:01:43.0258 0x1bb0  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:01:43.0258 0x1bb0  SSDPSRV - ok
18:01:43.0289 0x1bb0  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:01:43.0289 0x1bb0  SstpSvc - ok
18:01:43.0383 0x1bb0  [ 580777FCF0DA9AE78B4D07A11E5F14CD, 2F2BE84ECB035C5E9DA538409398A1F56C62F4BD4F304EF088DAD49CA82735FD ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:01:43.0383 0x1bb0  STacSV - ok
18:01:43.0414 0x1bb0  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:01:43.0430 0x1bb0  stexstor - ok
18:01:43.0461 0x1bb0  [ 54ED2C1F251CF19EB3E965857BACF6F7, 38415A17FE41A9FA0CFBC9E3B041DF77B3FB97B255AE3B4E10FD6F22D9E871E2 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:01:43.0477 0x1bb0  STHDA - ok
18:01:43.0524 0x1bb0  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:01:43.0539 0x1bb0  stisvc - ok
18:01:43.0539 0x1bb0  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:01:43.0555 0x1bb0  storahci - ok
18:01:43.0571 0x1bb0  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:01:43.0571 0x1bb0  storflt - ok
18:01:43.0602 0x1bb0  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:01:43.0602 0x1bb0  stornvme - ok
18:01:43.0618 0x1bb0  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:01:43.0633 0x1bb0  StorSvc - ok
18:01:43.0649 0x1bb0  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:01:43.0649 0x1bb0  storvsc - ok
18:01:43.0664 0x1bb0  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:01:43.0680 0x1bb0  svsvc - ok
18:01:43.0696 0x1bb0  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:01:43.0711 0x1bb0  swenum - ok
18:01:43.0743 0x1bb0  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
18:01:43.0758 0x1bb0  swprv - ok
18:01:43.0789 0x1bb0  [ 890D687A16CFFBEC96905CA25AAF4F4E, E96D5E65585192297343555F65ABA66624DC146C8DFE30085F7E004843B22DEE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:01:43.0805 0x1bb0  SynTP - ok
18:01:43.0883 0x1bb0  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:01:43.0914 0x1bb0  SysMain - ok
18:01:43.0946 0x1bb0  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:01:43.0961 0x1bb0  SystemEventsBroker - ok
18:01:43.0993 0x1bb0  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:01:43.0993 0x1bb0  TabletInputService - ok
18:01:44.0024 0x1bb0  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:01:44.0024 0x1bb0  TapiSrv - ok
18:01:44.0102 0x1bb0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:01:44.0133 0x1bb0  Tcpip - ok
18:01:44.0180 0x1bb0  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:01:44.0211 0x1bb0  TCPIP6 - ok
18:01:44.0243 0x1bb0  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:01:44.0243 0x1bb0  tcpipreg - ok
18:01:44.0274 0x1bb0  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:01:44.0274 0x1bb0  tdx - ok
18:01:44.0305 0x1bb0  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:01:44.0305 0x1bb0  terminpt - ok
18:01:44.0352 0x1bb0  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:01:44.0368 0x1bb0  TermService - ok
18:01:44.0399 0x1bb0  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
18:01:44.0399 0x1bb0  Themes - ok
18:01:44.0430 0x1bb0  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:01:44.0430 0x1bb0  THREADORDER - ok
18:01:44.0461 0x1bb0  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:01:44.0461 0x1bb0  TimeBroker - ok
18:01:44.0477 0x1bb0  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:01:44.0493 0x1bb0  TPM - ok
18:01:44.0508 0x1bb0  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:01:44.0508 0x1bb0  TrkWks - ok
18:01:44.0524 0x1bb0  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:01:44.0539 0x1bb0  TrustedInstaller - ok
18:01:44.0555 0x1bb0  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:01:44.0555 0x1bb0  TsUsbFlt - ok
18:01:44.0571 0x1bb0  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:01:44.0571 0x1bb0  TsUsbGD - ok
18:01:44.0602 0x1bb0  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:01:44.0602 0x1bb0  tunnel - ok
18:01:44.0633 0x1bb0  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:01:44.0633 0x1bb0  uagp35 - ok
18:01:44.0649 0x1bb0  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:01:44.0649 0x1bb0  UASPStor - ok
18:01:44.0664 0x1bb0  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:01:44.0680 0x1bb0  UCX01000 - ok
18:01:44.0711 0x1bb0  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:01:44.0711 0x1bb0  udfs - ok
18:01:44.0727 0x1bb0  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:01:44.0727 0x1bb0  UEFI - ok
18:01:44.0758 0x1bb0  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:01:44.0758 0x1bb0  UI0Detect - ok
18:01:44.0774 0x1bb0  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:01:44.0774 0x1bb0  uliagpkx - ok
18:01:44.0789 0x1bb0  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:01:44.0805 0x1bb0  umbus - ok
18:01:44.0821 0x1bb0  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:01:44.0821 0x1bb0  UmPass - ok
18:01:44.0852 0x1bb0  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:01:44.0852 0x1bb0  UmRdpService - ok
18:01:44.0899 0x1bb0  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:01:44.0899 0x1bb0  upnphost - ok
18:01:44.0930 0x1bb0  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:01:44.0930 0x1bb0  USBAAPL64 - ok
18:01:44.0961 0x1bb0  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:01:44.0961 0x1bb0  usbccgp - ok
18:01:44.0977 0x1bb0  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:01:44.0993 0x1bb0  usbcir - ok
18:01:45.0024 0x1bb0  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:01:45.0024 0x1bb0  usbehci - ok
18:01:45.0055 0x1bb0  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:01:45.0055 0x1bb0  usbhub - ok
18:01:45.0086 0x1bb0  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:01:45.0086 0x1bb0  USBHUB3 - ok
18:01:45.0118 0x1bb0  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:01:45.0118 0x1bb0  usbohci - ok
18:01:45.0149 0x1bb0  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:01:45.0149 0x1bb0  usbprint - ok
18:01:45.0180 0x1bb0  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:01:45.0180 0x1bb0  USBSTOR - ok
18:01:45.0196 0x1bb0  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:01:45.0196 0x1bb0  usbuhci - ok
18:01:45.0227 0x1bb0  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:01:45.0227 0x1bb0  USBXHCI - ok
18:01:45.0243 0x1bb0  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:01:45.0243 0x1bb0  VaultSvc - ok
18:01:45.0305 0x1bb0  VBoxAswDrv - ok
18:01:45.0336 0x1bb0  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:01:45.0352 0x1bb0  vdrvroot - ok
18:01:45.0430 0x1bb0  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
18:01:45.0446 0x1bb0  vds - ok
18:01:45.0555 0x1bb0  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
18:01:45.0555 0x1bb0  VeriFaceSrv - ok
18:01:45.0649 0x1bb0  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:01:45.0649 0x1bb0  VerifierExt - ok
18:01:45.0821 0x1bb0  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:01:45.0836 0x1bb0  vhdmp - ok
18:01:45.0868 0x1bb0  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:01:45.0868 0x1bb0  viaide - ok
18:01:45.0946 0x1bb0  [ 596B4C350D0E7F4EE634C41F87FD0ED6, C856DAED8D749A600B8AC5DCEE84AB71EFA12B2181BE417174EF2C5C331A131C ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
18:01:45.0961 0x1bb0  vm331avs - ok
18:01:46.0008 0x1bb0  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:01:46.0008 0x1bb0  vmbus - ok
18:01:46.0024 0x1bb0  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:01:46.0024 0x1bb0  VMBusHID - ok
18:01:46.0055 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:01:46.0055 0x1bb0  vmicguestinterface - ok
18:01:46.0071 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:01:46.0086 0x1bb0  vmicheartbeat - ok
18:01:46.0086 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:01:46.0102 0x1bb0  vmickvpexchange - ok
18:01:46.0102 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:01:46.0118 0x1bb0  vmicrdv - ok
18:01:46.0133 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:01:46.0133 0x1bb0  vmicshutdown - ok
18:01:46.0149 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:01:46.0149 0x1bb0  vmictimesync - ok
18:01:46.0165 0x1bb0  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:01:46.0180 0x1bb0  vmicvss - ok
18:01:46.0180 0x1bb0  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:01:46.0180 0x1bb0  volmgr - ok
18:01:46.0196 0x1bb0  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:01:46.0196 0x1bb0  volmgrx - ok
18:01:46.0227 0x1bb0  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:01:46.0243 0x1bb0  volsnap - ok
18:01:46.0274 0x1bb0  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:01:46.0274 0x1bb0  vpci - ok
18:01:46.0290 0x1bb0  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:01:46.0305 0x1bb0  vsmraid - ok
18:01:46.0383 0x1bb0  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
18:01:46.0415 0x1bb0  VSS - ok
18:01:46.0430 0x1bb0  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:01:46.0430 0x1bb0  VSTXRAID - ok
18:01:46.0493 0x1bb0  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:01:46.0493 0x1bb0  vwifibus - ok
18:01:46.0524 0x1bb0  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:01:46.0524 0x1bb0  vwififlt - ok
18:01:46.0555 0x1bb0  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:01:46.0555 0x1bb0  vwifimp - ok
18:01:46.0602 0x1bb0  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:01:46.0633 0x1bb0  W32Time - ok
18:01:46.0665 0x1bb0  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:01:46.0665 0x1bb0  WacomPen - ok
18:01:46.0758 0x1bb0  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:01:46.0774 0x1bb0  wbengine - ok
18:01:46.0805 0x1bb0  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:01:46.0805 0x1bb0  WbioSrvc - ok
18:01:46.0852 0x1bb0  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:01:46.0852 0x1bb0  Wcmsvc - ok
18:01:46.0883 0x1bb0  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:01:46.0883 0x1bb0  wcncsvc - ok
18:01:46.0915 0x1bb0  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:01:46.0915 0x1bb0  WcsPlugInService - ok
18:01:46.0946 0x1bb0  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:01:46.0946 0x1bb0  WdBoot - ok
18:01:46.0961 0x1bb0  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:01:46.0977 0x1bb0  Wdf01000 - ok
18:01:47.0024 0x1bb0  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:01:47.0040 0x1bb0  WdFilter - ok
18:01:47.0071 0x1bb0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:01:47.0087 0x1bb0  WdiServiceHost - ok
18:01:47.0103 0x1bb0  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:01:47.0103 0x1bb0  WdiSystemHost - ok
18:01:47.0118 0x1bb0  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:01:47.0134 0x1bb0  WdNisDrv - ok
18:01:47.0150 0x1bb0  WdNisSvc - ok
18:01:47.0196 0x1bb0  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:01:47.0196 0x1bb0  WebClient - ok
18:01:47.0228 0x1bb0  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:01:47.0243 0x1bb0  Wecsvc - ok
18:01:47.0259 0x1bb0  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:01:47.0275 0x1bb0  WEPHOSTSVC - ok
18:01:47.0306 0x1bb0  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:01:47.0306 0x1bb0  wercplsupport - ok
18:01:47.0337 0x1bb0  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:01:47.0353 0x1bb0  WerSvc - ok
18:01:47.0384 0x1bb0  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:01:47.0384 0x1bb0  WFPLWFS - ok
18:01:47.0431 0x1bb0  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:01:47.0431 0x1bb0  WiaRpc - ok
18:01:47.0462 0x1bb0  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:01:47.0462 0x1bb0  WIMMount - ok
18:01:47.0478 0x1bb0  WinDefend - ok
18:01:47.0556 0x1bb0  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:01:47.0587 0x1bb0  WinHttpAutoProxySvc - ok
18:01:47.0650 0x1bb0  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:01:47.0665 0x1bb0  Winmgmt - ok
18:01:47.0791 0x1bb0  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:01:47.0838 0x1bb0  WinRM - ok
18:01:47.0854 0x1bb0  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
18:01:47.0854 0x1bb0  WinUsb - ok
18:01:47.0901 0x1bb0  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:01:47.0932 0x1bb0  WlanSvc - ok
18:01:48.0010 0x1bb0  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:01:48.0026 0x1bb0  wlidsvc - ok
18:01:48.0041 0x1bb0  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:01:48.0041 0x1bb0  WmiAcpi - ok
18:01:48.0073 0x1bb0  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:01:48.0088 0x1bb0  wmiApSrv - ok
18:01:48.0119 0x1bb0  WMPNetworkSvc - ok
18:01:48.0151 0x1bb0  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:01:48.0151 0x1bb0  Wof - ok
18:01:48.0198 0x1bb0  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:01:48.0229 0x1bb0  workfolderssvc - ok
18:01:48.0260 0x1bb0  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:01:48.0260 0x1bb0  wpcfltr - ok
18:01:48.0276 0x1bb0  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:01:48.0276 0x1bb0  WPCSvc - ok
18:01:48.0307 0x1bb0  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:01:48.0307 0x1bb0  WPDBusEnum - ok
18:01:48.0338 0x1bb0  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:01:48.0338 0x1bb0  WpdUpFltr - ok
18:01:48.0354 0x1bb0  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:01:48.0369 0x1bb0  ws2ifsl - ok
18:01:48.0385 0x1bb0  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:01:48.0401 0x1bb0  wscsvc - ok
18:01:48.0416 0x1bb0  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:01:48.0416 0x1bb0  WSDPrintDevice - ok
18:01:48.0432 0x1bb0  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
18:01:48.0432 0x1bb0  WSDScan - ok
18:01:48.0432 0x1bb0  WSearch - ok
18:01:48.0557 0x1bb0  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
18:01:48.0604 0x1bb0  WSService - ok
18:01:48.0635 0x1bb0  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
18:01:48.0635 0x1bb0  wsvd - ok
18:01:48.0776 0x1bb0  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:01:48.0823 0x1bb0  wuauserv - ok
18:01:48.0854 0x1bb0  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:01:48.0854 0x1bb0  WudfPf - ok
18:01:48.0869 0x1bb0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:01:48.0885 0x1bb0  WUDFRd - ok
18:01:48.0916 0x1bb0  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:01:48.0916 0x1bb0  wudfsvc - ok
18:01:48.0916 0x1bb0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
18:01:48.0916 0x1bb0  WUDFWpdFs - ok
18:01:48.0932 0x1bb0  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
18:01:48.0932 0x1bb0  WUDFWpdMtp - ok
18:01:48.0963 0x1bb0  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:01:48.0979 0x1bb0  WwanSvc - ok
18:01:48.0979 0x1bb0  ================ Scan global ===============================
18:01:49.0010 0x1bb0  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
18:01:49.0041 0x1bb0  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
18:01:49.0057 0x1bb0  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
18:01:49.0104 0x1bb0  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
18:01:49.0104 0x1bb0  [ Global ] - ok
18:01:49.0104 0x1bb0  ================ Scan MBR ==================================
18:01:49.0119 0x1bb0  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:01:49.0135 0x1bb0  \Device\Harddisk0\DR0 - ok
18:01:49.0135 0x1bb0  ================ Scan VBR ==================================
18:01:49.0135 0x1bb0  [ 45E6E1CC4750360B30853052D02D092E ] \Device\Harddisk0\DR0\Partition1
18:01:49.0198 0x1bb0  \Device\Harddisk0\DR0\Partition1 - ok
18:01:49.0213 0x1bb0  [ 45FCF55B66ACFD5B2B3DA455CE66592F ] \Device\Harddisk0\DR0\Partition2
18:01:49.0276 0x1bb0  \Device\Harddisk0\DR0\Partition2 - ok
18:01:49.0291 0x1bb0  [ BB108EFC330C8D7DE26516A9861ECFEA ] \Device\Harddisk0\DR0\Partition3
18:01:49.0354 0x1bb0  \Device\Harddisk0\DR0\Partition3 - ok
18:01:49.0370 0x1bb0  [ 75B198DDEABD11957D0A8CE751F5275D ] \Device\Harddisk0\DR0\Partition4
18:01:49.0370 0x1bb0  \Device\Harddisk0\DR0\Partition4 - ok
18:01:49.0370 0x1bb0  [ A0E19FEA4E6CBC7D11F8512BD0051EF7 ] \Device\Harddisk0\DR0\Partition5
18:01:49.0448 0x1bb0  \Device\Harddisk0\DR0\Partition5 - ok
18:01:49.0479 0x1bb0  [ 8C186B5FEF83644D78D50A58511B353F ] \Device\Harddisk0\DR0\Partition6
18:01:49.0495 0x1bb0  \Device\Harddisk0\DR0\Partition6 - ok
18:01:49.0510 0x1bb0  [ C8015BFEB4BCD688A221E75FDA2E83C1 ] \Device\Harddisk0\DR0\Partition7
18:01:49.0526 0x1bb0  \Device\Harddisk0\DR0\Partition7 - ok
18:01:49.0541 0x1bb0  [ 543D6D4AB04BF3DAF87850E87AF20115 ] \Device\Harddisk0\DR0\Partition8
18:01:49.0541 0x1bb0  \Device\Harddisk0\DR0\Partition8 - ok
         

Alt 02.01.2016, 18:16   #10
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Report TDSSKiller Teil 3



Code:
ATTFilter
18:01:49.0541 0x1bb0  ================ Scan generic autorun ======================
18:01:49.0588 0x1bb0  [ 2FA26C993349B4D2016CBE21A49E5432, 9AD05224E1E2306271D1E2D74B63253F3807D4C60F8B94B661527B311D7E892A ] C:\WINDOWS\system32\igfxtray.exe
18:01:49.0604 0x1bb0  IgfxTray - ok
18:01:49.0635 0x1bb0  [ A608F8BDF259CB3C323247CC1A533A10, 82126BA52DBF2C97884BAFD5E5A74ABDCA3E092DACB8A4CADFF2851520727E5B ] C:\WINDOWS\system32\hkcmd.exe
18:01:49.0635 0x1bb0  HotKeysCmds - ok
18:01:49.0651 0x1bb0  [ 47189B3FB35A23FD5A491A79EDBEDA0D, 04986B81A450F65E16A974AA7F2987273887A0F9FFEE2D904D0FC64E8D3CDE22 ] C:\WINDOWS\system32\igfxpers.exe
18:01:49.0666 0x1bb0  Persistence - ok
18:01:49.0760 0x1bb0  [ 6B08632F7634F344372B25A507DA7C47, C955BFB0F4601A4D1077119B204785FE4CB975E961D2AEE9C2BFA6EDC27E3CE2 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
18:01:49.0792 0x1bb0  Nvtmru - ok
18:01:49.0838 0x1bb0  [ 353C3D309B32642C329518FB2A3CC317, 9F1EDA8398203D65C2B05874052F5544DB1F662C24ECEEC9C95D5C397ABDAF76 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:01:49.0838 0x1bb0  IAStorIcon - ok
18:01:49.0901 0x1bb0  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] c:\program files (x86)\Dolby Home Theater v4\pcee4.exe
18:01:49.0917 0x1bb0  DolbyTrayApp - ok
18:01:50.0088 0x1bb0  [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
18:01:50.0135 0x1bb0  OnekeyStudio - ok
18:01:50.0527 0x1bb0  [ C26A1B3F9BA8086BC0A22F056703E0F4, 17DCFB6AAFB42E9F26817FF043868E9D82BC4BEDFDFD34021A9352B720DBFEF8 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
18:01:50.0714 0x1bb0  Energy Manager - ok
18:01:50.0730 0x1bb0  [ CA8486284806BF318BA56CE9CFC36D94, 66804050E39EE7AB671DBF87F32CCA21F869B530A208D393998CCD80ADE0D327 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
18:01:50.0730 0x1bb0  Lenovo Utility - ok
18:01:50.0828 0x1bb0  [ 05C5CBE5C0C26EFF48AF60639F30F4F5, 29B20E80D0251B488CFAC1576FF9350BB79BDB33667BC5F38DF8B0FB4C7FB17C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:01:50.0859 0x1bb0  NvBackend - ok
18:01:50.0875 0x1bb0  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
18:01:50.0890 0x1bb0  ShadowPlay - ok
18:01:50.0890 0x1bb0  SynTPEnh - ok
18:01:50.0890 0x1bb0  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:01:50.0890 0x1bb0  Logitech Download Assistant - ok
18:01:50.0937 0x1bb0  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
18:01:50.0937 0x1bb0  iTunesHelper - ok
18:01:51.0000 0x1bb0  [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
18:01:51.0015 0x1bb0  331BigDog - ok
18:01:51.0062 0x1bb0  [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
18:01:51.0062 0x1bb0  YouCam Tray - ok
18:01:51.0140 0x1bb0  [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:01:51.0156 0x1bb0  UpdateP2GShortCut - ok
18:01:51.0187 0x1bb0  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
18:01:51.0187 0x1bb0  RemoteControl10 - ok
18:01:51.0250 0x1bb0  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
18:01:51.0265 0x1bb0  Intel AppUp(SM) center - ok
18:01:51.0484 0x1bb0  [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:01:51.0562 0x1bb0  AvastUI.exe - ok
18:01:51.0578 0x1bb0  Object required for P2P: [ 8A312D5764B4FC4C55CEDDEED4652CF1 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:01:54.0723 0x1bb0  Object send P2P result: true
18:01:54.0832 0x1bb0  [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
18:01:54.0848 0x1bb0  IJNetworkScannerSelectorEX - ok
18:01:54.0910 0x1bb0  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:01:54.0910 0x1bb0  BCSSync - ok
18:01:54.0957 0x1bb0  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:01:54.0973 0x1bb0  SunJavaUpdateSched - ok
18:01:55.0113 0x1bb0  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:01:55.0160 0x1bb0  DAEMON Tools Lite - ok
18:01:55.0160 0x1bb0  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:01:55.0160 0x1bb0  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
18:01:55.0176 0x1bb0  Win FW state via NFP2: enabled ( trusted )
18:01:57.0646 0x1bb0  ============================================================
18:01:57.0646 0x1bb0  Scan finished
18:01:57.0646 0x1bb0  ============================================================
18:01:57.0646 0x0f44  Detected object count: 0
18:01:57.0646 0x0f44  Actual detected object count: 0
18:03:18.0165 0x1d08  ============================================================
18:03:18.0165 0x1d08  Scan started
18:03:18.0165 0x1d08  Mode: Manual; SigCheck; TDLFS; 
18:03:18.0165 0x1d08  ============================================================
18:03:18.0165 0x1d08  KSN ping started
18:03:20.0615 0x1d08  KSN ping finished: true
18:03:21.0346 0x1d08  ================ Scan system memory ========================
18:03:21.0346 0x1d08  System memory - ok
18:03:21.0346 0x1d08  ================ Scan services =============================
18:03:21.0504 0x1d08  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:03:21.0597 0x1d08  1394ohci - ok
18:03:21.0613 0x1d08  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:03:21.0676 0x1d08  3ware - ok
18:03:21.0738 0x1d08  [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:03:21.0816 0x1d08  ACPI - ok
18:03:21.0832 0x1d08  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:03:21.0926 0x1d08  acpiex - ok
18:03:21.0941 0x1d08  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:03:22.0004 0x1d08  acpipagr - ok
18:03:22.0035 0x1d08  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:03:22.0082 0x1d08  AcpiPmi - ok
18:03:22.0113 0x1d08  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:03:22.0144 0x1d08  acpitime - ok
18:03:22.0191 0x1d08  [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC         C:\WINDOWS\System32\drivers\AcpiVpc.sys
18:03:22.0254 0x1d08  ACPIVPC - ok
18:03:22.0347 0x1d08  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:03:22.0379 0x1d08  AdobeARMservice - ok
18:03:22.0430 0x1d08  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
18:03:22.0493 0x1d08  ADP80XX - ok
18:03:22.0539 0x1d08  [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:03:22.0571 0x1d08  AeLookupSvc - ok
18:03:22.0618 0x1d08  [ A460C3AF3755A2A79A3C8EFE72E147B5, 62CEA85DA53D86D3E7B5D79F94095C6126FFF3DEE1427BBF3DEF5EA366B4513B ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:03:22.0790 0x1d08  AFD - ok
18:03:22.0821 0x1d08  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:03:22.0852 0x1d08  agp440 - ok
18:03:22.0868 0x1d08  [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
18:03:22.0930 0x1d08  ahcache - ok
18:03:22.0961 0x1d08  [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG             C:\WINDOWS\System32\alg.exe
18:03:22.0977 0x1d08  ALG - ok
18:03:22.0993 0x1d08  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:03:23.0040 0x1d08  AmdK8 - ok
18:03:23.0071 0x1d08  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:03:23.0086 0x1d08  AmdPPM - ok
18:03:23.0118 0x1d08  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:03:23.0196 0x1d08  amdsata - ok
18:03:23.0211 0x1d08  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:03:23.0258 0x1d08  amdsbs - ok
18:03:23.0274 0x1d08  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:03:23.0305 0x1d08  amdxata - ok
18:03:23.0336 0x1d08  [ 7D676814DE129391D423F3D97F590414, F72ECCC2D80F6E2144B88D232E74DD17C7E9FEBB476A289759C7FF041C6E47B3 ] AmUStor         C:\WINDOWS\system32\drivers\AmUStor.SYS
18:03:23.0368 0x1d08  AmUStor - ok
18:03:23.0399 0x1d08  [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:03:23.0446 0x1d08  AppID - ok
18:03:23.0461 0x1d08  [ 88358135810B9DFD830A9D3A8C3D149A, DF914DA3828EE2310895D156342E3B3DF5E8C6F6F9B851C359E82A1F48180D4B ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:03:23.0461 0x1d08  AppIDSvc - ok
18:03:23.0493 0x1d08  [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:03:23.0540 0x1d08  Appinfo - ok
18:03:23.0602 0x1d08  [ 612CB66D93ED0F2F21BB109840C7D813, 75484123DA27B8942B13148FCF061C75A08A50386A095143736B593E9C772173 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
18:03:23.0633 0x1d08  Apple Mobile Device Service - ok
18:03:23.0665 0x1d08  [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
18:03:23.0696 0x1d08  AppReadiness - ok
18:03:23.0743 0x1d08  [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
18:03:23.0774 0x1d08  AppXSvc - ok
18:03:23.0805 0x1d08  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:03:23.0852 0x1d08  arcsas - ok
18:03:23.0899 0x1d08  [ 7BC1F2FC2A9D79E1EBBBF6D69AC3BA1F, 236265BE3F1B2130025A3A10152893BD0D18AD8965732361058B775F010539A2 ] aswHwid         C:\WINDOWS\system32\drivers\aswHwid.sys
18:03:23.0930 0x1d08  aswHwid - ok
18:03:23.0962 0x1d08  [ 68E76C1675AC171A84F5B7230652E19D, A707A4E51110B15FF7D73C95D4D9C1E457FC9D93E1479BDB67EBDDDD6AC28D8E ] aswMonFlt       C:\WINDOWS\system32\drivers\aswMonFlt.sys
18:03:24.0024 0x1d08  aswMonFlt - ok
18:03:24.0040 0x1d08  [ 2D6B49A071216796106E7804AB2BA7DC, 6A58A3B36EA05A24333482F87CFD315F73E56A64E46493E82E0FE9115E284168 ] aswRdr          C:\WINDOWS\system32\drivers\aswRdr2.sys
18:03:24.0055 0x1d08  aswRdr - ok
18:03:24.0087 0x1d08  [ E46B51C99BB750A81AC6A68362475A5C, 2A61C09902B39696D151B9D5E6A60FFC3CF3EA02613EC64BBAB4DEE3C78838E2 ] aswRvrt         C:\WINDOWS\system32\drivers\aswRvrt.sys
18:03:24.0102 0x1d08  aswRvrt - ok
18:03:24.0165 0x1d08  [ A428CC308673A5E74F91D92E4A2B205D, 0A768AA4BD1CD22B5181EDA692F7CB9A43F627BB4FFEEFBB8CBC77A45107A443 ] aswSnx          C:\WINDOWS\system32\drivers\aswSnx.sys
18:03:24.0212 0x1d08  aswSnx - ok
18:03:24.0274 0x1d08  [ C24A42A7689DB63EEF157797AA7012B5, AC25AFAD13E59DFBF68B9F9B9527F266F4671A5E0A1F04D9EA71D36C00AC21E9 ] aswSP           C:\WINDOWS\system32\drivers\aswSP.sys
18:03:24.0368 0x1d08  aswSP - ok
18:03:24.0399 0x1d08  [ D9079E1A1C2A1F8ED5F37AF8E6CD3161, 629E3A642C5E3BEA65CDD2E08CAD69F9649A98BDA906678B51D3D2C9DB5BB253 ] aswStm          C:\WINDOWS\system32\drivers\aswStm.sys
18:03:24.0415 0x1d08  aswStm - ok
18:03:24.0430 0x1d08  [ 3BEC32A0B646D914921FD56AA39998C1, 8DB7CBF3DEF8EAE1D7D28C38B3A0FCD5C2A04D772078B907F35C66451355A04A ] aswVmm          C:\WINDOWS\system32\drivers\aswVmm.sys
18:03:24.0477 0x1d08  aswVmm - ok
18:03:24.0509 0x1d08  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:03:24.0555 0x1d08  atapi - ok
18:03:24.0587 0x1d08  [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:03:24.0602 0x1d08  AudioEndpointBuilder - ok
18:03:24.0665 0x1d08  [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:03:24.0680 0x1d08  Audiosrv - ok
18:03:24.0745 0x1d08  [ F5CB8703A4F51EE30E5C090C78073AA4, 90683F39E9AA315FFB66A9F014AD1BEBF19EA62908247C133455815F6632E578 ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
18:03:24.0761 0x1d08  avast! Antivirus - ok
18:03:24.0792 0x1d08  AvastVBoxSvc - ok
18:03:24.0823 0x1d08  [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:03:24.0839 0x1d08  AxInstSV - ok
18:03:24.0886 0x1d08  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:03:24.0917 0x1d08  b06bdrv - ok
18:03:24.0933 0x1d08  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:03:24.0964 0x1d08  BasicDisplay - ok
18:03:25.0011 0x1d08  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:03:25.0120 0x1d08  BasicRender - ok
18:03:25.0167 0x1d08  [ 70433F7A216BD0B5EC7DA1202EE53E65, 12F3210EC5546714B34225770242F5CF4AC36032BB49A8E8989620BA274AC505 ] bcbtums         C:\WINDOWS\system32\drivers\bcbtums.sys
18:03:25.0182 0x1d08  bcbtums - ok
18:03:25.0450 0x1d08  [ 9A4EF701A4FC835F7DDD8956D930010F, 28A555B98098ECE47912C40A74CA92AFA76F51A711F2DEFF1A498FF212505F23 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys
18:03:25.0622 0x1d08  BCM43XX - ok
18:03:25.0716 0x1d08  [ 18B186BCC56EC611DE519CBA7D4F65B0, 6F2520AAFDAA4208717DCD121527911D580727C5A6B8C4C7F07C4155C4D8662D ] BcmBtRSupport   C:\WINDOWS\system32\BtwRSupportService.exe
18:03:25.0747 0x1d08  BcmBtRSupport - ok
18:03:25.0778 0x1d08  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
18:03:25.0809 0x1d08  bcmfn2 - ok
18:03:25.0856 0x1d08  [ 4B6F61BD394DCEDA9B06D702836531C2, 83C739467BD9A00FE09BCE83BB9409EA2DA62FCDD2384F9EE98626226223E918 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:03:25.0888 0x1d08  BDESVC - ok
18:03:25.0903 0x1d08  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:03:25.0934 0x1d08  Beep - ok
18:03:25.0981 0x1d08  [ 8F2AD111B47A190F325EE7495D3C1803, C61F1506E74A9EFBB61B8A06B30886B6E891C33211F755F30B924EBA202ECEC5 ] BFE             C:\WINDOWS\System32\bfe.dll
18:03:26.0013 0x1d08  BFE - ok
18:03:26.0059 0x1d08  [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:03:26.0106 0x1d08  BITS - ok
18:03:26.0122 0x1d08  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:03:26.0138 0x1d08  Bonjour Service - ok
18:03:26.0153 0x1d08  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:03:26.0231 0x1d08  bowser - ok
18:03:26.0278 0x1d08  [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:03:26.0325 0x1d08  BrokerInfrastructure - ok
18:03:26.0356 0x1d08  [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser         C:\WINDOWS\System32\browser.dll
18:03:26.0372 0x1d08  Browser - ok
18:03:26.0388 0x1d08  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:03:26.0419 0x1d08  BthAvrcpTg - ok
18:03:26.0450 0x1d08  [ 1104A31260CCF4318C884E0AE6C513BF, A8F83B558944DEF0F84414A11DC3CB90C3A92377B46760EC0A9B8BC22FB0D5C7 ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:03:26.0481 0x1d08  BthEnum - ok
18:03:26.0497 0x1d08  [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:03:26.0544 0x1d08  BthHFEnum - ok
18:03:26.0575 0x1d08  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:03:26.0606 0x1d08  bthhfhid - ok
18:03:26.0669 0x1d08  [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv        C:\WINDOWS\System32\BthHFSrv.dll
18:03:26.0700 0x1d08  BthHFSrv - ok
18:03:26.0747 0x1d08  [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum       C:\WINDOWS\System32\drivers\BthLEEnum.sys
18:03:26.0825 0x1d08  BthLEEnum - ok
18:03:26.0841 0x1d08  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:03:26.0888 0x1d08  BTHMODEM - ok
18:03:26.0903 0x1d08  [ FEA8FC81431AD93F44D5FBFBBF096AA7, C0581DF6B2AD24836604B083F4866F93A3F4D9091D382029948A5E6221EDF788 ] BthPan          C:\WINDOWS\System32\drivers\bthpan.sys
18:03:26.0935 0x1d08  BthPan - ok
18:03:26.0981 0x1d08  [ 0CC00ADC1B84C93FB46E1A0974E956E1, 64C759244651B916901F4D0C82C3D6034532A20714A72FD26FC9D050B99E230B ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
18:03:27.0060 0x1d08  BTHPORT - ok
18:03:27.0075 0x1d08  [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:03:27.0106 0x1d08  bthserv - ok
18:03:27.0138 0x1d08  [ 08EA90955AED2D959EE67DF6EDF0E2B6, 0A70AA67E5DD24C473C66A570C0FEBA9D398A0F0AD8386FE05D01C4D16346968 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:03:27.0169 0x1d08  BTHUSB - ok
18:03:27.0216 0x1d08  [ 20C8EB70C0B179DF06A01CA503F4A824, 1C2DADCBC5D85C1D4F6A28B7F374C829E6DCE0EB720EBDA43CF6AC0AC934AA5E ] btwampfl        C:\WINDOWS\system32\DRIVERS\btwampfl.sys
18:03:27.0263 0x1d08  btwampfl - ok
18:03:27.0294 0x1d08  [ 49665DD72F8DB515AB51D04984DB1D38, 8ABE06213D11309E6A2A6C21223852C33E28B4C9A5E9E6CAE20D4F6142F153F2 ] btwaudio        C:\WINDOWS\system32\drivers\btwaudio.sys
18:03:27.0325 0x1d08  btwaudio - ok
18:03:27.0341 0x1d08  [ 1611FFAFBB372A3BDA5ABDA3F9202882, D491A4F0F59B5C8779169C853F6CF27D13B59135335CCE243D3A54052B7B97A8 ] btwavdt         C:\WINDOWS\System32\drivers\btwavdt.sys
18:03:27.0435 0x1d08  btwavdt - ok
18:03:27.0497 0x1d08  [ 0CEB5F3E31011245D5E656E86082A6FB, 68FC17271D56EDA73B3F610BDD60905B4060150E3B6C7F8FF0DF6183A7018E31 ] btwdins         C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
18:03:27.0513 0x1d08  btwdins - ok
18:03:27.0528 0x1d08  [ C3C8974D99F976C927165363855690CD, 2B73E11FE341DE581CFF655E58C5671B83F4331529C30DADCAA9B6BE615D5E1F ] btwl2cap        C:\WINDOWS\system32\DRIVERS\btwl2cap.sys
18:03:27.0560 0x1d08  btwl2cap - ok
18:03:27.0575 0x1d08  [ 1D1591BB5356D4160C15F754886EEE98, 1DEF03F2B716026166047D83150C285561E159A26B15A38161368074A178E4ED ] btwpanfl        C:\WINDOWS\system32\drivers\btwpanfl.sys
18:03:27.0638 0x1d08  btwpanfl - ok
18:03:27.0653 0x1d08  [ B4327CB4CE628C9CA6C7F479BCF0D40A, F369070D443393037AE18BADA21DA55A2CF087192F83BE7F25D84F58B52564DD ] btwrchid        C:\WINDOWS\System32\drivers\btwrchid.sys
18:03:27.0685 0x1d08  btwrchid - ok
18:03:27.0700 0x1d08  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:03:27.0763 0x1d08  cdfs - ok
18:03:27.0778 0x1d08  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:03:27.0841 0x1d08  cdrom - ok
18:03:27.0872 0x1d08  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:03:27.0903 0x1d08  CertPropSvc - ok
18:03:27.0935 0x1d08  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:03:27.0966 0x1d08  circlass - ok
18:03:27.0997 0x1d08  [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:03:28.0028 0x1d08  CLFS - ok
18:03:28.0044 0x1d08  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:03:28.0060 0x1d08  CmBatt - ok
18:03:28.0091 0x1d08  [ 0DE32A0BB1FE2A773666572F79584520, C417C12476B937265BEDC9A2C3C3F6C50FD19AEC096362337B0921627A2A92EA ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:03:28.0138 0x1d08  CNG - ok
18:03:28.0153 0x1d08  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:03:28.0185 0x1d08  CompositeBus - ok
18:03:28.0185 0x1d08  COMSysApp - ok
18:03:28.0216 0x1d08  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:03:28.0231 0x1d08  condrv - ok
18:03:28.0294 0x1d08  [ D5F868A46AED8E7CAD6C30E0599DD100, F016C3BAC207B5A513CB28E78F93D1347398B9BEEF8D1A32339D034AFB74CF6C ] cphs            C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
18:03:28.0294 0x1d08  cphs - ok
18:03:28.0325 0x1d08  [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:03:28.0356 0x1d08  CryptSvc - ok
18:03:28.0388 0x1d08  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:03:28.0419 0x1d08  dam - ok
18:03:28.0466 0x1d08  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:03:28.0497 0x1d08  DcomLaunch - ok
18:03:28.0544 0x1d08  [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:03:28.0560 0x1d08  defragsvc - ok
18:03:28.0606 0x1d08  [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:03:28.0653 0x1d08  DeviceAssociationService - ok
18:03:28.0669 0x1d08  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:03:28.0685 0x1d08  DeviceInstall - ok
18:03:28.0716 0x1d08  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:03:28.0763 0x1d08  Dfsc - ok
18:03:28.0794 0x1d08  [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:03:28.0825 0x1d08  Dhcp - ok
18:03:28.0903 0x1d08  [ 21EDAD8188372C912B7BB9B1C6CB0D38, 4A102745DE8A2A82D2C069B30503BF9FF2312A035A82854F84EF9C27E3533CEE ] DiagTrack       C:\WINDOWS\system32\diagtrack.dll
18:03:28.0950 0x1d08  DiagTrack - ok
18:03:28.0982 0x1d08  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:03:29.0060 0x1d08  disk - ok
18:03:29.0075 0x1d08  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:03:29.0138 0x1d08  dmvsc - ok
18:03:29.0169 0x1d08  [ C480411B9883DB284D98F12C512BF009, A049ADB276A5451A5CAA5F3C46F109D2C40FC9690A23E0ABD79A50CFF10F95A2 ] DnsBlockUpdateSvc C:\WINDOWS\system32\DnsBlockUpdateSvc.exe
18:03:29.0185 0x1d08  DnsBlockUpdateSvc - ok
18:03:29.0216 0x1d08  [ 33ADFB7453BF3271463712C4BCE61AD1, A1DB30F874BA7B2C4C653494D70B46B94BF7D39D0DD8559F6CA7A14B676FD617 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:03:29.0232 0x1d08  Dnscache - ok
18:03:29.0263 0x1d08  [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:03:29.0294 0x1d08  dot3svc - ok
18:03:29.0310 0x1d08  [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS             C:\WINDOWS\system32\dps.dll
18:03:29.0325 0x1d08  DPS - ok
18:03:29.0357 0x1d08  [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:03:29.0372 0x1d08  drmkaud - ok
18:03:29.0404 0x1d08  [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:03:29.0419 0x1d08  DsmSvc - ok
18:03:29.0450 0x1d08  [ 33F90B202E9DD9B7D489EB59310FDC34, 6ECF6669433E090E9CF6B1875AF18D2C06F8CDB3901D58BF89C3E2202574ABBD ] dtsoftbus01     C:\WINDOWS\System32\drivers\dtsoftbus01.sys
18:03:29.0482 0x1d08  dtsoftbus01 - ok
18:03:29.0544 0x1d08  [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:03:29.0638 0x1d08  DXGKrnl - ok
18:03:29.0669 0x1d08  [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:03:29.0700 0x1d08  Eaphost - ok
18:03:29.0825 0x1d08  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:03:29.0888 0x1d08  ebdrv - ok
18:03:29.0904 0x1d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS             C:\WINDOWS\System32\lsass.exe
18:03:29.0904 0x1d08  EFS - ok
18:03:29.0919 0x1d08  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:03:29.0966 0x1d08  EhStorClass - ok
18:03:29.0997 0x1d08  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:03:30.0044 0x1d08  EhStorTcgDrv - ok
18:03:30.0060 0x1d08  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:03:30.0091 0x1d08  ErrDev - ok
18:03:30.0138 0x1d08  [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem     C:\WINDOWS\system32\es.dll
18:03:30.0169 0x1d08  EventSystem - ok
18:03:30.0185 0x1d08  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:03:30.0263 0x1d08  exfat - ok
18:03:30.0294 0x1d08  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:03:30.0310 0x1d08  fastfat - ok
18:03:30.0341 0x1d08  [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:03:30.0388 0x1d08  Fax - ok
18:03:30.0388 0x1d08  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:03:30.0435 0x1d08  fdc - ok
18:03:30.0466 0x1d08  [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:03:30.0482 0x1d08  fdPHost - ok
18:03:30.0497 0x1d08  [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:03:30.0515 0x1d08  FDResPub - ok
18:03:30.0547 0x1d08  [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:03:30.0594 0x1d08  fhsvc - ok
18:03:30.0609 0x1d08  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:03:30.0656 0x1d08  FileInfo - ok
18:03:30.0672 0x1d08  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:03:30.0703 0x1d08  Filetrace - ok
18:03:30.0719 0x1d08  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:03:30.0734 0x1d08  flpydisk - ok
18:03:30.0765 0x1d08  [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:03:30.0797 0x1d08  FltMgr - ok
18:03:30.0844 0x1d08  [ 2F225BC85B84C04EA01BAB8D8DACFA83, 1F6E20C8F0FFD3FA60BDF556FB8392FE014E6519C3F314D1D22D394DB2A040CA ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:03:30.0891 0x1d08  FontCache - ok
18:03:31.0000 0x1d08  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:03:31.0015 0x1d08  FontCache3.0.0.0 - ok
18:03:31.0031 0x1d08  [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:03:31.0109 0x1d08  FsDepends - ok
18:03:31.0125 0x1d08  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:03:31.0187 0x1d08  Fs_Rec - ok
18:03:31.0266 0x1d08  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:03:31.0328 0x1d08  fvevol - ok
18:03:31.0344 0x1d08  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:03:31.0359 0x1d08  FxPPM - ok
18:03:31.0375 0x1d08  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:03:31.0406 0x1d08  gagp30kx - ok
18:03:31.0437 0x1d08  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:03:31.0469 0x1d08  GEARAspiWDM - ok
18:03:31.0484 0x1d08  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:03:31.0500 0x1d08  gencounter - ok
18:03:31.0531 0x1d08  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:03:31.0547 0x1d08  GPIOClx0101 - ok
18:03:31.0594 0x1d08  [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:03:31.0625 0x1d08  gpsvc - ok
18:03:31.0656 0x1d08  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:03:31.0766 0x1d08  HDAudBus - ok
18:03:31.0797 0x1d08  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:03:31.0844 0x1d08  HidBatt - ok
18:03:31.0876 0x1d08  [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:03:31.0907 0x1d08  HidBth - ok
18:03:31.0939 0x1d08  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:03:31.0970 0x1d08  hidi2c - ok
18:03:32.0001 0x1d08  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:03:32.0032 0x1d08  HidIr - ok
18:03:32.0048 0x1d08  [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:03:32.0079 0x1d08  hidserv - ok
18:03:32.0095 0x1d08  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:03:32.0142 0x1d08  HidUsb - ok
18:03:32.0189 0x1d08  [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:03:32.0251 0x1d08  hkmsvc - ok
18:03:32.0282 0x1d08  [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:03:32.0314 0x1d08  HomeGroupListener - ok
18:03:32.0345 0x1d08  [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:03:32.0360 0x1d08  HomeGroupProvider - ok
18:03:32.0376 0x1d08  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:03:32.0407 0x1d08  HpSAMD - ok
18:03:32.0439 0x1d08  [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:03:32.0485 0x1d08  HTTP - ok
18:03:32.0517 0x1d08  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:03:32.0564 0x1d08  hwpolicy - ok
18:03:32.0595 0x1d08  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:03:32.0626 0x1d08  hyperkbd - ok
18:03:32.0642 0x1d08  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:03:32.0673 0x1d08  HyperVideo - ok
18:03:32.0689 0x1d08  [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:03:32.0751 0x1d08  i8042prt - ok
18:03:32.0767 0x1d08  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
18:03:32.0782 0x1d08  iaLPSSi_GPIO - ok
18:03:32.0798 0x1d08  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
18:03:32.0829 0x1d08  iaLPSSi_I2C - ok
18:03:32.0876 0x1d08  [ 0A34D806EF2767E62CAFEA1A150A8830, 2C5C9C0924C6AE379E3CD071E6687885006843A17742B083CE14719F666F7FE6 ] iaStorA         C:\WINDOWS\system32\drivers\iaStorA.sys
18:03:32.0923 0x1d08  iaStorA - ok
18:03:32.0954 0x1d08  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
18:03:33.0032 0x1d08  iaStorAV - ok
18:03:33.0142 0x1d08  [ 7281AED93FB30FDD1CBAF07591FA453A, BD912798D8E28AF27C5FE01455D97224013D30066E35230888E64D0AC346893F ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
18:03:33.0157 0x1d08  IAStorDataMgrSvc - ok
18:03:33.0220 0x1d08  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:03:33.0314 0x1d08  iaStorV - ok
18:03:33.0314 0x1d08  IEEtwCollectorService - ok
18:03:33.0471 0x1d08  [ 4F6363C26B4A3DDBC9FAFCBA68602B01, 0920551F9312D967AAA68003BD8C4A312AA8F1E8B826DDE8BF59B9B639AB5F3B ] igfx            C:\WINDOWS\system32\DRIVERS\igdkmd64.sys
18:03:33.0565 0x1d08  igfx - ok
18:03:33.0612 0x1d08  [ AF8A43C376F83A4A1E7DA16461EDE114, EBA10519B074888355A4FC11D52FF1E6A52F88F754B7F1F9863A8313638645CB ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:03:33.0627 0x1d08  IKEEXT - ok
18:03:33.0659 0x1d08  [ 4011430BC9DA46ADFAE9915EFEC312FB, 925DDDA187AE7C46C94FBBFA18FC602260957B6BA891D65DFC09385B6DDEAB58 ] intaud_WaveExtensible C:\WINDOWS\system32\drivers\intelaud.sys
18:03:33.0705 0x1d08  intaud_WaveExtensible - ok
18:03:33.0768 0x1d08  [ DDA8E5AD97231AB50B81FED04C28F64C, 5C9E8F7CC45A9AE7FF12A02641562E271D84894DFA7C50218AC2AAA298251B60 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
18:03:33.0799 0x1d08  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
18:03:33.0846 0x1d08  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
18:03:36.0403 0x1d08  [ 86FE509640D77FB0998FC8B1FF5523C6, 13E895DEB9B84379251699D7E52C5E3FD888994425DE01B6C4634F9E959D5584 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
18:03:36.0435 0x1d08  Intel(R) Capability Licensing Service TCP IP Interface - ok
18:03:36.0466 0x1d08  [ 0DA6BAF6CF50F4F0A04334BF0DCF6C9A, DA78102C133D8978942BE8236F34B690F6F15068C2ADF1F18E26D7D5FBAD8B05 ] IntelHSWPcc     C:\WINDOWS\system32\drivers\IntelPcc.sys
18:03:36.0497 0x1d08  IntelHSWPcc - ok
18:03:36.0528 0x1d08  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:03:36.0560 0x1d08  intelide - ok
18:03:36.0560 0x1d08  [ A770340FC02B999EF0DE6C2A6BC8437C, 214567BE706B21BEA7EC13AF6B10FBFF658000511DBBA79BAA28D1D4EFD029A7 ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
18:03:36.0622 0x1d08  intelpep - ok
18:03:36.0653 0x1d08  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:03:36.0700 0x1d08  intelppm - ok
18:03:36.0747 0x1d08  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:03:36.0810 0x1d08  IpFilterDriver - ok
18:03:36.0857 0x1d08  [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:03:36.0872 0x1d08  iphlpsvc - ok
18:03:36.0919 0x1d08  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:03:36.0950 0x1d08  IPMIDRV - ok
18:03:36.0982 0x1d08  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:03:37.0013 0x1d08  IPNAT - ok
18:03:37.0044 0x1d08  [ E61BB95A7CB49696D25A0C4EBD108156, 65D95A0DBC408AD18D5E344A5E875551E6CC044038DE438E4EA1102A234FC529 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
18:03:37.0060 0x1d08  iPod Service - ok
18:03:37.0075 0x1d08  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:03:37.0107 0x1d08  IRENUM - ok
18:03:37.0154 0x1d08  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:03:37.0185 0x1d08  isapnp - ok
18:03:37.0216 0x1d08  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:03:37.0279 0x1d08  iScsiPrt - ok
18:03:37.0310 0x1d08  [ EE03564B7FAFE2E44EDA33D52E83B4A3, 53C917EEC92B813EB0C86B225E9887C9CDFDD7708AEA71BFAC0A3039E26D7BEB ] iwdbus          C:\WINDOWS\System32\drivers\iwdbus.sys
18:03:37.0341 0x1d08  iwdbus - ok
18:03:37.0435 0x1d08  [ 9BFDEFD51800A2D47D43919653F4BEF4, C7221D9F82F7F04343EDA6FE41A4EC4C97F6DC4170780AA3983C8735369A5026 ] jhi_service     C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
18:03:37.0466 0x1d08  jhi_service - ok
18:03:37.0497 0x1d08  [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:03:37.0529 0x1d08  kbdclass - ok
18:03:37.0544 0x1d08  [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:03:37.0576 0x1d08  kbdhid - ok
18:03:37.0607 0x1d08  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:03:37.0654 0x1d08  kdnic - ok
18:03:37.0685 0x1d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:03:37.0685 0x1d08  KeyIso - ok
18:03:37.0716 0x1d08  [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:03:37.0794 0x1d08  KSecDD - ok
18:03:37.0857 0x1d08  [ 35C19AF2116F67914712D7C4CBE47B8C, 5F976726880A6E51D7ABFA7E3EF7294C6FB7F383DC5710A2C2EC8DD26DAEC204 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:03:37.0888 0x1d08  KSecPkg - ok
18:03:37.0904 0x1d08  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:03:37.0919 0x1d08  ksthunk - ok
18:03:37.0951 0x1d08  [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:03:37.0966 0x1d08  KtmRm - ok
18:03:37.0997 0x1d08  [ 50AECF8C21AB2A6428A6E1E10549D8E5, 6BC7C60CF5E8AFB9972619EE1C78357756E9C0A3EC783C3056CEB600DCBB1555 ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
18:03:38.0013 0x1d08  L1C - ok
18:03:38.0044 0x1d08  [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:03:38.0076 0x1d08  LanmanServer - ok
18:03:38.0122 0x1d08  [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:03:38.0154 0x1d08  LanmanWorkstation - ok
18:03:38.0201 0x1d08  [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
18:03:38.0232 0x1d08  lfsvc - ok
18:03:38.0247 0x1d08  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:03:38.0279 0x1d08  lltdio - ok
18:03:38.0310 0x1d08  [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:03:38.0325 0x1d08  lltdsvc - ok
18:03:38.0341 0x1d08  [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:03:38.0372 0x1d08  lmhosts - ok
18:03:38.0404 0x1d08  [ 53CC0D5394A28C3344285357E85B2DA1, F02B892E21DABC14143770BA2F710CACDC6437811CEB86EECAB0A6A6F3F8359E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:03:38.0404 0x1d08  LMS - ok
18:03:38.0435 0x1d08  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:03:38.0451 0x1d08  LSI_SAS - ok
18:03:38.0466 0x1d08  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:03:38.0513 0x1d08  LSI_SAS2 - ok
18:03:38.0529 0x1d08  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
18:03:38.0560 0x1d08  LSI_SAS3 - ok
18:03:38.0575 0x1d08  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:03:38.0575 0x1d08  LSI_SSS - ok
18:03:38.0638 0x1d08  [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM             C:\WINDOWS\System32\lsm.dll
18:03:38.0669 0x1d08  LSM - ok
18:03:38.0701 0x1d08  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:03:38.0732 0x1d08  luafv - ok
18:03:38.0763 0x1d08  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:03:38.0763 0x1d08  megasas - ok
18:03:38.0810 0x1d08  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
18:03:38.0841 0x1d08  megasr - ok
18:03:38.0873 0x1d08  [ 2BB3EAE2EA641515D4B205CAB29E1624, D3F18EE393EB1B0F919484281269A3C55A092D023E62C59D74CB63A55612024B ] MEIx64          C:\WINDOWS\System32\drivers\HECIx64.sys
18:03:38.0888 0x1d08  MEIx64 - ok
18:03:38.0935 0x1d08  Microsoft SharePoint Workspace Audit Service - ok
18:03:38.0966 0x1d08  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:03:38.0998 0x1d08  MMCSS - ok
18:03:39.0045 0x1d08  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:03:39.0076 0x1d08  Modem - ok
18:03:39.0091 0x1d08  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:03:39.0123 0x1d08  monitor - ok
18:03:39.0123 0x1d08  [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:03:39.0138 0x1d08  mouclass - ok
18:03:39.0170 0x1d08  [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:03:39.0216 0x1d08  mouhid - ok
18:03:39.0248 0x1d08  [ 9A788037D768809DFD677F4BA08A224A, E0686B3318F924E440ADA439D6671D44D3FF97C13D45C2E0A3A7B9E23DA38350 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:03:39.0310 0x1d08  mountmgr - ok
18:03:39.0341 0x1d08  [ EB4B5C8AB9DA5585CCC975CD3D072115, BEED5B7478F92C9FB1BBB62FFCEB5321A5C12A7C1AA9B20151BF22064589CD46 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:03:39.0357 0x1d08  MozillaMaintenance - ok
18:03:39.0388 0x1d08  [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:03:39.0420 0x1d08  mpsdrv - ok
18:03:39.0482 0x1d08  [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:03:39.0513 0x1d08  MpsSvc - ok
18:03:39.0545 0x1d08  [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:03:39.0576 0x1d08  MRxDAV - ok
18:03:39.0623 0x1d08  [ 89DE71940A0E7F5BA617AE08321EF5C3, BD056C9E18E902D6F118E59A6AC68415BFA0690A02D2B360F6C111CE3B5EAC67 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:03:39.0732 0x1d08  mrxsmb - ok
18:03:39.0779 0x1d08  [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:03:39.0810 0x1d08  mrxsmb10 - ok
18:03:39.0826 0x1d08  [ EE16457030175F449BAB0ABD279F4B6A, DF627054136079553A24AD12DC7374F1ACEEAD782EFFDC278996AD7BCCE98877 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:03:39.0857 0x1d08  mrxsmb20 - ok
18:03:39.0873 0x1d08  [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:03:39.0904 0x1d08  MsBridge - ok
18:03:39.0935 0x1d08  [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:03:39.0951 0x1d08  MSDTC - ok
18:03:39.0982 0x1d08  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:03:39.0998 0x1d08  Msfs - ok
18:03:40.0013 0x1d08  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:03:40.0029 0x1d08  msgpiowin32 - ok
18:03:40.0045 0x1d08  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:03:40.0076 0x1d08  mshidkmdf - ok
18:03:40.0091 0x1d08  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:03:40.0123 0x1d08  mshidumdf - ok
18:03:40.0154 0x1d08  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:03:40.0185 0x1d08  msisadrv - ok
18:03:40.0216 0x1d08  [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:03:40.0216 0x1d08  MSiSCSI - ok
18:03:40.0232 0x1d08  msiserver - ok
18:03:40.0248 0x1d08  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:03:40.0248 0x1d08  MSKSSRV - ok
18:03:40.0279 0x1d08  [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:03:40.0295 0x1d08  MsLldp - ok
18:03:40.0310 0x1d08  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:03:40.0326 0x1d08  MSPCLOCK - ok
18:03:40.0341 0x1d08  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:03:40.0388 0x1d08  MSPQM - ok
18:03:40.0420 0x1d08  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:03:40.0451 0x1d08  MsRPC - ok
18:03:40.0466 0x1d08  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:03:40.0498 0x1d08  mssmbios - ok
18:03:40.0529 0x1d08  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:03:40.0545 0x1d08  MSTEE - ok
18:03:40.0560 0x1d08  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:03:40.0576 0x1d08  MTConfig - ok
18:03:40.0591 0x1d08  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:03:40.0607 0x1d08  Mup - ok
18:03:40.0623 0x1d08  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:03:40.0638 0x1d08  mvumis - ok
18:03:40.0670 0x1d08  [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:03:40.0685 0x1d08  napagent - ok
18:03:40.0717 0x1d08  [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:03:40.0779 0x1d08  NativeWifiP - ok
18:03:40.0810 0x1d08  [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:03:40.0826 0x1d08  NcaSvc - ok
18:03:40.0857 0x1d08  [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService      C:\WINDOWS\System32\ncbservice.dll
18:03:40.0873 0x1d08  NcbService - ok
18:03:40.0920 0x1d08  [ 0813B71EAF097208DC76CE0605B48AF0, A93A2E6A8FB77B58AC4D580E6F8BF307A25BADC9493994F9BE235EBFB0E1DB22 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:03:40.0935 0x1d08  NcdAutoSetup - ok
18:03:40.0982 0x1d08  [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:03:41.0045 0x1d08  NDIS - ok
18:03:41.0092 0x1d08  [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:03:41.0138 0x1d08  NdisCap - ok
18:03:41.0170 0x1d08  [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:03:41.0185 0x1d08  NdisImPlatform - ok
18:03:41.0217 0x1d08  [ 82821F4EEC776B4CF11695A38F3ABA46, 23184F9D31E662855DC4D23EFE7C2FE00E5487D3762B6024704A5D8C87762E1C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:03:41.0248 0x1d08  NdisTapi - ok
18:03:41.0279 0x1d08  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:03:41.0310 0x1d08  Ndisuio - ok
18:03:41.0326 0x1d08  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
18:03:41.0373 0x1d08  NdisVirtualBus - ok
18:03:41.0404 0x1d08  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:03:41.0420 0x1d08  NdisWan - ok
18:03:41.0420 0x1d08  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:03:41.0451 0x1d08  NdisWanLegacy - ok
18:03:41.0467 0x1d08  [ DDD7F92A83F74D1476B71FBA9530A8DC, D3F94FC9F48854E09B0B77CE5E1C1DB948D54EAC63C5583437051BB893B5A386 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:03:41.0514 0x1d08  NDProxy - ok
18:03:41.0545 0x1d08  [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:03:41.0576 0x1d08  Ndu - ok
18:03:41.0607 0x1d08  [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:03:41.0639 0x1d08  NetBIOS - ok
18:03:41.0670 0x1d08  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:03:41.0764 0x1d08  NetBT - ok
18:03:41.0779 0x1d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:03:41.0795 0x1d08  Netlogon - ok
18:03:41.0826 0x1d08  [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman          C:\WINDOWS\System32\netman.dll
18:03:41.0842 0x1d08  Netman - ok
18:03:41.0888 0x1d08  [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:03:41.0904 0x1d08  netprofm - ok
18:03:41.0951 0x1d08  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:03:41.0967 0x1d08  NetTcpPortSharing - ok
18:03:41.0998 0x1d08  [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc          C:\WINDOWS\System32\drivers\netvsc63.sys
18:03:42.0029 0x1d08  netvsc - ok
18:03:42.0092 0x1d08  [ FC91D7804B8FE5C2F0B12585C612F592, 0F43466D0F52D6A5282BD076005AC5F615C8CFCAC0D4B17B152E8AD0F556CB08 ] NitroDriverReadSpool8 C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
18:03:42.0123 0x1d08  NitroDriverReadSpool8 - ok
18:03:42.0154 0x1d08  [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:03:42.0201 0x1d08  NlaSvc - ok
18:03:42.0248 0x1d08  [ 21D28C3448983A072B907E9BAC93D223, 27EF785F8A26E461EE9CDA18445E4896EB5BAE73ABE77262639320D45BC6A512 ] nlsX86cc        C:\WINDOWS\SysWOW64\NLSSRV32.EXE
18:03:42.0248 0x1d08  nlsX86cc - ok
18:03:42.0279 0x1d08  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:03:42.0311 0x1d08  Npfs - ok
18:03:42.0326 0x1d08  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:03:42.0373 0x1d08  npsvctrig - ok
18:03:42.0389 0x1d08  [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:03:42.0420 0x1d08  nsi - ok
18:03:42.0436 0x1d08  [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:03:42.0467 0x1d08  nsiproxy - ok
18:03:42.0545 0x1d08  [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:03:42.0592 0x1d08  Ntfs - ok
18:03:42.0623 0x1d08  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:03:42.0654 0x1d08  Null - ok
18:03:42.0951 0x1d08  [ 9B93CC9C70EDE60A9C486E7719DB9E8D, 8E31BE72797D3308D8AF136E9F4C6199BCF4592F88E9FEB361752FF768225EC9 ] nvlddmkm        C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys
18:03:43.0123 0x1d08  nvlddmkm - ok
18:03:43.0311 0x1d08  [ 1C7C6D7481CABD4EF38A81F5B68F02E8, C4FBE81B8A3F280EEAC282D76626E849197EDEEC8C755B7B12E3594776390DE7 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
18:03:43.0357 0x1d08  NvNetworkService - ok
18:03:43.0357 0x1d08  [ F76296368BB813E0C6996501A3271C7C, FA1C127F881C09C5066CB83A686AFD7A40D731922185EA4001A52ABA230FD812 ] nvpciflt        C:\WINDOWS\system32\DRIVERS\nvpciflt.sys
18:03:43.0389 0x1d08  nvpciflt - ok
18:03:43.0436 0x1d08  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:03:43.0451 0x1d08  nvraid - ok
18:03:43.0467 0x1d08  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:03:43.0498 0x1d08  nvstor - ok
18:03:43.0873 0x1d08  [ 7A03646D5330A790A9D47D9F9C38758D, D22F100BBB94C45468ADD301CC96C15365FEAEC9FE820AA4E7AB1A7AF486E3B0 ] NvStreamSvc     C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
18:03:44.0108 0x1d08  NvStreamSvc - ok
18:03:44.0161 0x1d08  [ FB50E60564ED30DDC855F0CE435C8467, C9A56D74F58739B8A069336FF5456FC5F3CE89371B8CFE8144B8D06A9C79C6AB ] nvsvc           C:\WINDOWS\system32\nvvsvc.exe
18:03:44.0208 0x1d08  nvsvc - ok
18:03:44.0239 0x1d08  [ 09216A70CC364D0974F606F6F2109210, 60877154D4DF5287D1989CDAA9863CD6DACA528D06233238498854A10C868C20 ] nvvad_WaveExtensible C:\WINDOWS\system32\drivers\nvvad64v.sys
18:03:44.0255 0x1d08  nvvad_WaveExtensible - ok
18:03:44.0286 0x1d08  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:03:44.0333 0x1d08  nv_agp - ok
18:03:44.0364 0x1d08  [ B3E5887095F1DE8737DA3441D29F60E4, 722DCC5F8AE62C7EE87C14AFA447EB630EDDB23C56E921E5FA8C72C12011C676 ] ogmservice      C:\Program Files (x86)\Online Games Manager\ogmservice.exe
18:03:44.0380 0x1d08  ogmservice - ok
18:03:44.0427 0x1d08  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
18:03:44.0442 0x1d08  ose - ok
18:03:44.0646 0x1d08  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
18:03:44.0724 0x1d08  osppsvc - ok
18:03:44.0755 0x1d08  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:03:44.0802 0x1d08  p2pimsvc - ok
18:03:44.0880 0x1d08  [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:03:44.0942 0x1d08  p2psvc - ok
18:03:44.0958 0x1d08  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:03:44.0989 0x1d08  Parport - ok
18:03:45.0021 0x1d08  [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:03:45.0036 0x1d08  partmgr - ok
18:03:45.0067 0x1d08  [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:03:45.0083 0x1d08  PcaSvc - ok
18:03:45.0130 0x1d08  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:03:45.0145 0x1d08  pci - ok
18:03:45.0161 0x1d08  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:03:45.0192 0x1d08  pciide - ok
18:03:45.0208 0x1d08  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:03:45.0239 0x1d08  pcmcia - ok
18:03:45.0255 0x1d08  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:03:45.0271 0x1d08  pcw - ok
18:03:45.0286 0x1d08  [ 24A8DFC07E4BAF29AEA26E383D4CC886, 1B903FE52CD816662D37A8113930B4B7019B6996D49F1982D8F42933A3525A67 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:03:45.0333 0x1d08  pdc - ok
18:03:45.0365 0x1d08  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:03:45.0397 0x1d08  PEAUTH - ok
18:03:45.0428 0x1d08  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:03:45.0444 0x1d08  PerfHost - ok
18:03:45.0506 0x1d08  [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla             C:\WINDOWS\system32\pla.dll
18:03:45.0537 0x1d08  pla - ok
18:03:45.0569 0x1d08  [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:03:45.0584 0x1d08  PlugPlay - ok
18:03:45.0615 0x1d08  [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:03:45.0615 0x1d08  PNRPAutoReg - ok
18:03:45.0647 0x1d08  [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:03:45.0662 0x1d08  PNRPsvc - ok
18:03:45.0694 0x1d08  [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:03:45.0709 0x1d08  PolicyAgent - ok
18:03:45.0725 0x1d08  [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power           C:\WINDOWS\system32\umpo.dll
18:03:45.0756 0x1d08  Power - ok
18:03:45.0944 0x1d08  [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify     C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll
18:03:45.0990 0x1d08  PrintNotify - ok
18:03:46.0022 0x1d08  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:03:46.0053 0x1d08  Processor - ok
18:03:46.0100 0x1d08  [ 6E409D818C6B342544EAE741B1422B85, B4ADFB7809FC42C432C984C3AC13FAFD1B7AD53BCC7FB16E86371DE4C829DD1A ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:03:46.0115 0x1d08  ProfSvc - ok
18:03:46.0147 0x1d08  [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:03:46.0162 0x1d08  Psched - ok
18:03:46.0194 0x1d08  [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:03:46.0209 0x1d08  QWAVE - ok
18:03:46.0240 0x1d08  [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:03:46.0287 0x1d08  QWAVEdrv - ok
18:03:46.0334 0x1d08  [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:03:46.0381 0x1d08  RasAcd - ok
18:03:46.0412 0x1d08  [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:03:46.0428 0x1d08  RasAuto - ok
18:03:46.0459 0x1d08  [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:03:46.0490 0x1d08  RasMan - ok
18:03:46.0522 0x1d08  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:03:46.0537 0x1d08  RasPppoe - ok
18:03:46.0568 0x1d08  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:03:46.0631 0x1d08  rdbss - ok
18:03:46.0662 0x1d08  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:03:46.0694 0x1d08  rdpbus - ok
18:03:46.0709 0x1d08  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:03:46.0756 0x1d08  RDPDR - ok
18:03:46.0787 0x1d08  [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:03:46.0803 0x1d08  RdpVideoMiniport - ok
18:03:46.0850 0x1d08  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:03:46.0897 0x1d08  rdyboost - ok
18:03:46.0928 0x1d08  [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
18:03:46.0959 0x1d08  ReFS - ok
18:03:46.0991 0x1d08  [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:03:47.0006 0x1d08  RemoteAccess - ok
18:03:47.0037 0x1d08  [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:03:47.0100 0x1d08  RemoteRegistry - ok
18:03:47.0162 0x1d08  [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:03:47.0194 0x1d08  RFCOMM - ok
18:03:47.0225 0x1d08  [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:03:47.0225 0x1d08  RpcEptMapper - ok
18:03:47.0256 0x1d08  [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:03:47.0303 0x1d08  RpcLocator - ok
18:03:47.0350 0x1d08  [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:03:47.0381 0x1d08  RpcSs - ok
18:03:47.0412 0x1d08  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:03:47.0428 0x1d08  rspndr - ok
18:03:47.0459 0x1d08  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:03:47.0522 0x1d08  s3cap - ok
18:03:47.0537 0x1d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs           C:\WINDOWS\system32\lsass.exe
18:03:47.0553 0x1d08  SamSs - ok
18:03:47.0584 0x1d08  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:03:47.0616 0x1d08  sbp2port - ok
18:03:47.0662 0x1d08  [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:03:47.0694 0x1d08  SCardSvr - ok
18:03:47.0725 0x1d08  [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
18:03:47.0741 0x1d08  ScDeviceEnum - ok
18:03:47.0772 0x1d08  [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:03:47.0787 0x1d08  scfilter - ok
18:03:47.0834 0x1d08  [ 3151A020E03DDE31AAC49F35C5EFB4DB, 5ABB1103009979F86C862357E28F37C2744979F2C99F7CF6ABB4EB1B8416B3F6 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:03:47.0866 0x1d08  Schedule - ok
18:03:47.0897 0x1d08  [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:03:47.0897 0x1d08  SCPolicySvc - ok
18:03:47.0928 0x1d08  [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:03:47.0959 0x1d08  sdbus - ok
18:03:48.0006 0x1d08  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:03:48.0053 0x1d08  sdstor - ok
18:03:48.0084 0x1d08  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:03:48.0116 0x1d08  secdrv - ok
18:03:48.0147 0x1d08  [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:03:48.0178 0x1d08  seclogon - ok
18:03:48.0209 0x1d08  [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS            C:\WINDOWS\System32\sens.dll
18:03:48.0225 0x1d08  SENS - ok
18:03:48.0256 0x1d08  [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:03:48.0287 0x1d08  SensrSvc - ok
18:03:48.0319 0x1d08  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:03:48.0381 0x1d08  SerCx - ok
18:03:48.0413 0x1d08  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
18:03:48.0475 0x1d08  SerCx2 - ok
18:03:48.0491 0x1d08  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:03:48.0522 0x1d08  Serenum - ok
18:03:48.0538 0x1d08  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:03:48.0553 0x1d08  Serial - ok
18:03:48.0584 0x1d08  [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:03:48.0600 0x1d08  sermouse - ok
18:03:48.0631 0x1d08  [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:03:48.0647 0x1d08  SessionEnv - ok
18:03:48.0663 0x1d08  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:03:48.0694 0x1d08  sfloppy - ok
18:03:48.0725 0x1d08  [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:03:48.0741 0x1d08  SharedAccess - ok
18:03:48.0756 0x1d08  [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:03:48.0788 0x1d08  ShellHWDetection - ok
18:03:48.0819 0x1d08  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:03:48.0834 0x1d08  SiSRaid2 - ok
18:03:48.0866 0x1d08  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:03:48.0881 0x1d08  SiSRaid4 - ok
18:03:48.0913 0x1d08  [ 7C954BD3BE2B7448AA7340D82605DF48, 6F0997EDE9F160308823427CBD64F41AE1FB5149AF2A5483658A9279A57DA97F ] SmbDrvI         C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys
18:03:48.0913 0x1d08  SmbDrvI - ok
18:03:48.0928 0x1d08  [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost         C:\WINDOWS\System32\smphost.dll
18:03:48.0944 0x1d08  smphost - ok
18:03:48.0975 0x1d08  [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:03:48.0975 0x1d08  SNMPTRAP - ok
18:03:49.0006 0x1d08  [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:03:49.0038 0x1d08  spaceport - ok
18:03:49.0053 0x1d08  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:03:49.0084 0x1d08  SpbCx - ok
18:03:49.0163 0x1d08  [ FCB156A6745631A67DEA61827061D483, 9275ABFA1E1E595969A71C0DA228D18D1B868BF46E097E1276142BD80F8A32C9 ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:03:49.0209 0x1d08  Spooler - ok
18:03:49.0381 0x1d08  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:03:49.0506 0x1d08  sppsvc - ok
18:03:49.0553 0x1d08  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:03:49.0600 0x1d08  srv - ok
18:03:49.0631 0x1d08  [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:03:49.0694 0x1d08  srv2 - ok
18:03:49.0725 0x1d08  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:03:49.0772 0x1d08  srvnet - ok
18:03:49.0803 0x1d08  [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:03:49.0850 0x1d08  SSDPSRV - ok
18:03:49.0866 0x1d08  [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:03:49.0881 0x1d08  SstpSvc - ok
18:03:49.0991 0x1d08  [ 580777FCF0DA9AE78B4D07A11E5F14CD, 2F2BE84ECB035C5E9DA538409398A1F56C62F4BD4F304EF088DAD49CA82735FD ] STacSV          C:\Program Files\IDT\WDM\STacSV64.exe
18:03:49.0991 0x1d08  STacSV - detected UnsignedFile.Multi.Generic ( 1 )
18:03:49.0991 0x1d08  STacSV ( UnsignedFile.Multi.Generic ) - warning
18:03:52.0547 0x1d08  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:03:52.0578 0x1d08  stexstor - ok
18:03:52.0628 0x1d08  [ 54ED2C1F251CF19EB3E965857BACF6F7, 38415A17FE41A9FA0CFBC9E3B041DF77B3FB97B255AE3B4E10FD6F22D9E871E2 ] STHDA           C:\WINDOWS\system32\DRIVERS\stwrt64.sys
18:03:52.0691 0x1d08  STHDA - ok
18:03:52.0738 0x1d08  [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:03:52.0769 0x1d08  stisvc - ok
18:03:52.0800 0x1d08  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:03:52.0816 0x1d08  storahci - ok
18:03:52.0831 0x1d08  [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt         C:\WINDOWS\system32\drivers\vmstorfl.sys
18:03:52.0847 0x1d08  storflt - ok
18:03:52.0878 0x1d08  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
18:03:52.0878 0x1d08  stornvme - ok
18:03:52.0925 0x1d08  [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:03:52.0941 0x1d08  StorSvc - ok
18:03:52.0972 0x1d08  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:03:52.0988 0x1d08  storvsc - ok
18:03:53.0003 0x1d08  [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:03:53.0019 0x1d08  svsvc - ok
18:03:53.0034 0x1d08  [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:03:53.0066 0x1d08  swenum - ok
18:03:53.0144 0x1d08  [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv           C:\WINDOWS\System32\swprv.dll
18:03:53.0175 0x1d08  swprv - ok
18:03:53.0206 0x1d08  [ 890D687A16CFFBEC96905CA25AAF4F4E, E96D5E65585192297343555F65ABA66624DC146C8DFE30085F7E004843B22DEE ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:03:53.0222 0x1d08  SynTP - ok
18:03:53.0284 0x1d08  [ 7E85DB0463AD2403AE84AD162B162279, 996C42ECAFC6E24C623068AFAFCC0A2612526333AF9315F7536C6D40C2570632 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:03:53.0331 0x1d08  SysMain - ok
18:03:53.0363 0x1d08  [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:03:53.0394 0x1d08  SystemEventsBroker - ok
18:03:53.0409 0x1d08  [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:03:53.0441 0x1d08  TabletInputService - ok
18:03:53.0472 0x1d08  [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:03:53.0503 0x1d08  TapiSrv - ok
18:03:53.0597 0x1d08  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:03:53.0675 0x1d08  Tcpip - ok
18:03:53.0722 0x1d08  [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:03:53.0785 0x1d08  TCPIP6 - ok
18:03:53.0816 0x1d08  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:03:53.0878 0x1d08  tcpipreg - ok
18:03:53.0925 0x1d08  [ E0BD2D83875464FEEEB242CBA8B7E073, A3067165128F36035FA9F3CBA55CFED736E180C495497FA7332B3D97908C3D90 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:03:53.0956 0x1d08  tdx - ok
18:03:53.0972 0x1d08  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:03:53.0988 0x1d08  terminpt - ok
18:03:54.0066 0x1d08  [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:03:54.0097 0x1d08  TermService - ok
18:03:54.0113 0x1d08  [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes          C:\WINDOWS\system32\themeservice.dll
18:03:54.0128 0x1d08  Themes - ok
18:03:54.0160 0x1d08  [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:03:54.0160 0x1d08  THREADORDER - ok
18:03:54.0191 0x1d08  [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:03:54.0222 0x1d08  TimeBroker - ok
18:03:54.0238 0x1d08  [ 80A2FC1A089A71F2DBE5D8394FFB009F, DEA30E751F6EA42E43E16869713FC7E37832B15DAFA0062B1798DFA476981385 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:03:54.0253 0x1d08  TPM - ok
18:03:54.0285 0x1d08  [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:03:54.0300 0x1d08  TrkWks - ok
18:03:54.0331 0x1d08  [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:03:54.0347 0x1d08  TrustedInstaller - ok
18:03:54.0347 0x1d08  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:03:54.0378 0x1d08  TsUsbFlt - ok
18:03:54.0410 0x1d08  [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:03:54.0441 0x1d08  TsUsbGD - ok
18:03:54.0472 0x1d08  [ E85916632CD3B9E9B546968DB950BF42, DECE3852C763CC6293C7D1B772296C43A0AE1E47BBCC4979C96B3B2AD70413F3 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:03:54.0503 0x1d08  tunnel - ok
18:03:54.0535 0x1d08  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:03:54.0550 0x1d08  uagp35 - ok
18:03:54.0566 0x1d08  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:03:54.0581 0x1d08  UASPStor - ok
18:03:54.0613 0x1d08  [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:03:54.0644 0x1d08  UCX01000 - ok
18:03:54.0660 0x1d08  [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:03:54.0691 0x1d08  udfs - ok
18:03:54.0722 0x1d08  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
18:03:54.0753 0x1d08  UEFI - ok
18:03:54.0785 0x1d08  [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:03:54.0800 0x1d08  UI0Detect - ok
18:03:54.0831 0x1d08  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:03:54.0847 0x1d08  uliagpkx - ok
18:03:54.0863 0x1d08  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:03:54.0894 0x1d08  umbus - ok
18:03:54.0925 0x1d08  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:03:54.0956 0x1d08  UmPass - ok
18:03:54.0988 0x1d08  [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:03:55.0019 0x1d08  UmRdpService - ok
18:03:55.0050 0x1d08  [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:03:55.0066 0x1d08  upnphost - ok
18:03:55.0097 0x1d08  [ 5C3BE22E485B9BF11FCEFDC676C728D0, F55061066ECF6920D56518A677BB538C18B7F1BB150ED6DB3591408F44E8D53A ] USBAAPL64       C:\WINDOWS\System32\Drivers\usbaapl64.sys
18:03:55.0113 0x1d08  USBAAPL64 - ok
18:03:55.0144 0x1d08  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:03:55.0160 0x1d08  usbccgp - ok
18:03:55.0191 0x1d08  [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:03:55.0238 0x1d08  usbcir - ok
18:03:55.0269 0x1d08  [ BBFD17B6B954FC9FA02E62D604052069, 47D2B7228EABA7F37F69A1756B69FFFB19F0C2CC2869C5BF674E4FD9257488A2 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:03:55.0285 0x1d08  usbehci - ok
18:03:55.0316 0x1d08  [ CD81683F4553677B9BF5163A922153EB, 6B304B0D68B9BFF0245EC755CDAAF9DF59DF3A081727E32CB66672929F0DBC50 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:03:55.0347 0x1d08  usbhub - ok
18:03:55.0378 0x1d08  [ 5C90D5379B53590FBB24BBAD4FA682EE, DC036340510C1C0999AB1CB845F8E6EB8B7696BAC9BBE6E936454C0000D1E9D4 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:03:55.0410 0x1d08  USBHUB3 - ok
18:03:55.0441 0x1d08  [ A0F0484C97D6441ED6A75D7426ECCC9E, FF928ADE1C5464E581BF929F7383D5762D110EA6C7E31A6F0887EA7357ADBEFE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:03:55.0456 0x1d08  usbohci - ok
18:03:55.0488 0x1d08  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:03:55.0519 0x1d08  usbprint - ok
18:03:55.0550 0x1d08  [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:03:55.0566 0x1d08  USBSTOR - ok
18:03:55.0597 0x1d08  [ FC974B03C8B87455F44F734C8F31A3C8, D69F6EE8030F7DF96FF151D9EAA6AE65417ACAC5A267C7DB96E9611D5BC42D2C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:03:55.0628 0x1d08  usbuhci - ok
18:03:55.0644 0x1d08  [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:03:55.0691 0x1d08  USBXHCI - ok
18:03:55.0753 0x1d08  [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:03:55.0769 0x1d08  VaultSvc - ok
18:03:55.0816 0x1d08  VBoxAswDrv - ok
18:03:55.0863 0x1d08  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:03:55.0879 0x1d08  vdrvroot - ok
18:03:55.0957 0x1d08  [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds             C:\WINDOWS\System32\vds.exe
18:03:55.0988 0x1d08  vds - ok
18:03:56.0082 0x1d08  [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv     C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
18:03:56.0097 0x1d08  VeriFaceSrv - ok
18:03:56.0129 0x1d08  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:03:56.0191 0x1d08  VerifierExt - ok
18:03:56.0254 0x1d08  [ C06E8481E068F170A258441639AC5792, 2F550530BACB511A195D5047F003B01CB6E04FA9A0DCCF638CB3D51FF5467DC7 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:03:56.0300 0x1d08  vhdmp - ok
18:03:56.0316 0x1d08  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:03:56.0332 0x1d08  viaide - ok
18:03:56.0379 0x1d08  [ 596B4C350D0E7F4EE634C41F87FD0ED6, C856DAED8D749A600B8AC5DCEE84AB71EFA12B2181BE417174EF2C5C331A131C ] vm331avs        C:\WINDOWS\System32\Drivers\vm331avs.sys
18:03:56.0425 0x1d08  vm331avs - ok
18:03:56.0457 0x1d08  [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:03:56.0472 0x1d08  vmbus - ok
18:03:56.0472 0x1d08  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:03:56.0504 0x1d08  VMBusHID - ok
18:03:56.0535 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
18:03:56.0550 0x1d08  vmicguestinterface - ok
18:03:56.0566 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:03:56.0582 0x1d08  vmicheartbeat - ok
18:03:56.0582 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:03:56.0597 0x1d08  vmickvpexchange - ok
18:03:56.0613 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:03:56.0629 0x1d08  vmicrdv - ok
18:03:56.0644 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:03:56.0660 0x1d08  vmicshutdown - ok
18:03:56.0660 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:03:56.0691 0x1d08  vmictimesync - ok
18:03:56.0691 0x1d08  [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:03:56.0707 0x1d08  vmicvss - ok
18:03:56.0738 0x1d08  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:03:56.0754 0x1d08  volmgr - ok
18:03:56.0769 0x1d08  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:03:56.0785 0x1d08  volmgrx - ok
18:03:56.0816 0x1d08  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:03:56.0847 0x1d08  volsnap - ok
18:03:56.0863 0x1d08  [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:03:56.0879 0x1d08  vpci - ok
18:03:56.0894 0x1d08  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:03:56.0926 0x1d08  vsmraid - ok
18:03:57.0019 0x1d08  [ 94FAFD473CDD80CE19A21FB9503D7ED1, 953E5E8C753C0017E1258695A76F60CC05D283F7476B9D9C5C8AC78B8E3FCE18 ] VSS             C:\WINDOWS\system32\vssvc.exe
18:03:57.0066 0x1d08  VSS - ok
18:03:57.0066 0x1d08  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:03:57.0113 0x1d08  VSTXRAID - ok
18:03:57.0160 0x1d08  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:03:57.0222 0x1d08  vwifibus - ok
18:03:57.0254 0x1d08  [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:03:57.0316 0x1d08  vwififlt - ok
18:03:57.0332 0x1d08  [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:03:57.0363 0x1d08  vwifimp - ok
18:03:57.0394 0x1d08  [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time         C:\WINDOWS\system32\w32time.dll
18:03:57.0426 0x1d08  W32Time - ok
18:03:57.0457 0x1d08  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:03:57.0504 0x1d08  WacomPen - ok
18:03:57.0566 0x1d08  [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:03:57.0613 0x1d08  wbengine - ok
18:03:57.0644 0x1d08  [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:03:57.0660 0x1d08  WbioSrvc - ok
18:03:57.0691 0x1d08  [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:03:57.0707 0x1d08  Wcmsvc - ok
18:03:57.0738 0x1d08  [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:03:57.0754 0x1d08  wcncsvc - ok
18:03:57.0769 0x1d08  [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:03:57.0785 0x1d08  WcsPlugInService - ok
18:03:57.0816 0x1d08  [ 81285DDC994F03379DB46419300B2DCB, 98D3622E11F375718AEA1DE3B5F0104DDAB4F96B6D4C19788C14F7B338A6F235 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:03:57.0848 0x1d08  WdBoot - ok
18:03:57.0879 0x1d08  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:03:57.0910 0x1d08  Wdf01000 - ok
18:03:57.0957 0x1d08  [ 26B8FED3F3B85F5F0C4BD03FD00B9941, 7F94FE7954498223B33C025258DB588A3AC9FF25C58EEAD204514FD20652FE40 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:03:57.0972 0x1d08  WdFilter - ok
18:03:57.0988 0x1d08  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:03:58.0004 0x1d08  WdiServiceHost - ok
18:03:58.0004 0x1d08  [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:03:58.0019 0x1d08  WdiSystemHost - ok
18:03:58.0051 0x1d08  [ CE67080F00E0AF32755096CEA6430ABA, 0E5D626F9F76C0BC63B2D246AD66D9CBF7D92F34B56398417BCFD0C331DBD282 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
18:03:58.0082 0x1d08  WdNisDrv - ok
18:03:58.0113 0x1d08  WdNisSvc - ok
18:03:58.0144 0x1d08  [ 40F83492DB9ABBA59773A45FB487C8B2, 0D0DE0B0C9B929FEFD2674CCF17F5F2FC4B16EAB8E1981BBCE51B0305FD7D75E ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:03:58.0176 0x1d08  WebClient - ok
18:03:58.0222 0x1d08  [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:03:58.0254 0x1d08  Wecsvc - ok
18:03:58.0269 0x1d08  [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
18:03:58.0285 0x1d08  WEPHOSTSVC - ok
18:03:58.0316 0x1d08  [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:03:58.0332 0x1d08  wercplsupport - ok
18:03:58.0363 0x1d08  [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:03:58.0379 0x1d08  WerSvc - ok
18:03:58.0394 0x1d08  [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:03:58.0441 0x1d08  WFPLWFS - ok
18:03:58.0473 0x1d08  [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:03:58.0488 0x1d08  WiaRpc - ok
18:03:58.0519 0x1d08  [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:03:58.0535 0x1d08  WIMMount - ok
18:03:58.0535 0x1d08  WinDefend - ok
18:03:58.0582 0x1d08  [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:03:58.0597 0x1d08  WinHttpAutoProxySvc - ok
18:03:58.0676 0x1d08  [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:03:58.0707 0x1d08  Winmgmt - ok
18:03:58.0801 0x1d08  [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:03:58.0848 0x1d08  WinRM - ok
18:03:58.0863 0x1d08  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\System32\drivers\WinUsb.sys
18:03:58.0879 0x1d08  WinUsb - ok
18:03:58.0926 0x1d08  [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:03:58.0957 0x1d08  WlanSvc - ok
18:03:59.0051 0x1d08  [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:03:59.0082 0x1d08  wlidsvc - ok
18:03:59.0098 0x1d08  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:03:59.0160 0x1d08  WmiAcpi - ok
18:03:59.0207 0x1d08  [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:03:59.0238 0x1d08  wmiApSrv - ok
18:03:59.0254 0x1d08  WMPNetworkSvc - ok
18:03:59.0301 0x1d08  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
18:03:59.0316 0x1d08  Wof - ok
18:03:59.0379 0x1d08  [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
18:03:59.0426 0x1d08  workfolderssvc - ok
18:03:59.0457 0x1d08  [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:03:59.0457 0x1d08  wpcfltr - ok
18:03:59.0488 0x1d08  [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:03:59.0504 0x1d08  WPCSvc - ok
18:03:59.0520 0x1d08  [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:03:59.0535 0x1d08  WPDBusEnum - ok
18:03:59.0566 0x1d08  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:03:59.0645 0x1d08  WpdUpFltr - ok
18:03:59.0660 0x1d08  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:03:59.0691 0x1d08  ws2ifsl - ok
18:03:59.0723 0x1d08  [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:03:59.0754 0x1d08  wscsvc - ok
18:03:59.0770 0x1d08  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
18:03:59.0785 0x1d08  WSDPrintDevice - ok
18:03:59.0816 0x1d08  [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
18:03:59.0848 0x1d08  WSDScan - ok
18:03:59.0863 0x1d08  WSearch - ok
18:03:59.0988 0x1d08  [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService       C:\WINDOWS\System32\WSService.dll
18:04:00.0066 0x1d08  WSService - ok
18:04:00.0082 0x1d08  [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd            C:\WINDOWS\system32\DRIVERS\wsvd.sys
18:04:00.0113 0x1d08  wsvd - ok
18:04:00.0238 0x1d08  [ 688DAAE720E39DA86822785195646663, DB6E0F89496BB74EDF8378E6AE06364B19249701F6ACD176A0DCA1951E81A63D ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:04:00.0316 0x1d08  wuauserv - ok
18:04:00.0332 0x1d08  [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:04:00.0395 0x1d08  WudfPf - ok
18:04:00.0426 0x1d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:04:00.0473 0x1d08  WUDFRd - ok
18:04:00.0504 0x1d08  [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:04:00.0520 0x1d08  wudfsvc - ok
18:04:00.0520 0x1d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs       C:\WINDOWS\System32\drivers\WUDFRd.sys
18:04:00.0535 0x1d08  WUDFWpdFs - ok
18:04:00.0535 0x1d08  [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp      C:\WINDOWS\System32\drivers\WUDFRd.sys
18:04:00.0566 0x1d08  WUDFWpdMtp - ok
18:04:00.0582 0x1d08  [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:04:00.0598 0x1d08  WwanSvc - ok
18:04:00.0613 0x1d08  ================ Scan global ===============================
18:04:00.0645 0x1d08  [ 05B08C20B8428ECE088CB5635696A48D, 471642A2D0E5C3BB235962FC8D86A49AC30D7DDE80B97E348425BBFCDE4DCDC3 ] C:\WINDOWS\system32\basesrv.dll
18:04:00.0660 0x1d08  [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\WINDOWS\system32\winsrv.dll
18:04:00.0691 0x1d08  [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\WINDOWS\system32\sxssrv.dll
18:04:00.0723 0x1d08  [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\WINDOWS\system32\services.exe
18:04:00.0738 0x1d08  [ Global ] - ok
18:04:00.0738 0x1d08  ================ Scan MBR
         

Alt 02.01.2016, 18:17   #11
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

Report TDSSKiller Teil 4



Code:
ATTFilter
==================================
18:04:00.0754 0x1d08  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:04:00.0801 0x1d08  \Device\Harddisk0\DR0 - ok
18:04:00.0801 0x1d08  ================ Scan VBR ==================================
18:04:00.0832 0x1d08  [ 45E6E1CC4750360B30853052D02D092E ] \Device\Harddisk0\DR0\Partition1
18:04:00.0895 0x1d08  \Device\Harddisk0\DR0\Partition1 - ok
18:04:00.0910 0x1d08  [ 45FCF55B66ACFD5B2B3DA455CE66592F ] \Device\Harddisk0\DR0\Partition2
18:04:00.0973 0x1d08  \Device\Harddisk0\DR0\Partition2 - ok
18:04:00.0988 0x1d08  [ BB108EFC330C8D7DE26516A9861ECFEA ] \Device\Harddisk0\DR0\Partition3
18:04:01.0051 0x1d08  \Device\Harddisk0\DR0\Partition3 - ok
18:04:01.0067 0x1d08  [ 75B198DDEABD11957D0A8CE751F5275D ] \Device\Harddisk0\DR0\Partition4
18:04:01.0067 0x1d08  \Device\Harddisk0\DR0\Partition4 - ok
18:04:01.0067 0x1d08  [ A0E19FEA4E6CBC7D11F8512BD0051EF7 ] \Device\Harddisk0\DR0\Partition5
18:04:01.0145 0x1d08  \Device\Harddisk0\DR0\Partition5 - ok
18:04:01.0176 0x1d08  [ 8C186B5FEF83644D78D50A58511B353F ] \Device\Harddisk0\DR0\Partition6
18:04:01.0192 0x1d08  \Device\Harddisk0\DR0\Partition6 - ok
18:04:01.0207 0x1d08  [ C8015BFEB4BCD688A221E75FDA2E83C1 ] \Device\Harddisk0\DR0\Partition7
18:04:01.0223 0x1d08  \Device\Harddisk0\DR0\Partition7 - ok
18:04:01.0238 0x1d08  [ 543D6D4AB04BF3DAF87850E87AF20115 ] \Device\Harddisk0\DR0\Partition8
18:04:01.0238 0x1d08  \Device\Harddisk0\DR0\Partition8 - ok
18:04:01.0238 0x1d08  ================ Scan generic autorun ======================
18:04:01.0301 0x1d08  [ 2FA26C993349B4D2016CBE21A49E5432, 9AD05224E1E2306271D1E2D74B63253F3807D4C60F8B94B661527B311D7E892A ] C:\WINDOWS\system32\igfxtray.exe
18:04:01.0317 0x1d08  IgfxTray - ok
18:04:01.0348 0x1d08  [ A608F8BDF259CB3C323247CC1A533A10, 82126BA52DBF2C97884BAFD5E5A74ABDCA3E092DACB8A4CADFF2851520727E5B ] C:\WINDOWS\system32\hkcmd.exe
18:04:01.0363 0x1d08  HotKeysCmds - ok
18:04:01.0379 0x1d08  [ 47189B3FB35A23FD5A491A79EDBEDA0D, 04986B81A450F65E16A974AA7F2987273887A0F9FFEE2D904D0FC64E8D3CDE22 ] C:\WINDOWS\system32\igfxpers.exe
18:04:01.0395 0x1d08  Persistence - ok
18:04:01.0488 0x1d08  [ 6B08632F7634F344372B25A507DA7C47, C955BFB0F4601A4D1077119B204785FE4CB975E961D2AEE9C2BFA6EDC27E3CE2 ] C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe
18:04:01.0504 0x1d08  Nvtmru - ok
18:04:01.0567 0x1d08  [ 353C3D309B32642C329518FB2A3CC317, 9F1EDA8398203D65C2B05874052F5544DB1F662C24ECEEC9C95D5C397ABDAF76 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
18:04:01.0567 0x1d08  IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
18:04:01.0567 0x1d08  IAStorIcon ( UnsignedFile.Multi.Generic ) - warning
18:04:04.0114 0x1d08  [ EE864CD35936E4AAD8120321907DA8F5, D4A37E70302DF0A76E20F1AC1CD427A831BA80A8E1729E0E5637DC48E7A85DF3 ] c:\program files (x86)\Dolby Home Theater v4\pcee4.exe
18:04:04.0145 0x1d08  DolbyTrayApp - ok
18:04:04.0301 0x1d08  [ E7C8E8D71978722E1D3C4D6FBC7D98C0, C45B79FCAA1D3D25DD50A525CE26D1469E4C6183E117DDD7950B57BBAB31E8D9 ] C:\Program Files\Lenovo\Onekey Theater\OnekeyStudio.exe
18:04:04.0364 0x1d08  OnekeyStudio - ok
18:04:04.0771 0x1d08  [ C26A1B3F9BA8086BC0A22F056703E0F4, 17DCFB6AAFB42E9F26817FF043868E9D82BC4BEDFDFD34021A9352B720DBFEF8 ] C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
18:04:05.0006 0x1d08  Energy Manager - ok
18:04:05.0037 0x1d08  [ CA8486284806BF318BA56CE9CFC36D94, 66804050E39EE7AB671DBF87F32CCA21F869B530A208D393998CCD80ADE0D327 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
18:04:05.0037 0x1d08  Lenovo Utility - ok
18:04:05.0146 0x1d08  [ 05C5CBE5C0C26EFF48AF60639F30F4F5, 29B20E80D0251B488CFAC1576FF9350BB79BDB33667BC5F38DF8B0FB4C7FB17C ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
18:04:05.0177 0x1d08  NvBackend - ok
18:04:05.0209 0x1d08  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\WINDOWS\system32\rundll32.exe
18:04:05.0256 0x1d08  ShadowPlay - ok
18:04:05.0256 0x1d08  SynTPEnh - ok
18:04:05.0256 0x1d08  [ 6C308D32AFA41D26CE2A0EA8F7B79565, 5CC2C563D89257964C4B446F54AFE1E57BBEE49315A9FC001FF5A6BCB6650393 ] C:\Windows\system32\rundll32.exe
18:04:05.0271 0x1d08  Logitech Download Assistant - ok
18:04:05.0302 0x1d08  [ 076B3EE149E01ADBAC2DC529554A3FD9, 4F65D9D2EE44829AA2264210112851E899165C2346489BEBE679C41420CF7D07 ] C:\Program Files\iTunes\iTunesHelper.exe
18:04:05.0302 0x1d08  iTunesHelper - ok
18:04:05.0365 0x1d08  [ FA6220C7FDF2D94CFF82D45B72E5C929, C3E414388F8818EC4B3BEABC8ED16DE6CBF965A6603328A45AD6D9A1808F3E55 ] C:\Program Files (x86)\USB Camera\VM331STI.EXE
18:04:05.0381 0x1d08  331BigDog - ok
18:04:05.0443 0x1d08  [ C2513AEB3F326B8811E2A37C9A7F930B, E3D9C0BB1A31367E7E3E0ED71F04068DF09F57CA293293B24D841331A1F9ADCB ] C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe
18:04:05.0474 0x1d08  YouCam Tray - ok
18:04:05.0537 0x1d08  [ 16D807D8B07A868298A8044E576BE419, 148399752A497E7FEA07C59C89834E266652AC1C0793B5C9C429FDBB37AB7617 ] C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:04:05.0568 0x1d08  UpdateP2GShortCut - detected UnsignedFile.Multi.Generic ( 1 )
18:04:05.0568 0x1d08  UpdateP2GShortCut ( UnsignedFile.Multi.Generic ) - warning
18:04:05.0568 0x1d08  Force sending object to P2P due to detect: C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe
18:04:08.0699 0x1d08  Object send P2P result: true
18:04:11.0231 0x1d08  [ C049C40CAEE8900130BD5F80B594CC7B, F54FC31662A9B8032B380793D534F34A0C63FED9C84DE313D17A61612EB31DC4 ] C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
18:04:11.0247 0x1d08  RemoteControl10 - ok
18:04:11.0309 0x1d08  [ 43E946AAD268FEAFB1E286677E70CB5D, 7798926B3CF11D1CF7DFF9B3D67AD3DC67010A62F3132CAEA273EB299A61B176 ] C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
18:04:11.0309 0x1d08  Intel AppUp(SM) center - ok
18:04:11.0513 0x1d08  [ 8A312D5764B4FC4C55CEDDEED4652CF1, C4E726C9C77614CD32D5B76DA2E9A049EC490C2392D9A94B84712BCBF47BA7C6 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
18:04:11.0622 0x1d08  AvastUI.exe - ok
18:04:11.0716 0x1d08  [ 247FD3171B3E08CFCC8ACB540818CA15, 7F1195A40187C04CEE532B258421A3422AACA16BE54FD55F12966DC00FDBDCC4 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
18:04:11.0731 0x1d08  IJNetworkScannerSelectorEX - ok
18:04:11.0794 0x1d08  [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
18:04:11.0810 0x1d08  BCSSync - ok
18:04:11.0872 0x1d08  [ F916BA0DA28A4B4F7B1ADE76EB42F088, FB3C91D44709D039E959B275F6ECE26AF9307D272FE3E25CC41EAC259AA3B596 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
18:04:11.0903 0x1d08  SunJavaUpdateSched - ok
18:04:12.0013 0x1d08  [ F73154E180105822A5F9B755BA933737, 1CD775B6CE3736A70EC5FC7A6B77A2FEDA70D59B49A66046CC20B341005501D9 ] C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
18:04:12.0075 0x1d08  DAEMON Tools Lite - ok
18:04:12.0075 0x1d08  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.8.207.0 ), 0x60100 ( disabled : updated )
18:04:12.0075 0x1d08  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 11.1.2245.1540 ), 0x41000 ( enabled : updated )
18:04:12.0075 0x1d08  Win FW state via NFP2: enabled ( trusted )
18:04:14.0577 0x1d08  ============================================================
18:04:14.0577 0x1d08  Scan finished
18:04:14.0577 0x1d08  ============================================================
18:04:14.0577 0x1d18  Detected object count: 4
18:04:14.0577 0x1d18  Actual detected object count: 4
18:04:20.0156 0x1d18  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:20.0156 0x1d18  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:04:20.0156 0x1d18  STacSV ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:20.0156 0x1d18  STacSV ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:04:20.0156 0x1d18  IAStorIcon ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:20.0156 0x1d18  IAStorIcon ( UnsignedFile.Multi.Generic ) - User select action: Skip 
18:04:20.0156 0x1d18  UpdateP2GShortCut ( UnsignedFile.Multi.Generic ) - skipped by user
18:04:20.0156 0x1d18  UpdateP2GShortCut ( UnsignedFile.Multi.Generic ) - User select action: Skip
         

Alt 02.01.2016, 19:10   #12
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

rootkit activity detected



Malwarebytes hat eine mögliche rootkitactivity angezeigt und spuckte die Meldung auf dem screenshot aus:
Miniaturansicht angehängter Grafiken
avast meldet rootkit in .../SysWOW64-Ordner-rootkit-meldung.jpg  

Alt 04.01.2016, 21:23   #13
Bootsektor
/// TB-Ausbilder
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner



Ja, das ist NVIDIA.

Ist legitim, sonst hat MBAR nichts angezeigt? Das Log dazu?

Alt 17.01.2016, 22:00   #14
Quax_DG
 
avast meldet rootkit in .../SysWOW64-Ordner - Standard

avast meldet rootkit in .../SysWOW64-Ordner



Hallo, entschuldige bitte die lange Wartezeit. Ich war beruflich stark eingespannt und da ist das Problem ein bisschen hinten über gefallen. Der Scan blieb aber ohne Ergebnis.

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org

Database version:
  main:    v2016.01.17.04
  rootkit: v2016.01.09.01

Windows 8.1 x64 NTFS
Internet Explorer 11.0.9600.18125
Ute :: UTE2 [administrator]

17.01.2016 20:44:33
mbar-log-2016-01-17 (20-44-33).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 373523
Time elapsed: 21 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         
Darüber hinaus ergab sich zwischenzeitlich das Problem, dass der Rechner sein WLAN-Modul "vergessen" hat. Im Gerätemanager erschien es nicht mehr, auch der Versuch einer manuellen Neuinstallation brachte keinen Erfolg. Stets war es so, als sei physisch keines vorhanden. Später war das Problem einfach ohne mein Zutun behoben. Ob das mit der .dll in einem Zusammenhang steht ist ungewiss. Ich erwarte gespannt deine Antwort. Die nächsten Wochen bin ich auch wieder erreichbar.
Gruß
Quax

Antwort

Themen zu avast meldet rootkit in .../SysWOW64-Ordner
.dll-datei, anleitung, ausführung, avast, datei, dateiname, einträge, forum, frage, funktion, gen, logfile, meldet, natürlich, neu, problem, programm, quarantäne, rechner, rootkit, rootkits, schwer, sicherheit, system, syswow64, win32, windows



Ähnliche Themen: avast meldet rootkit in .../SysWOW64-Ordner


  1. Rootkit in syswow64
    Log-Analyse und Auswertung - 26.12.2015 (7)
  2. Nach USB-Stick: Avast meldet blockieren der Websites disorderstatus.ru und diferentia.ru; Prozess windows\SysWOW64\msiexec
    Log-Analyse und Auswertung - 14.09.2015 (13)
  3. Avast meldet anythicago im System32 Ordner
    Plagegeister aller Art und deren Bekämpfung - 11.06.2015 (12)
  4. Trojaner auf dem Rechner; Avast meldet Bedrohung und nicht durchsuchbare Ordner
    Plagegeister aller Art und deren Bekämpfung - 03.01.2015 (7)
  5. Avast meldet Rootkit bei neuem Laptop
    Plagegeister aller Art und deren Bekämpfung - 09.11.2014 (9)
  6. Rootkit Trojaner hat Syswow64 infiziert...
    Plagegeister aller Art und deren Bekämpfung - 10.08.2014 (7)
  7. Hilfe: Avast hat Rootkit hidden files in WinSxS Ordner gefunden
    Log-Analyse und Auswertung - 17.01.2014 (5)
  8. Windows 7: u.A. Lange Bootzeit / Verdächtige Dateien im Ordner Windows/SysWOW64
    Log-Analyse und Auswertung - 23.09.2013 (21)
  9. avast! meldet potenzielles Rootkit "SVC:SystemStoreService"
    Plagegeister aller Art und deren Bekämpfung - 30.06.2013 (20)
  10. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  11. Viruswarnung von Avast in dem syswow64 Ordner
    Log-Analyse und Auswertung - 12.09.2012 (5)
  12. Avast! findet "Rootkit: hiddenfile" in meinem Windows Ordner
    Plagegeister aller Art und deren Bekämpfung - 05.08.2012 (1)
  13. C:\Windows\SysWOW64 Ordner öffnet sich dauerhaft, wenn ich im Internet surfe
    Plagegeister aller Art und deren Bekämpfung - 28.06.2012 (1)
  14. avast meldet: Datei: system\cm106eye.exe - Geöfnet von: SysWOW64\rundll32.exe
    Antiviren-, Firewall- und andere Schutzprogramme - 03.11.2011 (17)
  15. Avast meldet Sinowal-IM in c:\Windows\SysWOW64\prodorom_0.dll
    Log-Analyse und Auswertung - 04.08.2011 (7)
  16. avast! meldet Bedrohung: Win32:rootkit-gen [Rtk]
    Log-Analyse und Auswertung - 03.12.2010 (3)

Zum Thema avast meldet rootkit in .../SysWOW64-Ordner - Hallo liebe Community, ich bin neu hier im Tojaner-board und versuche mein Problem gemäß der Anleitung zu beschreiben. Bei dem (möglicherweise) befallenen System handelt es sich um die 64-bit-Version von - avast meldet rootkit in .../SysWOW64-Ordner...
Archiv
Du betrachtest: avast meldet rootkit in .../SysWOW64-Ordner auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.