Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Windows Firewall and MSE disabled; cannot open downloaded documents &#


  • This topic is locked This topic is locked

#46
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Ta this is becoming more and more intriguing.. Is it a new variant I wonder
  • 0

Advertisements


#47
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
TDSSkiller found nothing:

10:24:10.0286 0x1370 TDSS rootkit removing tool 3.0.0.16 Nov 1 2013 15:53:38
10:24:13.0827 0x1370 ============================================================
10:24:13.0827 0x1370 Current date / time: 2013/11/01 10:24:13.0827
10:24:13.0827 0x1370 SystemInfo:
10:24:13.0827 0x1370
10:24:13.0827 0x1370 OS Version: 6.1.7601 ServicePack: 1.0
10:24:13.0827 0x1370 Product type: Workstation
10:24:13.0827 0x1370 ComputerName: RYAN2011-PC
10:24:13.0827 0x1370 UserName: Ryan2011
10:24:13.0827 0x1370 Windows directory: C:\Windows
10:24:13.0827 0x1370 System windows directory: C:\Windows
10:24:13.0827 0x1370 Running under WOW64
10:24:13.0827 0x1370 Processor architecture: Intel x64
10:24:13.0827 0x1370 Number of processors: 2
10:24:13.0827 0x1370 Page size: 0x1000
10:24:13.0827 0x1370 Boot type: Normal boot
10:24:13.0827 0x1370 ============================================================
10:24:14.0311 0x1370 System UUID: {257E5D12-ED69-BC9B-A13F-53309C8E8CF9}
10:24:14.0888 0x1370 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:24:14.0935 0x1370 ============================================================
10:24:14.0935 0x1370 \Device\Harddisk0\DR0:
10:24:14.0935 0x1370 MBR partitions:
10:24:14.0935 0x1370 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x180F000
10:24:14.0935 0x1370 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1823000, BlocksNum 0x38B62800
10:24:14.0935 0x1370 ============================================================
10:24:14.0950 0x1370 C: <-> \Device\Harddisk0\DR0\Partition2
10:24:14.0950 0x1370 ============================================================
10:24:14.0950 0x1370 Initialize success
10:24:14.0950 0x1370 ============================================================
10:24:29.0864 0x0308 ============================================================
10:24:29.0864 0x0308 Scan started
10:24:29.0864 0x0308 Mode: Manual; SigCheck; TDLFS;
10:24:29.0864 0x0308 ============================================================
10:24:29.0864 0x0308 KSN ping started
10:24:32.0719 0x0308 KSN ping finished: true
10:24:32.0828 0x0308 ================ Scan system memory ========================
10:24:32.0828 0x0308 System memory - ok
10:24:32.0828 0x0308 ================ Scan services =============================
10:24:32.0937 0x0308 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
10:24:33.0031 0x0308 1394ohci - ok
10:24:33.0077 0x0308 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
10:24:33.0093 0x0308 ACPI - ok
10:24:33.0124 0x0308 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
10:24:33.0171 0x0308 AcpiPmi - ok
10:24:33.0265 0x0308 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:24:33.0296 0x0308 AdobeFlashPlayerUpdateSvc - ok
10:24:33.0327 0x0308 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
10:24:33.0358 0x0308 adp94xx - ok
10:24:33.0374 0x0308 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
10:24:33.0389 0x0308 adpahci - ok
10:24:33.0421 0x0308 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
10:24:33.0436 0x0308 adpu320 - ok
10:24:33.0452 0x0308 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
10:24:33.0561 0x0308 AeLookupSvc - ok
10:24:33.0623 0x0308 [ 314C17917AC8523EC77A710215012A65, 725CF2D5F63C06F7704C24FE0CFA696215DADC6C0EC445D9671E82F8E23E56AD ] AFD C:\Windows\system32\drivers\afd.sys
10:24:33.0701 0x0308 AFD - ok
10:24:33.0733 0x0308 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
10:24:33.0748 0x0308 agp440 - ok
10:24:33.0764 0x0308 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
10:24:33.0826 0x0308 ALG - ok
10:24:33.0857 0x0308 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
10:24:33.0889 0x0308 aliide - ok
10:24:33.0889 0x0308 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
10:24:33.0904 0x0308 amdide - ok
10:24:33.0951 0x0308 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
10:24:34.0029 0x0308 AmdK8 - ok
10:24:34.0045 0x0308 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
10:24:34.0076 0x0308 AmdPPM - ok
10:24:34.0138 0x0308 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
10:24:34.0169 0x0308 amdsata - ok
10:24:34.0185 0x0308 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
10:24:34.0201 0x0308 amdsbs - ok
10:24:34.0216 0x0308 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
10:24:34.0232 0x0308 amdxata - ok
10:24:34.0279 0x0308 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
10:24:34.0388 0x0308 AppID - ok
10:24:34.0403 0x0308 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
10:24:34.0466 0x0308 AppIDSvc - ok
10:24:34.0497 0x0308 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
10:24:34.0575 0x0308 Appinfo - ok
10:24:34.0622 0x0308 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
10:24:34.0653 0x0308 arc - ok
10:24:34.0669 0x0308 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
10:24:34.0669 0x0308 arcsas - ok
10:24:34.0762 0x0308 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:24:34.0793 0x0308 aspnet_state - ok
10:24:34.0809 0x0308 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
10:24:34.0856 0x0308 AsyncMac - ok
10:24:34.0887 0x0308 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
10:24:34.0903 0x0308 atapi - ok
10:24:34.0965 0x0308 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
10:24:35.0027 0x0308 AudioEndpointBuilder - ok
10:24:35.0043 0x0308 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
10:24:35.0090 0x0308 AudioSrv - ok
10:24:35.0121 0x0308 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
10:24:35.0215 0x0308 AxInstSV - ok
10:24:35.0246 0x0308 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
10:24:35.0293 0x0308 b06bdrv - ok
10:24:35.0339 0x0308 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
10:24:35.0371 0x0308 b57nd60a - ok
10:24:35.0417 0x0308 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
10:24:35.0433 0x0308 BDESVC - ok
10:24:35.0449 0x0308 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
10:24:35.0495 0x0308 Beep - ok
10:24:35.0558 0x0308 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll
10:24:35.0667 0x0308 BITS - ok
10:24:35.0698 0x0308 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
10:24:35.0729 0x0308 blbdrive - ok
10:24:35.0776 0x0308 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
10:24:35.0823 0x0308 bowser - ok
10:24:35.0854 0x0308 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
10:24:35.0932 0x0308 BrFiltLo - ok
10:24:35.0948 0x0308 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
10:24:35.0963 0x0308 BrFiltUp - ok
10:24:35.0995 0x0308 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
10:24:36.0026 0x0308 BridgeMP - ok
10:24:36.0057 0x0308 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
10:24:36.0104 0x0308 Browser - ok
10:24:36.0119 0x0308 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
10:24:36.0166 0x0308 Brserid - ok
10:24:36.0182 0x0308 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
10:24:36.0197 0x0308 BrSerWdm - ok
10:24:36.0213 0x0308 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
10:24:36.0244 0x0308 BrUsbMdm - ok
10:24:36.0260 0x0308 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
10:24:36.0275 0x0308 BrUsbSer - ok
10:24:36.0291 0x0308 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
10:24:36.0338 0x0308 BTHMODEM - ok
10:24:36.0369 0x0308 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
10:24:36.0431 0x0308 bthserv - ok
10:24:36.0447 0x0308 catchme - ok
10:24:36.0463 0x0308 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
10:24:36.0509 0x0308 cdfs - ok
10:24:36.0556 0x0308 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
10:24:36.0587 0x0308 cdrom - ok
10:24:36.0634 0x0308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
10:24:36.0681 0x0308 CertPropSvc - ok
10:24:36.0712 0x0308 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
10:24:36.0728 0x0308 circlass - ok
10:24:36.0759 0x0308 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
10:24:36.0775 0x0308 CLFS - ok
10:24:36.0806 0x0308 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:24:36.0821 0x0308 clr_optimization_v2.0.50727_32 - ok
10:24:36.0837 0x0308 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:24:36.0853 0x0308 clr_optimization_v2.0.50727_64 - ok
10:24:36.0899 0x0308 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:24:36.0931 0x0308 clr_optimization_v4.0.30319_32 - ok
10:24:36.0931 0x0308 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:24:36.0946 0x0308 clr_optimization_v4.0.30319_64 - ok
10:24:36.0977 0x0308 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
10:24:37.0024 0x0308 CmBatt - ok
10:24:37.0055 0x0308 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
10:24:37.0055 0x0308 cmdide - ok
10:24:37.0102 0x0308 [ AAFCB52FE0037207FB6FBEA070D25EFE, 7D035BFB6DD86944CCDE6D71811891406D7FD08344EF8CF57C4D932E096F1377 ] CNG C:\Windows\system32\Drivers\cng.sys
10:24:37.0133 0x0308 CNG - ok
10:24:37.0165 0x0308 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
10:24:37.0180 0x0308 Compbatt - ok
10:24:37.0211 0x0308 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
10:24:37.0258 0x0308 CompositeBus - ok
10:24:37.0258 0x0308 COMSysApp - ok
10:24:37.0274 0x0308 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
10:24:37.0289 0x0308 crcdisk - ok
10:24:37.0321 0x0308 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
10:24:37.0352 0x0308 CryptSvc - ok
10:24:37.0383 0x0308 [ C72D445D22C23A14B8B97E36699C22AE, D4940968ABDBD714F3B98F395A9746D8FC0BD2B322B5EEE6DD9AD791FF63BD54 ] CSRBC C:\Windows\system32\Drivers\csrbc.sys
10:24:37.0430 0x0308 CSRBC - ok
10:24:37.0492 0x0308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
10:24:37.0555 0x0308 DcomLaunch - ok
10:24:37.0586 0x0308 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
10:24:37.0633 0x0308 defragsvc - ok
10:24:37.0664 0x0308 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
10:24:37.0711 0x0308 DfsC - ok
10:24:37.0773 0x0308 [ 6060106CE00F32F63F1A73160E46E9D2, E7E14E759F30916BAF1AF4CF459FCFD55D308C44173A6131D1323FAD8A5259A9 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
10:24:37.0804 0x0308 dg_ssudbus - ok
10:24:37.0851 0x0308 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
10:24:37.0929 0x0308 Dhcp - ok
10:24:37.0960 0x0308 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
10:24:38.0023 0x0308 discache - ok
10:24:38.0038 0x0308 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
10:24:38.0038 0x0308 Disk - ok
10:24:38.0069 0x0308 dlbk_device - ok
10:24:38.0116 0x0308 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
10:24:38.0147 0x0308 Dnscache - ok
10:24:38.0179 0x0308 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
10:24:38.0241 0x0308 dot3svc - ok
10:24:38.0288 0x0308 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
10:24:38.0319 0x0308 Dot4 - ok
10:24:38.0366 0x0308 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys
10:24:38.0413 0x0308 Dot4Print - ok
10:24:38.0428 0x0308 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
10:24:38.0444 0x0308 dot4usb - ok
10:24:38.0491 0x0308 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
10:24:38.0537 0x0308 DPS - ok
10:24:38.0569 0x0308 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
10:24:38.0584 0x0308 drmkaud - ok
10:24:38.0647 0x0308 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
10:24:38.0678 0x0308 DXGKrnl - ok
10:24:38.0693 0x0308 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
10:24:38.0756 0x0308 EapHost - ok
10:24:38.0865 0x0308 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
10:24:39.0021 0x0308 ebdrv - ok
10:24:39.0052 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
10:24:39.0099 0x0308 EFS - ok
10:24:39.0130 0x0308 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
10:24:39.0161 0x0308 elxstor - ok
10:24:39.0177 0x0308 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
10:24:39.0208 0x0308 ErrDev - ok
10:24:39.0239 0x0308 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
10:24:39.0286 0x0308 EventSystem - ok
10:24:39.0317 0x0308 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
10:24:39.0349 0x0308 exfat - ok
10:24:39.0364 0x0308 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
10:24:39.0427 0x0308 fastfat - ok
10:24:39.0505 0x0308 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
10:24:39.0583 0x0308 Fax - ok
10:24:39.0598 0x0308 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
10:24:39.0614 0x0308 fdc - ok
10:24:39.0645 0x0308 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
10:24:39.0676 0x0308 fdPHost - ok
10:24:39.0676 0x0308 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
10:24:39.0707 0x0308 FDResPub - ok
10:24:39.0723 0x0308 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
10:24:39.0739 0x0308 FileInfo - ok
10:24:39.0754 0x0308 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
10:24:39.0785 0x0308 Filetrace - ok
10:24:39.0895 0x0308 [ ABEDFD48AC042C6AAAD32452E77217A1, BC45A1C36BDBC20EF4E7D3CFB5368912382D964CB34D050ED255F56307F4C910 ] FLEXnet Licensing Service C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
10:24:39.0910 0x0308 FLEXnet Licensing Service - ok
10:24:39.0926 0x0308 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
10:24:39.0941 0x0308 flpydisk - ok
10:24:39.0973 0x0308 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
10:24:40.0004 0x0308 FltMgr - ok
10:24:40.0082 0x0308 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
10:24:40.0160 0x0308 FontCache - ok
10:24:40.0207 0x0308 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:24:40.0222 0x0308 FontCache3.0.0.0 - ok
10:24:40.0238 0x0308 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
10:24:40.0253 0x0308 FsDepends - ok
10:24:40.0269 0x0308 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
10:24:40.0285 0x0308 Fs_Rec - ok
10:24:40.0331 0x0308 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
10:24:40.0347 0x0308 fvevol - ok
10:24:40.0363 0x0308 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
10:24:40.0378 0x0308 gagp30kx - ok
10:24:40.0441 0x0308 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
10:24:40.0503 0x0308 gpsvc - ok
10:24:40.0550 0x0308 [ 7E9CFF4AB4FC39E6E987F0BE63BD8D4A, 67A8D4CF5CEE19A3748C187C6194B0D2CDC2533A386401CE4687BF6B2DCED77D ] gtfilter C:\Windows\system32\DRIVERS\gtfilter.sys
10:24:40.0565 0x0308 gtfilter - ok
10:24:40.0659 0x0308 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:24:40.0675 0x0308 gupdate - ok
10:24:40.0690 0x0308 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
10:24:40.0706 0x0308 gupdatem - ok
10:24:40.0721 0x0308 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
10:24:40.0784 0x0308 hcw85cir - ok
10:24:40.0815 0x0308 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
10:24:40.0877 0x0308 HDAudBus - ok
10:24:40.0893 0x0308 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
10:24:40.0909 0x0308 HidBatt - ok
10:24:40.0924 0x0308 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
10:24:40.0955 0x0308 HidBth - ok
10:24:40.0971 0x0308 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
10:24:41.0002 0x0308 HidIr - ok
10:24:41.0018 0x0308 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
10:24:41.0096 0x0308 hidserv - ok
10:24:41.0127 0x0308 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
10:24:41.0143 0x0308 HidUsb - ok
10:24:41.0189 0x0308 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
10:24:41.0252 0x0308 hkmsvc - ok
10:24:41.0283 0x0308 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
10:24:41.0345 0x0308 HomeGroupListener - ok
10:24:41.0377 0x0308 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
10:24:41.0392 0x0308 HomeGroupProvider - ok
10:24:41.0501 0x0308 [ 5DA42D24712E00728CEA2342A65009B2, 73EC5250DCFD556525B24B3CA66C64AC7747E77652A2AD6119936A59A9E8562A ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
10:24:41.0533 0x0308 hpqcxs08 - ok
10:24:41.0564 0x0308 [ D86A39BF100069444D026D22D9A6E555, 7B24D48D5BA67704C88697FADB64364E0E64D26259408E3C219820C5404C5EEC ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
10:24:41.0579 0x0308 hpqddsvc - ok
10:24:41.0611 0x0308 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
10:24:41.0626 0x0308 HpSAMD - ok
10:24:41.0735 0x0308 [ F37882F128EFACEFE353E0BAE2766909, 2F9D21613500F092DFC0DB879180B549EE615D9B07408A5CC1A7F84663B2F47A ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
10:24:41.0782 0x0308 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
10:24:45.0089 0x0308 Detect skipped due to KSN trusted
10:24:45.0089 0x0308 HPSLPSVC - ok
10:24:45.0167 0x0308 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
10:24:45.0230 0x0308 HTTP - ok
10:24:45.0245 0x0308 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
10:24:45.0277 0x0308 hwpolicy - ok
10:24:45.0308 0x0308 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
10:24:45.0308 0x0308 i8042prt - ok
10:24:45.0339 0x0308 [ 1D004CB1DA6323B1F55CAEF7F94B61D9, 8FFFB429BA46938724BBB87AB9B3EC77EA17C4B893BABDBDD38309F02963D405 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
10:24:45.0355 0x0308 iaStor - ok
10:24:45.0417 0x0308 [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
10:24:45.0433 0x0308 IAStorDataMgrSvc - ok
10:24:45.0464 0x0308 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
10:24:45.0479 0x0308 iaStorV - ok
10:24:45.0557 0x0308 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:24:45.0589 0x0308 idsvc - ok
10:24:45.0869 0x0308 [ C6238C6ABD6AC99F5D152DA4E9439A3D, 6FC490B94CEF523C7C099AEA3D36AB75C9896B1D83D4467D237E698A8E0D9E7B ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
10:24:46.0228 0x0308 igfx - ok
10:24:46.0275 0x0308 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
10:24:46.0291 0x0308 iirsp - ok
10:24:46.0337 0x0308 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
10:24:46.0400 0x0308 IKEEXT - ok
10:24:46.0493 0x0308 [ 492CD3A94913D753B4591CD9E29EC843, 2DC95A60E2FB4DB13F936BCA9B63F261D473F693FC01F43588BAC232CBB34AED ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
10:24:46.0540 0x0308 IntcAzAudAddService - ok
10:24:46.0571 0x0308 [ D485D3BD3E2179AA86853A182F70699F, 6398534A471ACC77FE058C28A8DBEABDD0166CC3D9AEC8D45CCB68F978F7303C ] IntcHdmiAddService C:\Windows\system32\drivers\IntcHdmi.sys
10:24:46.0603 0x0308 IntcHdmiAddService - ok
10:24:46.0634 0x0308 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
10:24:46.0649 0x0308 intelide - ok
10:24:46.0681 0x0308 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
10:24:46.0712 0x0308 intelppm - ok
10:24:46.0743 0x0308 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
10:24:46.0805 0x0308 IPBusEnum - ok
10:24:46.0837 0x0308 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
10:24:46.0883 0x0308 IpFilterDriver - ok
10:24:46.0930 0x0308 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
10:24:46.0961 0x0308 IPMIDRV - ok
10:24:46.0993 0x0308 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
10:24:47.0055 0x0308 IPNAT - ok
10:24:47.0055 0x0308 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
10:24:47.0117 0x0308 IRENUM - ok
10:24:47.0133 0x0308 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
10:24:47.0149 0x0308 isapnp - ok
10:24:47.0164 0x0308 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
10:24:47.0180 0x0308 iScsiPrt - ok
10:24:47.0195 0x0308 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
10:24:47.0211 0x0308 kbdclass - ok
10:24:47.0242 0x0308 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
10:24:47.0258 0x0308 kbdhid - ok
10:24:47.0273 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
10:24:47.0289 0x0308 KeyIso - ok
10:24:47.0320 0x0308 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
10:24:47.0336 0x0308 KSecDD - ok
10:24:47.0383 0x0308 [ 7EFB9333E4ECCE6AE4AE9D777D9E553E, 94F1382291BD748BAE7EDBCB56F43B8564A1EE22E2DBEB37066559EE3D065FBA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
10:24:47.0398 0x0308 KSecPkg - ok
10:24:47.0414 0x0308 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
10:24:47.0461 0x0308 ksthunk - ok
10:24:47.0492 0x0308 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
10:24:47.0554 0x0308 KtmRm - ok
10:24:47.0617 0x0308 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
10:24:47.0663 0x0308 LanmanServer - ok
10:24:47.0710 0x0308 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
10:24:47.0757 0x0308 LanmanWorkstation - ok
10:24:47.0788 0x0308 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
10:24:47.0819 0x0308 lltdio - ok
10:24:47.0851 0x0308 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
10:24:47.0913 0x0308 lltdsvc - ok
10:24:47.0929 0x0308 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
10:24:47.0960 0x0308 lmhosts - ok
10:24:47.0991 0x0308 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
10:24:47.0991 0x0308 LSI_FC - ok
10:24:48.0007 0x0308 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
10:24:48.0022 0x0308 LSI_SAS - ok
10:24:48.0038 0x0308 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
10:24:48.0053 0x0308 LSI_SAS2 - ok
10:24:48.0069 0x0308 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
10:24:48.0069 0x0308 LSI_SCSI - ok
10:24:48.0100 0x0308 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
10:24:48.0131 0x0308 luafv - ok
10:24:48.0147 0x0308 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
10:24:48.0163 0x0308 megasas - ok
10:24:48.0178 0x0308 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
10:24:48.0194 0x0308 MegaSR - ok
10:24:48.0225 0x0308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
10:24:48.0272 0x0308 MMCSS - ok
10:24:48.0272 0x0308 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
10:24:48.0319 0x0308 Modem - ok
10:24:48.0334 0x0308 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
10:24:48.0365 0x0308 monitor - ok
10:24:48.0381 0x0308 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
10:24:48.0397 0x0308 mouclass - ok
10:24:48.0397 0x0308 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
10:24:48.0428 0x0308 mouhid - ok
10:24:48.0475 0x0308 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
10:24:48.0490 0x0308 mountmgr - ok
10:24:48.0553 0x0308 [ FC1D590039EF06A381768710E6C07E75, 2F8B4D5232C4848A423A4E647102F3EDFD9B3D55D0D14AC04FD6D60D9212106F ] MpFilter C:\Windows\system32\DRIVERS\MpFilter.sys
10:24:48.0568 0x0308 MpFilter - ok
10:24:48.0599 0x0308 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
10:24:48.0615 0x0308 mpio - ok
10:24:48.0631 0x0308 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
10:24:48.0662 0x0308 mpsdrv - ok
10:24:48.0677 0x0308 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
10:24:48.0709 0x0308 MRxDAV - ok
10:24:48.0724 0x0308 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
10:24:48.0755 0x0308 mrxsmb - ok
10:24:48.0787 0x0308 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
10:24:48.0833 0x0308 mrxsmb10 - ok
10:24:48.0865 0x0308 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
10:24:48.0880 0x0308 mrxsmb20 - ok
10:24:48.0911 0x0308 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
10:24:48.0911 0x0308 msahci - ok
10:24:48.0927 0x0308 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
10:24:48.0943 0x0308 msdsm - ok
10:24:48.0958 0x0308 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
10:24:49.0005 0x0308 MSDTC - ok
10:24:49.0036 0x0308 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
10:24:49.0067 0x0308 Msfs - ok
10:24:49.0083 0x0308 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
10:24:49.0114 0x0308 mshidkmdf - ok
10:24:49.0145 0x0308 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
10:24:49.0177 0x0308 msisadrv - ok
10:24:49.0208 0x0308 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
10:24:49.0270 0x0308 MSiSCSI - ok
10:24:49.0286 0x0308 msiserver - ok
10:24:49.0301 0x0308 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
10:24:49.0333 0x0308 MSKSSRV - ok
10:24:49.0395 0x0308 [ 52D60E642263719B37F1E4A785E676EB, 1ECCB557FC26F120852E02142EDE60A91F1E53EBD6BF3A15676AF2A286B986E6 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
10:24:49.0426 0x0308 MsMpSvc - ok
10:24:49.0457 0x0308 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
10:24:49.0489 0x0308 MSPCLOCK - ok
10:24:49.0504 0x0308 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
10:24:49.0551 0x0308 MSPQM - ok
10:24:49.0598 0x0308 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
10:24:49.0613 0x0308 MsRPC - ok
10:24:49.0645 0x0308 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
10:24:49.0660 0x0308 mssmbios - ok
10:24:49.0660 0x0308 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
10:24:49.0707 0x0308 MSTEE - ok
10:24:49.0707 0x0308 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
10:24:49.0723 0x0308 MTConfig - ok
10:24:49.0738 0x0308 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
10:24:49.0754 0x0308 Mup - ok
10:24:49.0769 0x0308 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
10:24:49.0816 0x0308 napagent - ok
10:24:49.0847 0x0308 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
10:24:49.0879 0x0308 NativeWifiP - ok
10:24:49.0941 0x0308 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
10:24:49.0972 0x0308 NDIS - ok
10:24:49.0988 0x0308 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
10:24:50.0019 0x0308 NdisCap - ok
10:24:50.0035 0x0308 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
10:24:50.0066 0x0308 NdisTapi - ok
10:24:50.0081 0x0308 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
10:24:50.0159 0x0308 Ndisuio - ok
10:24:50.0191 0x0308 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
10:24:50.0222 0x0308 NdisWan - ok
10:24:50.0253 0x0308 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
10:24:50.0315 0x0308 NDProxy - ok
10:24:50.0362 0x0308 [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
10:24:50.0378 0x0308 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:24:53.0389 0x0308 Detect skipped due to KSN trusted
10:24:53.0389 0x0308 Net Driver HPZ12 - ok
10:24:53.0420 0x0308 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
10:24:53.0482 0x0308 NetBIOS - ok
10:24:53.0513 0x0308 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
10:24:53.0576 0x0308 NetBT - ok
10:24:53.0591 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
10:24:53.0607 0x0308 Netlogon - ok
10:24:53.0623 0x0308 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
10:24:53.0669 0x0308 Netman - ok
10:24:53.0701 0x0308 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:24:53.0716 0x0308 NetMsmqActivator - ok
10:24:53.0716 0x0308 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:24:53.0732 0x0308 NetPipeActivator - ok
10:24:53.0747 0x0308 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
10:24:53.0810 0x0308 netprofm - ok
10:24:53.0810 0x0308 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:24:53.0825 0x0308 NetTcpActivator - ok
10:24:53.0825 0x0308 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:24:53.0841 0x0308 NetTcpPortSharing - ok
10:24:53.0857 0x0308 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
10:24:53.0872 0x0308 nfrd960 - ok
10:24:53.0903 0x0308 [ 8FB3C853E886E1E4D57271672486111C, 2D2954740BF2046FC4C0F1C00FBA9627C356792C0636A51078116876E4886FC6 ] NisDrv C:\Windows\system32\DRIVERS\NisDrvWFP.sys
10:24:53.0935 0x0308 NisDrv - ok
10:24:53.0966 0x0308 [ 506BAA292F60C2AB637B9AEA3325D7D0, 5535FA9DD208CDBE70999866FAD422F2D9B6F59C33617675867F2B8C923F108E ] NisSrv c:\Program Files\Microsoft Security Client\NisSrv.exe
10:24:54.0044 0x0308 NisSrv - ok
10:24:54.0075 0x0308 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
10:24:54.0106 0x0308 NlaSvc - ok
10:24:54.0122 0x0308 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
10:24:54.0153 0x0308 Npfs - ok
10:24:54.0169 0x0308 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
10:24:54.0215 0x0308 nsi - ok
10:24:54.0231 0x0308 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
10:24:54.0293 0x0308 nsiproxy - ok
10:24:54.0356 0x0308 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
10:24:54.0418 0x0308 Ntfs - ok
10:24:54.0434 0x0308 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
10:24:54.0465 0x0308 Null - ok
10:24:54.0496 0x0308 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
10:24:54.0496 0x0308 nvraid - ok
10:24:54.0512 0x0308 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
10:24:54.0527 0x0308 nvstor - ok
10:24:54.0559 0x0308 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
10:24:54.0559 0x0308 nv_agp - ok
10:24:54.0605 0x0308 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
10:24:54.0621 0x0308 ohci1394 - ok
10:24:54.0652 0x0308 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:24:54.0668 0x0308 ose - ok
10:24:54.0699 0x0308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
10:24:54.0746 0x0308 p2pimsvc - ok
10:24:54.0777 0x0308 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
10:24:54.0793 0x0308 p2psvc - ok
10:24:54.0808 0x0308 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
10:24:54.0824 0x0308 Parport - ok
10:24:54.0855 0x0308 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
10:24:54.0855 0x0308 partmgr - ok
10:24:54.0886 0x0308 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
10:24:54.0917 0x0308 pci - ok
10:24:54.0949 0x0308 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
10:24:54.0949 0x0308 pciide - ok
10:24:54.0964 0x0308 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
10:24:54.0980 0x0308 pcmcia - ok
10:24:55.0011 0x0308 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
10:24:55.0027 0x0308 pcw - ok
10:24:55.0058 0x0308 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
10:24:55.0120 0x0308 PEAUTH - ok
10:24:55.0183 0x0308 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
10:24:55.0198 0x0308 PerfHost - ok
10:24:55.0292 0x0308 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
10:24:55.0370 0x0308 pla - ok
10:24:55.0417 0x0308 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
10:24:55.0448 0x0308 PlugPlay - ok
10:24:55.0495 0x0308 [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
10:24:55.0526 0x0308 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
10:24:58.0365 0x0308 Detect skipped due to KSN trusted
10:24:58.0365 0x0308 Pml Driver HPZ12 - ok
10:24:58.0381 0x0308 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
10:24:58.0412 0x0308 PNRPAutoReg - ok
10:24:58.0427 0x0308 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
10:24:58.0443 0x0308 PNRPsvc - ok
10:24:58.0459 0x0308 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
10:24:58.0490 0x0308 Power - ok
10:24:58.0537 0x0308 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
10:24:58.0568 0x0308 PptpMiniport - ok
10:24:58.0583 0x0308 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
10:24:58.0583 0x0308 Processor - ok
10:24:58.0615 0x0308 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
10:24:58.0646 0x0308 ProfSvc - ok
10:24:58.0661 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
10:24:58.0661 0x0308 ProtectedStorage - ok
10:24:58.0693 0x0308 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
10:24:58.0739 0x0308 Psched - ok
10:24:58.0771 0x0308 qghjhmp - ok
10:24:58.0817 0x0308 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
10:24:58.0880 0x0308 ql2300 - ok
10:24:58.0895 0x0308 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
10:24:58.0911 0x0308 ql40xx - ok
10:24:58.0942 0x0308 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
10:24:58.0958 0x0308 QWAVE - ok
10:24:58.0973 0x0308 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
10:24:59.0020 0x0308 QWAVEdrv - ok
10:24:59.0036 0x0308 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
10:24:59.0067 0x0308 RasAcd - ok
10:24:59.0098 0x0308 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
10:24:59.0129 0x0308 RasAgileVpn - ok
10:24:59.0145 0x0308 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
10:24:59.0176 0x0308 RasAuto - ok
10:24:59.0207 0x0308 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
10:24:59.0285 0x0308 Rasl2tp - ok
10:24:59.0317 0x0308 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
10:24:59.0348 0x0308 RasMan - ok
10:24:59.0363 0x0308 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
10:24:59.0410 0x0308 RasPppoe - ok
10:24:59.0441 0x0308 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
10:24:59.0488 0x0308 RasSstp - ok
10:24:59.0519 0x0308 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
10:24:59.0551 0x0308 rdbss - ok
10:24:59.0566 0x0308 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
10:24:59.0582 0x0308 rdpbus - ok
10:24:59.0597 0x0308 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
10:24:59.0629 0x0308 RDPCDD - ok
10:24:59.0644 0x0308 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
10:24:59.0691 0x0308 RDPENCDD - ok
10:24:59.0722 0x0308 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
10:24:59.0738 0x0308 RDPREFMP - ok
10:24:59.0816 0x0308 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
10:24:59.0863 0x0308 RdpVideoMiniport - ok
10:24:59.0894 0x0308 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
10:24:59.0956 0x0308 RDPWD - ok
10:24:59.0987 0x0308 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
10:25:00.0019 0x0308 rdyboost - ok
10:25:00.0050 0x0308 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
10:25:00.0097 0x0308 RemoteRegistry - ok
10:25:00.0097 0x0308 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
10:25:00.0128 0x0308 RpcEptMapper - ok
10:25:00.0143 0x0308 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
10:25:00.0159 0x0308 RpcLocator - ok
10:25:00.0206 0x0308 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll
10:25:00.0253 0x0308 RpcSs - ok
10:25:00.0284 0x0308 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
10:25:00.0315 0x0308 rspndr - ok
10:25:00.0346 0x0308 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
10:25:00.0377 0x0308 RTL8023x64 - ok
10:25:00.0455 0x0308 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
10:25:00.0471 0x0308 RTL8167 - ok
10:25:00.0487 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
10:25:00.0502 0x0308 SamSs - ok
10:25:00.0533 0x0308 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
10:25:00.0533 0x0308 sbp2port - ok
10:25:00.0580 0x0308 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
10:25:00.0627 0x0308 SCardSvr - ok
10:25:00.0658 0x0308 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
10:25:00.0705 0x0308 scfilter - ok
10:25:00.0752 0x0308 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
10:25:00.0830 0x0308 Schedule - ok
10:25:00.0877 0x0308 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
10:25:00.0892 0x0308 SCPolicySvc - ok
10:25:00.0908 0x0308 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
10:25:00.0939 0x0308 SDRSVC - ok
10:25:00.0955 0x0308 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
10:25:01.0017 0x0308 secdrv - ok
10:25:01.0048 0x0308 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
10:25:01.0079 0x0308 seclogon - ok
10:25:01.0095 0x0308 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
10:25:01.0126 0x0308 SENS - ok
10:25:01.0142 0x0308 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
10:25:01.0157 0x0308 SensrSvc - ok
10:25:01.0157 0x0308 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
10:25:01.0189 0x0308 Serenum - ok
10:25:01.0204 0x0308 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
10:25:01.0220 0x0308 Serial - ok
10:25:01.0235 0x0308 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
10:25:01.0267 0x0308 sermouse - ok
10:25:01.0298 0x0308 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
10:25:01.0345 0x0308 SessionEnv - ok
10:25:01.0376 0x0308 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
10:25:01.0391 0x0308 sffdisk - ok
10:25:01.0407 0x0308 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
10:25:01.0423 0x0308 sffp_mmc - ok
10:25:01.0438 0x0308 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
10:25:01.0469 0x0308 sffp_sd - ok
10:25:01.0485 0x0308 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
10:25:01.0501 0x0308 sfloppy - ok
10:25:01.0532 0x0308 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
10:25:01.0579 0x0308 ShellHWDetection - ok
10:25:01.0594 0x0308 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
10:25:01.0594 0x0308 SiSRaid2 - ok
10:25:01.0625 0x0308 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
10:25:01.0625 0x0308 SiSRaid4 - ok
10:25:01.0688 0x0308 [ D0C0B700152B1F610F10B356483B3401, 514896C41D0CF28DF24AA80A5C3326A911B3564B2CF35FE3FAA100247C1749A9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
10:25:01.0703 0x0308 SkypeUpdate - ok
10:25:01.0735 0x0308 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
10:25:01.0766 0x0308 Smb - ok
10:25:01.0781 0x0308 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
10:25:01.0797 0x0308 SNMPTRAP - ok
10:25:01.0813 0x0308 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
10:25:01.0813 0x0308 spldr - ok
10:25:01.0875 0x0308 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
10:25:01.0906 0x0308 Spooler - ok
10:25:02.0047 0x0308 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
10:25:02.0218 0x0308 sppsvc - ok
10:25:02.0234 0x0308 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
10:25:02.0265 0x0308 sppuinotify - ok
10:25:02.0312 0x0308 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
10:25:02.0359 0x0308 srv - ok
10:25:02.0390 0x0308 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
10:25:02.0421 0x0308 srv2 - ok
10:25:02.0437 0x0308 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
10:25:02.0468 0x0308 srvnet - ok
10:25:02.0499 0x0308 [ ED161B91FDF7EAA39469D72D463D5F4E, FC793E378FB709313D0AC44F59BF5C9488D73235AA2B1A21C50C3DED91C6BE62 ] sscdbus C:\Windows\system32\DRIVERS\sscdbus.sys
10:25:02.0530 0x0308 sscdbus - ok
10:25:02.0546 0x0308 [ 4CB09E77593DBD8D7AF33B37375CA715, 7B14851A8EDAA996D28335FD4DA812C6114DD5012E1E929F4813797CDC77E5BC ] sscdmdfl C:\Windows\system32\DRIVERS\sscdmdfl.sys
10:25:02.0561 0x0308 sscdmdfl - ok
10:25:02.0593 0x0308 [ C7B4CF53497A6E5363F3439427663882, 993278ADAAC18F12FE00CCF76681461451DA335F67BB581FC7326045048EC085 ] sscdmdm C:\Windows\system32\DRIVERS\sscdmdm.sys
10:25:02.0608 0x0308 sscdmdm - ok
10:25:02.0639 0x0308 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
10:25:02.0671 0x0308 SSDPSRV - ok
10:25:02.0686 0x0308 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
10:25:02.0717 0x0308 SstpSvc - ok
10:25:02.0764 0x0308 [ 855335BF5792E56164F98C012E3D92DD, 4C0DAB03AC7B7DF52D2FBC89AD09A4421D16C02EFB035101EF419E9D2FF903A0 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
10:25:02.0780 0x0308 ssudmdm - ok
10:25:02.0811 0x0308 Steam Client Service - ok
10:25:02.0842 0x0308 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
10:25:02.0858 0x0308 stexstor - ok
10:25:02.0889 0x0308 [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
10:25:02.0920 0x0308 StillCam - ok
10:25:02.0983 0x0308 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
10:25:03.0045 0x0308 stisvc - ok
10:25:03.0076 0x0308 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
10:25:03.0076 0x0308 swenum - ok
10:25:03.0123 0x0308 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
10:25:03.0185 0x0308 swprv - ok
10:25:03.0263 0x0308 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
10:25:03.0357 0x0308 SysMain - ok
10:25:03.0388 0x0308 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
10:25:03.0404 0x0308 TabletInputService - ok
10:25:03.0419 0x0308 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
10:25:03.0466 0x0308 TapiSrv - ok
10:25:03.0482 0x0308 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
10:25:03.0497 0x0308 TBS - ok
10:25:03.0591 0x0308 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
10:25:03.0669 0x0308 Tcpip - ok
10:25:03.0747 0x0308 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
10:25:03.0794 0x0308 TCPIP6 - ok
10:25:03.0841 0x0308 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
10:25:03.0856 0x0308 tcpipreg - ok
10:25:03.0887 0x0308 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
10:25:03.0919 0x0308 TDPIPE - ok
10:25:03.0950 0x0308 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
10:25:03.0965 0x0308 TDTCP - ok
10:25:03.0997 0x0308 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
10:25:04.0075 0x0308 tdx - ok
10:25:04.0090 0x0308 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
10:25:04.0106 0x0308 TermDD - ok
10:25:04.0137 0x0308 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
10:25:04.0184 0x0308 TermService - ok
10:25:04.0199 0x0308 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
10:25:04.0231 0x0308 Themes - ok
10:25:04.0262 0x0308 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
10:25:04.0293 0x0308 THREADORDER - ok
10:25:04.0309 0x0308 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
10:25:04.0355 0x0308 TrkWks - ok
10:25:04.0418 0x0308 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
10:25:04.0465 0x0308 TrustedInstaller - ok
10:25:04.0480 0x0308 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
10:25:04.0496 0x0308 tssecsrv - ok
10:25:04.0543 0x0308 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
10:25:04.0558 0x0308 TsUsbFlt - ok
10:25:04.0589 0x0308 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
10:25:04.0636 0x0308 tunnel - ok
10:25:04.0667 0x0308 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
10:25:04.0683 0x0308 uagp35 - ok
10:25:04.0730 0x0308 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
10:25:04.0777 0x0308 udfs - ok
10:25:04.0808 0x0308 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
10:25:04.0823 0x0308 UI0Detect - ok
10:25:04.0823 0x0308 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
10:25:04.0839 0x0308 uliagpkx - ok
10:25:04.0870 0x0308 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
10:25:04.0886 0x0308 umbus - ok
10:25:04.0901 0x0308 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
10:25:04.0917 0x0308 UmPass - ok
10:25:04.0933 0x0308 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
10:25:05.0011 0x0308 upnphost - ok
10:25:05.0042 0x0308 [ ACCEA6BC68D0C9A78EB97EE159028B4E, 132F7A543C1DA9456FBABA50552B37E3162ACA612A8567BB3FF0F7DA84231419 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
10:25:05.0057 0x0308 usbccgp - ok
10:25:05.0089 0x0308 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
10:25:05.0120 0x0308 usbcir - ok
10:25:05.0135 0x0308 [ 311C1DD1088E55BEAE15954D17F50646, A663344ABD1414D570617F59CC00020640F31DB34265142EFCA8817328DB842A ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
10:25:05.0151 0x0308 usbehci - ok
10:25:05.0182 0x0308 [ 280E90CBF4B2DDD169F0728CB44D726F, 2B39666C022A4F7338BDDB4CB0D7B4D0CC6B398298D29E38826F27FADF4C29DD ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
10:25:05.0198 0x0308 usbhub - ok
10:25:05.0213 0x0308 [ 9406D801042FAF859CF81B2C886413DC, D16536EC05260D7A2902314E1AA5E5F73533483B9967739C381FD41B6192B92F ] usbohci C:\Windows\system32\drivers\usbohci.sys
10:25:05.0213 0x0308 usbohci - ok
10:25:05.0229 0x0308 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
10:25:05.0260 0x0308 usbprint - ok
10:25:05.0276 0x0308 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
10:25:05.0291 0x0308 usbscan - ok
10:25:05.0307 0x0308 [ B57B4F0BEC4270A281B9F8537EB2FA04, 554273482EE85F010DC62E412C9933E65BD63AA09911BD25D86F86D2618EF382 ] usbser C:\Windows\system32\DRIVERS\usbser.sys
10:25:05.0338 0x0308 usbser - ok
10:25:05.0369 0x0308 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
10:25:05.0432 0x0308 USBSTOR - ok
10:25:05.0447 0x0308 [ A83D0EC9AE4C31704442099D40BA2471, A29D714FCDF10DF7A2A17D54B131AEFDA61AED988CF8B99C7B30728C50130DCE ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
10:25:05.0463 0x0308 usbuhci - ok
10:25:05.0494 0x0308 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
10:25:05.0541 0x0308 UxSms - ok
10:25:05.0557 0x0308 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
10:25:05.0572 0x0308 VaultSvc - ok
10:25:05.0603 0x0308 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
10:25:05.0603 0x0308 vdrvroot - ok
10:25:05.0650 0x0308 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
10:25:05.0697 0x0308 vds - ok
10:25:05.0713 0x0308 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
10:25:05.0728 0x0308 vga - ok
10:25:05.0744 0x0308 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
10:25:05.0791 0x0308 VgaSave - ok
10:25:05.0806 0x0308 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
10:25:05.0822 0x0308 vhdmp - ok
10:25:05.0837 0x0308 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
10:25:05.0853 0x0308 viaide - ok
10:25:05.0884 0x0308 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
10:25:05.0884 0x0308 volmgr - ok
10:25:05.0947 0x0308 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
10:25:05.0962 0x0308 volmgrx - ok
10:25:05.0993 0x0308 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
10:25:06.0009 0x0308 volsnap - ok
10:25:06.0025 0x0308 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
10:25:06.0040 0x0308 vsmraid - ok
10:25:06.0118 0x0308 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
10:25:06.0212 0x0308 VSS - ok
10:25:06.0227 0x0308 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
10:25:06.0243 0x0308 vwifibus - ok
10:25:06.0259 0x0308 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
10:25:06.0321 0x0308 W32Time - ok
10:25:06.0352 0x0308 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
10:25:06.0368 0x0308 WacomPen - ok
10:25:06.0415 0x0308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
10:25:06.0461 0x0308 WANARP - ok
10:25:06.0477 0x0308 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
10:25:06.0493 0x0308 Wanarpv6 - ok
10:25:06.0602 0x0308 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
10:25:06.0664 0x0308 WatAdminSvc - ok
10:25:06.0742 0x0308 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
10:25:06.0820 0x0308 wbengine - ok
10:25:06.0851 0x0308 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
10:25:06.0867 0x0308 WbioSrvc - ok
10:25:06.0914 0x0308 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
10:25:06.0945 0x0308 wcncsvc - ok
10:25:06.0976 0x0308 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
10:25:07.0007 0x0308 WcsPlugInService - ok
10:25:07.0023 0x0308 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
10:25:07.0039 0x0308 Wd - ok
10:25:07.0085 0x0308 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
10:25:07.0101 0x0308 Wdf01000 - ok
10:25:07.0117 0x0308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
10:25:07.0210 0x0308 WdiServiceHost - ok
10:25:07.0210 0x0308 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
10:25:07.0241 0x0308 WdiSystemHost - ok
10:25:07.0273 0x0308 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
10:25:07.0288 0x0308 WebClient - ok
10:25:07.0304 0x0308 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
10:25:07.0351 0x0308 Wecsvc - ok
10:25:07.0366 0x0308 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
10:25:07.0413 0x0308 wercplsupport - ok
10:25:07.0444 0x0308 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
10:25:07.0475 0x0308 WerSvc - ok
10:25:07.0491 0x0308 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
10:25:07.0522 0x0308 WfpLwf - ok
10:25:07.0553 0x0308 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
10:25:07.0569 0x0308 WimFltr - ok
10:25:07.0585 0x0308 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
10:25:07.0600 0x0308 WIMMount - ok
10:25:07.0600 0x0308 WinHttpAutoProxySvc - ok
10:25:07.0663 0x0308 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
10:25:07.0694 0x0308 Winmgmt - ok
10:25:07.0787 0x0308 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
10:25:07.0881 0x0308 WinRM - ok
10:25:07.0928 0x0308 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
10:25:07.0959 0x0308 WinUsb - ok
10:25:08.0006 0x0308 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
10:25:08.0053 0x0308 Wlansvc - ok
10:25:08.0209 0x0308 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:25:08.0271 0x0308 wlidsvc - ok
10:25:08.0318 0x0308 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
10:25:08.0349 0x0308 WmiAcpi - ok
10:25:08.0380 0x0308 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
10:25:08.0396 0x0308 wmiApSrv - ok
10:25:08.0427 0x0308 WMPNetworkSvc - ok
10:25:08.0458 0x0308 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
10:25:08.0505 0x0308 WPCSvc - ok
10:25:08.0536 0x0308 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
10:25:08.0552 0x0308 WPDBusEnum - ok
10:25:08.0567 0x0308 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
10:25:08.0599 0x0308 ws2ifsl - ok
10:25:08.0630 0x0308 [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice C:\Windows\system32\DRIVERS\WSDPrint.sys
10:25:08.0645 0x0308 WSDPrintDevice - ok
10:25:08.0645 0x0308 WSearch - ok
10:25:08.0739 0x0308 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
10:25:08.0848 0x0308 wuauserv - ok
10:25:08.0879 0x0308 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
10:25:08.0911 0x0308 WudfPf - ok
10:25:08.0942 0x0308 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
10:25:08.0957 0x0308 WUDFRd - ok
10:25:08.0973 0x0308 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
10:25:08.0989 0x0308 wudfsvc - ok
10:25:09.0020 0x0308 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
10:25:09.0067 0x0308 WwanSvc - ok
10:25:09.0098 0x0308 ================ Scan global ===============================
10:25:09.0129 0x0308 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
10:25:09.0160 0x0308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:25:09.0176 0x0308 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
10:25:09.0191 0x0308 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
10:25:09.0223 0x0308 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
10:25:09.0223 0x0308 [ Global ] - ok
10:25:09.0223 0x0308 ================ Scan MBR ==================================
10:25:09.0238 0x0308 [ CDB4DE4BBD714F152979DA2DCBEF57EB ] \Device\Harddisk0\DR0
10:25:09.0457 0x0308 \Device\Harddisk0\DR0 - ok
10:25:09.0457 0x0308 ================ Scan VBR ==================================
10:25:09.0457 0x0308 [ 7C2765AE92DE3F94FE953BA4A521E712 ] \Device\Harddisk0\DR0\Partition1
10:25:09.0457 0x0308 \Device\Harddisk0\DR0\Partition1 - ok
10:25:09.0488 0x0308 [ E6496E50260951ECD12ADA64FF7FD416 ] \Device\Harddisk0\DR0\Partition2
10:25:09.0488 0x0308 \Device\Harddisk0\DR0\Partition2 - ok
10:25:09.0488 0x0308 Waiting for KSN requests completion. In queue: 191
10:25:10.0502 0x0308 Waiting for KSN requests completion. In queue: 191
10:25:11.0516 0x0308 Waiting for KSN requests completion. In queue: 191
10:25:12.0530 0x0308 Waiting for KSN requests completion. In queue: 191
10:25:13.0544 0x0308 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.3.219.0 ), 0x61000 ( enabled : updated )
10:25:13.0544 0x0308 Win FW state via NFP2: enabled
10:25:16.0461 0x0308 ============================================================
10:25:16.0461 0x0308 Scan finished
10:25:16.0461 0x0308 ============================================================
10:25:16.0461 0x13a4 Detected object count: 0
10:25:16.0461 0x13a4 Actual detected object count: 0
  • 0

#48
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK so it is not in the MBR .. This variant has been around now for about 6 months, so I guess it is time that they changed it


Could you now run Combofix please and allow it to update if it requests. I want to see if that folder really has gone..


* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.

3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#49
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Attached the log from combofix. Machine has been running normally since the first fix that we ran earlier.
I disabled MSE but combofix still saw it as active. Not sure how to disable that aside from completely uninstalling it, as MSE itself says it's disabled.

Attached Files


  • 0

#50
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK I have found a driver, this is similar to one I removed earlier.. I wonder if it is the same one.

Could you download a fresh copy of security essentials from here to your desktop http://www.microsoft...ls.aspx?id=5201
Then disconnect from the net and uninstall Microsoft security essentials and windows defender
Once done :

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

Driver::
qghjhmp

File::
c:\windows\system32\drivers\wbvvid.sys

Folder::
C:\Users\Ryan2011\AppData\Local\Google\Desktop
C:\Program Files (x86)\Google\Desktop
C:\Program Files\Windows Defender
C:\Program Files\Microsoft Security Client



Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it will produce a log for you at C:\ComboFix.txt which I will require in your next reply.

After the reboot then install the fresh copy of Microsoft security essentials
  • 0

#51
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK further analysis shows that the driver was created after the reparse points were deleted by FRST

2013-11-01 14:02 . 2013-11-01 14:02 61440 ----a-w- c:\windows\SysWow64\drivers\wbvvid.sys

Which appears to confirm my initial thought that the malware is actually corrupting files within MSES itself or the Google update jobs have been suborned.. I will check those out next

Thank you for your forbearance in this, as it does appear to be a new twist on this version of ZA
  • 0

#52
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Attached combofix log. Also reinstalled MSE. I also uninstalled google drive since I don't actually use it in case it was causing some of the complications.

Attached Files


  • 0

#53
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK Combofix killed the driver but for some reason it did not remove the file so we will do that next

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following
    Posted Image
:Commands
[CREATERESTOREPOINT]

:Files
C:\cleanup.bat
c:\windows\SysWow64\drivers\wbvvid.sys

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

  • 0

#54
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
OTL log attached after fix/reboot/quickscan

Attached Files

  • Attached File  OTL.Txt   81.97KB   121 downloads

  • 0

#55
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK again that looks clean... Could you use a normal now and when you reboot again tomorrow run an FRST scan to double check..

Also could you zip the following folder and either attach to your next post or upload to a file sharing site for me to collect so that I can have a thorough look at it :

C:\Qoobox
  • 0

Advertisements


#56
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
This being Friday, I will not be back in the office on this computer until Monday morning. I will run the scans again and post at that time.

Here is a link to Qoobox.zip, which I uploaded to the public folder in my dropbox:
https://dl.dropboxus...1272/Qoobox.zip
  • 0

#57
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Thank you I now have it :)
  • 0

#58
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Came back again today. First noticed the downloading/deleting problem about two hours after turning on the PC.
  • 0

#59
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Are you attached to a network ?
  • 0

#60
Lyanheart

Lyanheart

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 136 posts
Yes, to the internet router in my small office. There are 2 other PC's connected other than mine. None of them show any signs of infection.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP