| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-(Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.10.2015, 13:17
| #1 |
 |  Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Hallo, seit ca einer Woche springt mein Symantec immer wieder mit Viren und Trojaner Warnungen usw. an, mein PC ist unendlich langsam und zu dem auch noch mein Arbeitsgerät, bitte helft mir! Hier schon einmal der FRST.txt und Addition.txt: Ich hoffe ihr könnt mir weiterhelfen, steh auf dem Schlauch  Danke schon einmal vorab Eure Gift :-) |
|
12.10.2015, 16:37
| #2 |
| /// the machine /// TB-Ausbilder    |  Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Hi,
__________________Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ |
|
13.10.2015, 07:38
| #3 |
| | FRST.txt okay, sorry also hier der FRST.txt :
__________________FRST Logfile: Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:11-10-2015 02
durchgeführt von Tina (Administrator) auf ADD-INN-BUHA (12-10-2015 14:09:34)
Gestartet von C:\Users\Tina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW0JS940
Geladene Profile: Tina (Verfügbare Profile: Tina & MSSQLFDLauncher)
Platform: Windows 7 Professional Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: IE)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(FarStone Technology) C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Gadwin Systems, Inc) C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
(shbox.de) C:\Program Files (x86)\FreePDF_XP\fpassist.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Sage Software) C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
(Sage Software) C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Microsoft Corporation) C:\Windows\SysWOW64\xcopy.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(CANON INC.) C:\Program Files (x86)\Canon\Solution Menu EX\CNSEUPDT.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\fsutil.exe
(Microsoft Corporation) C:\Windows\SysWOW64\label.exe
(Microsoft Corporation) C:\Windows\SysWOW64\NETSTAT.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\OUTLOOK.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2780776 2011-07-19] (CANON INC.)
HKLM\...\Run: [current_mode_pwm] => C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe [266240 2010-12-13] (FarStone Technology)
HKLM-x32\...\Run: [FreePDF Assistant] => C:\Program Files (x86)\FreePDF_XP\fpassist.exe [371200 2011-02-23] (shbox.de)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [CanonSolutionMenuEx] => C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE [1637496 2011-08-04] (CANON INC.)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [439440 2011-09-27] (CANON INC.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\SEP-x32: C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll [X]
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [Gadwin PrintScreen] => C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe [487424 2011-05-03] (Gadwin Systems, Inc)
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [airport-fixed] => C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe [157696 2015-10-05] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [issue-finger] => C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe [201216 2015-10-08] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [meat-ball] => C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe [207360 2015-10-08] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [court-design] => C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe [186880 2015-10-09] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\Run: [ccleaner] => C:\Program Files\CCleaner\CCleaner64.exe [5628848 2012-12-19] (Piriform Ltd)
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\RunOnce: [meat-ball] => C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe [207360 2015-10-08] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\RunOnce: [issue-finger] => C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe [201216 2015-10-08] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\RunOnce: [court-design] => C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe [186880 2015-10-09] () <===== ACHTUNG
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\...\RunOnce: [airport-fixed] => C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe [157696 2015-10-05] () <===== ACHTUNG
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\VR-NetWorld Auftragsprüfung.lnk [2013-08-08]
ShortcutTarget: VR-NetWorld Auftragsprüfung.lnk -> C:\Program Files (x86)\VR-NetWorld\VRToolCheckOrder.exe (VR-NetWorld Software)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Hosts: 192.168.178.36
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{793DC4C8-C7D8-441E-9944-5BA5D61A1031}: [DhcpNameServer] 192.168.178.1
Internet Explorer:
==================
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.de/
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
SearchScopes: HKU\S-1-5-21-1451804703-4159516416-4063369182-1011 -> DefaultScope {2593F79E-67FA-4239-82BF-AA2091261133} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1451804703-4159516416-4063369182-1011 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1451804703-4159516416-4063369182-1011 -> {2593F79E-67FA-4239-82BF-AA2091261133} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\bin\IPS\IPSBHO.DLL [2011-09-17] (Symantec Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll [2014-12-08] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [Keine Datei]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll [2014-12-08] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2011-09-22] (CANON INC.)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-07-03] (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF
FF Extension: Symantec Intrusion Prevention - C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\IPSFF [2013-10-14]
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 galvanic_isolation; C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe [207062 2013-09-04] (Intel(R) Corporation) [Datei ist nicht signiert]
S2 MsDtsServer110; C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [218784 2014-07-23] (Microsoft Corporation)
S3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [49752 2012-02-11] (Microsoft Corporation)
S2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [192160 2014-07-23] (Microsoft Corporation)
S2 MSSQLServerOLAPService; C:\Program Files\Microsoft SQL Server\MSAS11.MSSQLSERVER\OLAP\bin\msmdsrv.exe [72497640 2012-10-20] (Microsoft Corporation)
S2 ReportServer; C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [2423792 2012-10-20] (Microsoft Corporation)
R2 SageDeploymentService; C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe [428400 2013-07-09] (Sage Software) [Datei ist nicht signiert]
R2 SageMultiUserService40; C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe [256000 2014-10-02] (Sage Software) [Datei ist nicht signiert]
R2 SepMasterService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [137224 2011-09-20] (Symantec Corporation)
R3 SmcService; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe [2594816 2011-10-30] (Symantec Corporation)
S3 SNAC; C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe [324016 2011-10-30] (Symantec Corporation)
S2 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [613024 2014-07-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R1 BHDrvx64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20150925.011\BHDrvx64.sys [1650936 2015-08-14] (Symantec Corporation)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-29] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-29] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151009.001\IDSvia64.sys [671448 2015-03-24] (Symantec Corporation)
R3 NAVENG; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151011.021\ENG64.SYS [138488 2015-07-27] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151011.021\EX64.SYS [2146040 2015-07-27] (Symantec Corporation)
S4 RsFx0201; C:\Windows\System32\DRIVERS\RsFx0201.sys [336880 2012-10-20] (Microsoft Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R1 SRTSP; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS [678008 2011-09-27] (Symantec Corporation)
R1 SRTSPX; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS [39032 2011-09-27] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS [451192 2011-07-16] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS [931448 2011-08-27] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2012-12-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS [171128 2011-09-13] (Symantec Corporation)
R1 SYMNETS; C:\Windows\System32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS [386168 2011-09-08] (Symantec Corporation)
S3 vmci; \SystemRoot\system32\DRIVERS\vmci.sys [X]
S3 VMnetAdapter; system32\DRIVERS\vmnetadapter.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Drei Monate: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 13:59 - 2015-10-12 14:09 - 00000000 ____D C:\FRST
2015-10-12 13:58 - 2015-10-12 13:58 - 00000000 _____ C:\Windows\setuperr.log
2015-10-12 13:58 - 2015-10-12 13:58 - 00000000 _____ C:\Windows\setupact.log
2015-10-12 13:51 - 2015-10-12 13:51 - 00001055 _____ C:\Users\Tina\Desktop\Notepad++.lnk
2015-10-12 13:51 - 2015-10-12 13:51 - 00000000 ____D C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-12 13:51 - 2015-10-12 13:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2015-10-12 11:31 - 2015-10-12 11:31 - 00031744 _____ C:\Users\Tina\Desktop\Kopie von SIB_Veranstaltungs_Zeitplanung.xls
2015-10-08 10:11 - 2015-10-09 08:52 - 00000000 ____D C:\Users\Tina\Desktop\Löschupgrade
2015-10-08 09:30 - 2015-10-08 11:17 - 00000000 ____D C:\Users\Tina\Desktop\Lösch 6.1 Referenz
2015-10-08 09:23 - 2015-10-08 09:23 - 00000000 ____D C:\Users\Tina\Desktop\01
2015-10-07 15:00 - 2015-10-07 15:00 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-10-07 15:00 - 2015-10-07 15:00 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-09-18 12:23 - 2015-10-12 13:43 - 00000000 ____D C:\Users\Tina\Desktop\Neuer Ordner
2015-09-17 11:23 - 2015-09-17 11:24 - 00000000 ____D C:\Users\Tina\Desktop\add-inn mda
2015-08-10 11:13 - 2015-08-10 13:41 - 00000000 ____D C:\Users\Tina\AppData\Roaming\CDTPL
2015-08-10 11:12 - 2015-08-10 11:12 - 00001206 _____ C:\Users\Public\Desktop\SysTools Outlook PST Viewer v4.0.lnk
2015-08-10 11:12 - 2015-08-10 11:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SysTools Outlook PST Viewer v4.0
2015-07-20 14:30 - 2015-10-12 13:52 - 00000000 ____D C:\Users\Tina\AppData\Roaming\Notepad++
2015-07-20 13:32 - 2015-07-20 13:32 - 00050298 _____ C:\Users\Tina\Downloads\Strings.zip
2015-07-20 10:12 - 2015-07-20 10:12 - 00000000 ____D C:\Users\Tina\AppData\Roaming\PDAppFlex
2015-07-20 10:12 - 2015-07-20 10:12 - 00000000 ____D C:\Users\Tina\AppData\Local\CEF
2015-07-20 10:08 - 2015-10-07 15:01 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-20 10:06 - 2015-07-20 10:06 - 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2015-07-20 09:46 - 2015-07-20 09:47 - 02066496 _____ (Adobe) C:\Users\Tina\Desktop\acrobatproDC_00000000000000000000000407.exe
2015-07-15 13:48 - 2015-07-23 14:53 - 00000000 __SHD C:\Users\Tina\Documents\cache
==================== Drei Monate: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-10-12 14:03 - 2009-07-14 06:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-12 14:03 - 2009-07-14 06:45 - 00020288 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-12 13:53 - 2014-12-08 18:52 - 00000000 ____D C:\Users\Tina\Documents\Outlook-Dateien
2015-10-12 13:51 - 2015-07-20 14:30 - 00000000 ____D C:\Program Files (x86)\Notepad++
2015-10-12 13:02 - 2012-12-27 18:38 - 01891404 ____N C:\Windows\WindowsUpdate.log
2015-10-12 12:57 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-12 10:28 - 2015-02-19 10:30 - 00000000 ____D C:\Users\Tina\Desktop\Göggelsbuch
2015-10-08 13:11 - 2015-01-14 15:39 - 00000000 ____D C:\Users\Tina\Documents\SQL Server Management Studio
2015-10-08 10:29 - 2015-01-21 16:41 - 00000000 ____D C:\Users\Tina\AppData\Local\FreePDF_XP
2015-10-08 08:45 - 2012-12-27 18:46 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-07 15:01 - 2014-12-18 19:41 - 00000000 ____D C:\Users\Tina\AppData\Local\Adobe
2015-10-07 15:00 - 2012-12-28 10:22 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-10-07 15:00 - 2012-12-28 10:07 - 00000000 ____D C:\ProgramData\Adobe
2015-10-07 13:46 - 2014-12-08 18:37 - 00113088 _____ C:\Users\Tina\AppData\Local\GDIPFONTCACHEV1.DAT
2015-10-07 13:44 - 2009-07-14 06:45 - 00436912 _____ C:\Windows\system32\FNTCACHE.DAT
2015-10-05 09:59 - 2013-08-08 14:42 - 00000000 ____D C:\Users\Public\Documents\VR-NetWorld
2015-09-23 09:49 - 2015-02-02 13:49 - 00012036 _____ C:\Windows\system32\TeamViewer10_Hooks.log
2015-09-23 09:48 - 2015-02-02 13:48 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-09-17 09:45 - 2015-04-24 11:21 - 00000000 ____D C:\Users\Tina\Documents\PrintScreen Files
2015-09-16 11:44 - 2013-03-06 16:57 - 00000000 ____D C:\Windows\Minidump
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2015-03-17 15:47 - 2015-03-17 15:47 - 0012950 _____ () C:\Users\Tina\AppData\Roaming\Microsoft Excel 97-2003.CAL
2015-04-21 11:16 - 2015-04-21 11:46 - 0007605 _____ () C:\Users\Tina\AppData\Local\resmon.resmoncfg
Dateien, die verschoben oder gelöscht werden sollten:
====================
C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
Einige Dateien in TEMP:
====================
C:\Users\Tina\AppData\Local\Temp\xmlUpdater.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-10-01 00:10
==================== Ende von FRST.txt ============================
und hier Addition:FRST Additions Logfile: Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:11-10-2015 02
durchgeführt von Tina (2015-10-12 14:10:50)
Gestartet von C:\Users\Tina\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FW0JS940
Windows 7 Professional Service Pack 1 (X64) (2012-12-27 16:44:19)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1451804703-4159516416-4063369182-500 - Administrator - Disabled)
Gast (S-1-5-21-1451804703-4159516416-4063369182-501 - Limited - Disabled)
Tina (S-1-5-21-1451804703-4159516416-4063369182-1011 - Administrator - Enabled) => C:\Users\Tina
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Symantec Endpoint Protection (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Symantec Endpoint Protection (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.008.20082 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.134 - Adobe Systems Incorporated)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: 3.6 - Auslogics Software Pty Ltd)
Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: - )
Canon Kurzwahlprogramm (HKLM-x32\...\Speed Dial Utility) (Version: - )
Canon MP Navigator EX 5.1 (HKLM-x32\...\MP Navigator EX 5.1) (Version: - )
Canon MX510 series Benutzerregistrierung (HKLM-x32\...\Canon MX510 series Benutzerregistrierung) (Version: - )
Canon MX510 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX510_series) (Version: - )
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM-x32\...\CanonSolutionMenuEX) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 3.26 - Piriform)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Erforderliche Komponenten für SSDT (HKLM-x32\...\{70D065C3-77E5-45E9-A75C-EEB2E84EA869}) (Version: 11.0.2100.60 - Microsoft Corporation)
FreePDF (Remove only) (HKLM-x32\...\FreePDF_XP) (Version: - )
Gadwin PrintScreen (HKLM-x32\...\Gadwin PrintScreen) (Version: 4.6 - Gadwin Systems, Inc.)
GDR 3128 für SQL Server 2012 (KB2793634) (64-bit) (HKLM\...\KB2793634) (Version: 11.1.3128.0 - Microsoft Corporation)
GDR 3153 für SQL Server 2012 (KB2977326) (64-bit) (HKLM\...\KB2977326) (Version: 11.1.3153.0 - Microsoft Corporation)
GPL Ghostscript (HKLM-x32\...\GPL Ghostscript 9.04) (Version: 9.04 - Artifex Software Inc.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Malwarebytes Anti-Malware Version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Help Viewer 1.1 (HKLM\...\Microsoft Help Viewer 1.1) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Help Viewer 1.1 Language Pack - DEU (HKLM\...\Microsoft Help Viewer 1.1 Language Pack - DEU) (Version: 1.1.40219 - Microsoft Corporation)
Microsoft Office 2010 Primary Interop Assemblies (HKLM-x32\...\{90140000-1146-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1150 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer 2012-Laufzeit (HKLM-x32\...\{F2C6E9F1-8F35-42A0-A9CA-E6C94D92A86C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2005-Abwärtskompatibilität (HKLM\...\{1A3B22D6-4932-4920-B7D3-7D17D36E9BA4}) (Version: 8.05.2309 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{5973B12E-5FC1-4EF6-B63B-49C1C4AF2AAA}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft SQL Server 2012 (64-bit) (HKLM\...\Microsoft SQL Server SQLServer2012) (Version: - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{023E8A2C-2169-473E-8F76-7C45D0D63F39}) (Version: 11.1.2816.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{6B7B7E62-9F56-4C87-8664-0E20F2CAB03B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{D4DA7C91-A59F-4C72-BAC4-DF7C76AB1CB8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{93945D16-4C3D-433E-B7E4-3D0D86B284C8}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Setup (English) (HKLM\...\{FE022499-97DD-45C9-A86B-7D34EA4E3A8D}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{D6737142-1A85-4299-8523-5F3A1636EBE7}) (Version: 11.1.3153.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{6F173435-3F19-4043-BA3D-A46AA8472859}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM\...\{90E8C2E5-198C-4923-BC06-AF13E5FA964D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012-Richtlinien (HKLM-x32\...\{1D4E365F-F39C-48BA-A995-CAEDFDA29AD1}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Data Tools – Database Projects – Web installer entry point (HKLM-x32\...\{18558FE7-A87A-4063-9732-95E9E1420828}) (Version: 10.3.20116.0 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A282A232-780C-45E2-A5E5-9B61D74DCC6E}) (Version: 10.51.2500.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.40219 (HKLM-x32\...\{5D9ED403-94DE-3BA0-B1D6-71F4BDA412E6}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Integrated) - DEU (HKLM-x32\...\{B28DC16A-5394-3761-B143-450AE92516BB}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Shell (Isolated) - DEU (HKLM-x32\...\{987AE03F-234A-3623-BD28-6B31FD1D3AB3}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 - DEU Language Pack (HKLM-x32\...\{38F74A0E-357B-336C-B614-FE59F4BC62A0}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications Design-Time 3.0 (HKLM-x32\...\{5A03C202-08B4-3F1D-9A60-A4F53EF1B636}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 - DEU Language Pack (HKLM\...\{CEDCDF4E-1A8D-3E38-85C5-0437D689B6E5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x64 Runtime 3.0 (HKLM\...\{F14401A9-F0A0-33CC-8444-F60823A60DEB}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 - DEU Language Pack (HKLM-x32\...\{96D7B7B6-424F-3A52-8E8D-32CF2615DBD2}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications x86 Runtime 3.0 (HKLM-x32\...\{191A6F65-6878-398D-A272-EF011B80F371}) (Version: 10.0.40220 - Microsoft Corporation)
Microsoft VSS Writer für SQL Server 2012 (HKLM\...\{7647B46D-D4E6-43A5-AC9D-0BAA28C63271}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (HKLM-x32\...\{4C0B27C3-3E8F-4BD2-80FF-6E9E48EBD6D8}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft-System-CLR-Typen für SQL Server 2012 (x64) (HKLM\...\{64A5D39C-95CD-4B8B-B2FA-6C713133B57F}) (Version: 11.1.3000.0 - Microsoft Corporation)
Mozilla Firefox 32.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.8.3 - Notepad++ Team)
PDF-XChange 4 (HKLM\...\{EA08048C-3823-4DC8-B169-1D5D11FFC19F}_is1) (Version: 4.0.203.0 - Tracker Software Products Ltd)
RedMon - Redirection Port Monitor (HKLM\...\Redirection Port Monitor) (Version: - )
Sage Mehrbenutzerdienst 4.0 (HKLM-x32\...\{D015B5E9-8187-4FBC-A019-2C614E67CC10}) (Version: 4.0.7.1 - Sage Software GmbH)
Sage Office Line Evolution 2014 (HKLM-x32\...\{92591382-D0AA-4E2E-9469-6EE67901684E}) (Version: 6.2 - Sage Software GmbH)
Service Pack 1 für SQL Server 2012 (KB2674319) (64-bit) (HKLM\...\KB2674319) (Version: 11.1.3000.0 - Microsoft Corporation)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Snapshot (remove only) (HKLM-x32\...\Snapshot) (Version: - )
SQL Server 2012 Analysis Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 BI Development Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Client Tools (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Common Files (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality client (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Data quality service (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Database Engine Shared (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Full text search (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Integration Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Management Studio (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.0.2100.60 - Microsoft Corporation) Hidden
SQL Server 2012 Reporting Services (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server 2012 SQL Data Quality Common (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (Version: 11.1.3000.0 - Microsoft Corporation) Hidden
SQL Server-Browser für SQL Server 2012 (HKLM-x32\...\{1A4C9497-7D4B-466D-8D3A-FE0D925386DC}) (Version: 11.1.3000.0 - Microsoft Corporation)
Symantec Endpoint Protection (HKLM\...\{5A21AEB1-7984-4B49-967C-9CC1A3379A5E}) (Version: 12.1.1000.157 - Symantec Corporation)
SysTools Outlook PST Viewer v4.0 version SysTools Outlook PST Viewer v4.0 (HKLM-x32\...\{6D4F8DDE-707B-468F-A4FA-502A2A5FC3CE}_is1) (Version: SysTools Outlook PST Viewer v4.0 - SysTools Software)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer)
Unterstützungsdateien für Microsoft SQL Server 2008-Setup (HKLM\...\{6AF73222-EE90-434C-AE7E-B96F70A68D89}) (Version: 10.1.2731.0 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{53952792-BF16-300E-ADF2-E7E4367E00CF}) (Version: 10.0.40219 - Microsoft Corporation)
VR-NetWorld (HKLM-x32\...\{8815F011-43AF-4F50-BBD8-D78ED3D6F5B9}) (Version: - )
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
05-10-2015 11:12:11 Geplanter Prüfpunkt
07-10-2015 13:27:14 Removed Adobe Acrobat DC.
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2015-04-17 10:05 - 00000842 ____A C:\Windows\system32\Drivers\etc\hosts
192.168.178.36
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {25602196-1A21-4F62-8CF2-A907D9A6E762} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {709CF97E-1AA8-441C-8B6E-622BDBD59CA6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-12-19] (Piriform Ltd)
Task: {888A8135-3D90-4582-B72F-87534490AC0E} - System32\Tasks\{587E1BA0-588E-4157-B058-74782774B3B0} => pcalua.exe -a C:\Users\Virpi\Downloads\VRNetWorldSW_50028(1).exe -d C:\Users\Virpi\Downloads
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2012-12-28 10:09 - 2010-06-17 22:56 - 00087040 _____ () C:\Windows\System32\redmonnt.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-12-20 01:03 - 2012-12-20 01:03 - 00036864 _____ () C:\Program Files\CCleaner\lang\lang-1031.dll
2015-07-03 07:09 - 2015-07-03 07:09 - 45080248 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\office14\Cultures\office.odf
2013-02-14 16:46 - 2013-02-14 16:46 - 01044048 _____ () C:\Program Files (x86)\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SepMasterService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SmcService => ""="Service"
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Control Panel\Desktop\\Wallpaper -> C:\Users\Tina\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{3C66BFFD-A4AB-4D77-98EA-2EC31AD667B3}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
FirewallRules: [{3479FAF1-0C88-407A-971E-70CC41F4EFC1}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
FirewallRules: [{965ADF66-BF71-4F2A-A4F4-3E71F090A8EA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
FirewallRules: [{7561C62B-466E-4335-ABF8-2055D509BCCA}] => (Allow) C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
FirewallRules: [{B0A6273F-5369-4DED-BC82-C992442F7F43}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{55E7E6FB-7D9A-44E3-B92D-49A3017E6796}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{D6F1ADAD-395F-4EC9-A3B4-107D4687DC6C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{0E10DEC5-4DCE-4955-8CCB-3D60A9FD0194}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F55D8AD8-3877-493B-836C-39CD7B44BDED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{28DAC6BC-B919-4FB8-8C90-8F27C877C4A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{98DFD6E1-3FCE-4822-BB43-C88C61935CD6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{F98D106F-7CDA-4C0F-8C6E-449F0D29E751}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Christina Bianco (GT-I
Description: GT-I9305
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Samsung Electronics Co., Ltd.
Service: WUDFRd
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: PS/2-kompatible Maus
Description: PS/2-kompatible Maus
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (10/12/2015 01:00:28 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Trojan.Gen.2 in Datei: C:\Users\Tina\AppData\Roaming\hashhhff\frrehdtv.exe von: Auto-Protect-Scan. Aktion: Isolieren erfolgreich : Zugriff verweigert. Beschreibung der Aktion: Die Datei wurde erfolgreich isoliert.
Error: (10/12/2015 12:59:35 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Trojan.Gen.2 in Datei: c:\users\tina\appdata\roaming\hashhhff\frrehdtv.exe von: Manuelle-Scan. Aktion: Löschen erfolgreich . Beschreibung der Aktion: Neustart wird ausgeführt
Error: (10/12/2015 12:59:07 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/12/2015 12:46:47 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Trojan.Gen.2 in Datei: c:\users\tina\appdata\roaming\hashhhff\frrehdtv.exe von: Manuelle-Scan. Aktion: Neustart erforderlich. Beschreibung der Aktion: Die Datei wurde erfolgreich repariert.
Error: (10/12/2015 12:46:38 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Tracking Cookies in Datei: Cookie:tina@doubleclick.net/ von: Manuelle-Scan. Aktion: Löschen erfolgreich. Beschreibung der Aktion: Die Datei wurde erfolgreich gelöscht.
Error: (10/12/2015 09:07:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (10/09/2015 12:04:45 PM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Suspicious.Cloud.5 in Datei: C:\Users\Tina\AppData\Local\Temp\{0000D5A6-C8DD-BA1D} von: Auto-Protect-Scan. Aktion: Isolieren erfolgreich : Zugriff verweigert. Beschreibung der Aktion: Die Datei wurde erfolgreich isoliert.
Error: (10/09/2015 10:22:52 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Suspicious.Cloud.5 in Datei: c:\users\tina\appdata\local\temp\vbr72c1.tmp von: Manueller Scan des Quarantänebereichs-Scan. Aktion: Bereinigen fehlgeschlagen. Beschreibung der Aktion: Die Datei wurde nicht geändert.
Error: (10/09/2015 10:21:43 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Suspicious.Cloud.5 in Datei: c:\users\tina\appdata\local\temp\vbre9e2.tmp von: Manueller Scan des Quarantänebereichs-Scan. Aktion: Bereinigen fehlgeschlagen. Beschreibung der Aktion: Die Datei wurde nicht geändert.
Error: (10/09/2015 10:20:19 AM) (Source: Symantec AntiVirus) (EventID: 51) (User: )
Description: Sicherheitsrisiko gefunden!Suspicious.Cloud.5 in Datei: C:\Users\Tina\AppData\Local\Temp\{000059CF-89DB-D207} von: Auto-Protect-Scan. Aktion: Isolieren erfolgreich : Zugriff verweigert. Beschreibung der Aktion: Die Datei wurde erfolgreich isoliert.
Systemfehler:
=============
Error: (10/12/2015 01:01:42 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Das Einlesen der Sicherungsliste durch den Suchdienst schlug auf Transport "\Device\NetBT_Tcpip_{793DC4C8-C7D8-441E-9944-5BA5D61A1031}" zu oft fehl.
Der Sicherungssuchdienst wird beendet.
Error: (10/12/2015 12:58:26 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Der Dienst "SQL Server-Agent (MSSQLSERVER)" ist vom Dienst "SQL Server (MSSQLSERVER)" abhängig, der aufgrund folgenden Fehlers nicht gestartet wurde:
%%1069
Error: (10/12/2015 12:58:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server Reporting Services (MSSQLSERVER)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/12/2015 12:58:11 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "ReportServer" konnte sich nicht als ".\Virpi" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server Analysis Services (MSSQLSERVER)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "MSSQLServerOLAPService" konnte sich nicht als ".\Virpi" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server (MSSQLSERVER)" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "MSSQLSERVER" konnte sich nicht als ".\Virpi" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "SQL Server Integration Services 11.0" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (10/12/2015 12:58:10 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "MsDtsServer110" konnte sich nicht als ".\Virpi" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1326
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Duo CPU E4600 @ 2.40GHz
Prozentuale Nutzung des RAM: 59%
Installierter physikalischer RAM: 4086.11 MB
Verfügbarer physikalischer RAM: 1669.86 MB
Summe virtueller Speicher: 8170.41 MB
Verfügbarer virtueller Speicher: 4416.6 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:87.79 GB) (Free:22.94 GB) NTFS
Drive d: () (Fixed) (Total:142.99 GB) (Free:72.32 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 7AB852FC)
Partition 1: (Not Active) - (Size=2 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=87.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=143 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
13.10.2015, 18:38
| #4 |
| /// the machine /// TB-Ausbilder | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.10.2015, 15:24
| #5 |
| | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Log von Mbar: Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.9.3.1001
www.malwarebytes.org
Database version:
main: v2015.10.14.02
rootkit: v2015.10.06.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17728
Tina :: ADD-INN-BUHA [administrator]
14.10.2015 12:41:58
mbar-log-2015-10-14 (12-41-58).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 373946
Time elapsed: 55 minute(s), 28 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 16:19:41.0134 0x1a30 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:19:48.0089 0x1a30 ============================================================
16:19:48.0089 0x1a30 Current date / time: 2015/10/14 16:19:48.0089
16:19:48.0089 0x1a30 SystemInfo:
16:19:48.0089 0x1a30
16:19:48.0089 0x1a30 OS Version: 6.1.7601 ServicePack: 1.0
16:19:48.0089 0x1a30 Product type: Workstation
16:19:48.0089 0x1a30 ComputerName: ADD-INN-BUHA
16:19:48.0090 0x1a30 UserName: Tina
16:19:48.0090 0x1a30 Windows directory: C:\Windows
16:19:48.0090 0x1a30 System windows directory: C:\Windows
16:19:48.0090 0x1a30 Running under WOW64
16:19:48.0090 0x1a30 Processor architecture: Intel x64
16:19:48.0090 0x1a30 Number of processors: 2
16:19:48.0090 0x1a30 Page size: 0x1000
16:19:48.0090 0x1a30 Boot type: Normal boot
16:19:48.0090 0x1a30 ============================================================
16:19:49.0668 0x1a30 KLMD registered as C:\Windows\system32\drivers\73387239.sys
16:19:50.0111 0x1a30 System UUID: {781AA5B7-1B30-C024-7160-9241876131D7}
16:19:50.0966 0x1a30 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:19:50.0972 0x1a30 ============================================================
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0:
16:19:50.0972 0x1a30 MBR partitions:
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x404000, BlocksNum 0x32000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x436000, BlocksNum 0xAF96000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB3CC000, BlocksNum 0x11DF9000
16:19:50.0972 0x1a30 ============================================================
16:19:51.0000 0x1a30 C: <-> \Device\Harddisk0\DR0\Partition2
16:19:51.0034 0x1a30 D: <-> \Device\Harddisk0\DR0\Partition3
16:19:51.0034 0x1a30 ============================================================
16:19:51.0034 0x1a30 Initialize success
16:19:51.0034 0x1a30 ============================================================
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 Scan started
16:19:52.0621 0x0be4 Mode: Manual;
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 KSN ping started
16:19:55.0083 0x0be4 KSN ping finished: true
16:19:56.0540 0x0be4 ================ Scan system memory ========================
16:19:56.0540 0x0be4 System memory - ok
16:19:56.0541 0x0be4 ================ Scan services =============================
16:19:56.0674 0x0be4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:19:56.0691 0x0be4 1394ohci - ok
16:19:56.0752 0x0be4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:19:56.0769 0x0be4 ACPI - ok
16:19:56.0791 0x0be4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:19:56.0793 0x0be4 AcpiPmi - ok
16:19:56.0921 0x0be4 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:19:56.0923 0x0be4 AdobeARMservice - ok
16:19:56.0981 0x0be4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:19:57.0007 0x0be4 adp94xx - ok
16:19:57.0041 0x0be4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:19:57.0057 0x0be4 adpahci - ok
16:19:57.0100 0x0be4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:19:57.0106 0x0be4 adpu320 - ok
16:19:57.0138 0x0be4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:19:57.0140 0x0be4 AeLookupSvc - ok
16:19:57.0210 0x0be4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:19:57.0237 0x0be4 AFD - ok
16:19:57.0274 0x0be4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:19:57.0277 0x0be4 agp440 - ok
16:19:57.0331 0x0be4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:19:57.0335 0x0be4 ALG - ok
16:19:57.0368 0x0be4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:19:57.0370 0x0be4 aliide - ok
16:19:57.0390 0x0be4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:19:57.0392 0x0be4 amdide - ok
16:19:57.0421 0x0be4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:19:57.0424 0x0be4 AmdK8 - ok
16:19:57.0448 0x0be4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:19:57.0452 0x0be4 AmdPPM - ok
16:19:57.0490 0x0be4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:19:57.0495 0x0be4 amdsata - ok
16:19:57.0520 0x0be4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:19:57.0527 0x0be4 amdsbs - ok
16:19:57.0545 0x0be4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:19:57.0549 0x0be4 amdxata - ok
16:19:57.0590 0x0be4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
16:19:57.0593 0x0be4 AppID - ok
16:19:57.0625 0x0be4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:19:57.0627 0x0be4 AppIDSvc - ok
16:19:57.0669 0x0be4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:19:57.0678 0x0be4 Appinfo - ok
16:19:57.0737 0x0be4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:19:57.0745 0x0be4 AppMgmt - ok
16:19:57.0775 0x0be4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:19:57.0780 0x0be4 arc - ok
16:19:57.0801 0x0be4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:19:57.0804 0x0be4 arcsas - ok
16:19:57.0912 0x0be4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:19:57.0921 0x0be4 aspnet_state - ok
16:19:57.0955 0x0be4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:19:57.0957 0x0be4 AsyncMac - ok
16:19:57.0978 0x0be4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:19:57.0979 0x0be4 atapi - ok
16:19:58.0041 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:19:58.0066 0x0be4 AudioEndpointBuilder - ok
16:19:58.0098 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:19:58.0112 0x0be4 AudioSrv - ok
16:19:58.0155 0x0be4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:19:58.0160 0x0be4 AxInstSV - ok
16:19:58.0205 0x0be4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:19:58.0231 0x0be4 b06bdrv - ok
16:19:58.0274 0x0be4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:19:58.0285 0x0be4 b57nd60a - ok
16:19:58.0306 0x0be4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:19:58.0311 0x0be4 BDESVC - ok
16:19:58.0335 0x0be4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:19:58.0336 0x0be4 Beep - ok
16:19:58.0383 0x0be4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:19:58.0414 0x0be4 BFE - ok
16:19:58.0583 0x0be4 [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys
16:19:58.0650 0x0be4 BHDrvx64 - ok
16:19:58.0711 0x0be4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:19:58.0743 0x0be4 BITS - ok
16:19:58.0770 0x0be4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:19:58.0772 0x0be4 blbdrive - ok
16:19:58.0806 0x0be4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:19:58.0810 0x0be4 bowser - ok
16:19:58.0830 0x0be4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:19:58.0833 0x0be4 BrFiltLo - ok
16:19:58.0849 0x0be4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:19:58.0851 0x0be4 BrFiltUp - ok
16:19:58.0876 0x0be4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:19:58.0881 0x0be4 Browser - ok
16:19:58.0920 0x0be4 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
16:19:58.0924 0x0be4 BrSerIb - ok
16:19:58.0947 0x0be4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:19:58.0964 0x0be4 Brserid - ok
16:19:58.0983 0x0be4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:19:58.0987 0x0be4 BrSerWdm - ok
16:19:58.0999 0x0be4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:19:59.0000 0x0be4 BrUsbMdm - ok
16:19:59.0017 0x0be4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:19:59.0020 0x0be4 BrUsbSer - ok
16:19:59.0037 0x0be4 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
16:19:59.0040 0x0be4 BrUsbSIb - ok
16:19:59.0059 0x0be4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:19:59.0063 0x0be4 BTHMODEM - ok
16:19:59.0095 0x0be4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:19:59.0101 0x0be4 bthserv - ok
16:19:59.0139 0x0be4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:19:59.0143 0x0be4 cdfs - ok
16:19:59.0177 0x0be4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:19:59.0183 0x0be4 cdrom - ok
16:19:59.0258 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:19:59.0262 0x0be4 CertPropSvc - ok
16:19:59.0290 0x0be4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:19:59.0292 0x0be4 circlass - ok
16:19:59.0342 0x0be4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:19:59.0376 0x0be4 CLFS - ok
16:19:59.0432 0x0be4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:19:59.0437 0x0be4 clr_optimization_v2.0.50727_32 - ok
16:19:59.0478 0x0be4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:19:59.0482 0x0be4 clr_optimization_v2.0.50727_64 - ok
16:19:59.0552 0x0be4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:19:59.0571 0x0be4 clr_optimization_v4.0.30319_32 - ok
16:19:59.0595 0x0be4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:19:59.0600 0x0be4 clr_optimization_v4.0.30319_64 - ok
16:19:59.0620 0x0be4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:19:59.0623 0x0be4 CmBatt - ok
16:19:59.0647 0x0be4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:19:59.0650 0x0be4 cmdide - ok
16:19:59.0699 0x0be4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:19:59.0725 0x0be4 CNG - ok
16:19:59.0757 0x0be4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:19:59.0760 0x0be4 Compbatt - ok
16:19:59.0786 0x0be4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:19:59.0789 0x0be4 CompositeBus - ok
16:19:59.0801 0x0be4 COMSysApp - ok
16:19:59.0821 0x0be4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:19:59.0824 0x0be4 crcdisk - ok
16:19:59.0874 0x0be4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:19:59.0883 0x0be4 CryptSvc - ok
16:19:59.0925 0x0be4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:19:59.0954 0x0be4 CSC - ok
16:20:00.0007 0x0be4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:20:00.0033 0x0be4 CscService - ok
16:20:00.0083 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:20:00.0109 0x0be4 DcomLaunch - ok
16:20:00.0139 0x0be4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:20:00.0158 0x0be4 defragsvc - ok
16:20:00.0190 0x0be4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:20:00.0193 0x0be4 DfsC - ok
16:20:00.0223 0x0be4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:20:00.0241 0x0be4 Dhcp - ok
16:20:00.0259 0x0be4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:20:00.0261 0x0be4 discache - ok
16:20:00.0285 0x0be4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:20:00.0290 0x0be4 Disk - ok
16:20:00.0323 0x0be4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:20:00.0327 0x0be4 dmvsc - ok
16:20:00.0359 0x0be4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:20:00.0376 0x0be4 Dnscache - ok
16:20:00.0417 0x0be4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:20:00.0434 0x0be4 dot3svc - ok
16:20:00.0459 0x0be4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:20:00.0467 0x0be4 DPS - ok
16:20:00.0520 0x0be4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:20:00.0523 0x0be4 drmkaud - ok
16:20:00.0613 0x0be4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:20:00.0659 0x0be4 DXGKrnl - ok
16:20:00.0693 0x0be4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:20:00.0698 0x0be4 EapHost - ok
16:20:00.0859 0x0be4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:20:00.0989 0x0be4 ebdrv - ok
16:20:01.0072 0x0be4 [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:20:01.0097 0x0be4 eeCtrl - ok
16:20:01.0137 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
16:20:01.0139 0x0be4 EFS - ok
16:20:01.0205 0x0be4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:20:01.0232 0x0be4 ehRecvr - ok
16:20:01.0255 0x0be4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:20:01.0260 0x0be4 ehSched - ok
16:20:01.0311 0x0be4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:20:01.0334 0x0be4 elxstor - ok
16:20:01.0373 0x0be4 [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:20:01.0378 0x0be4 EraserUtilRebootDrv - ok
16:20:01.0396 0x0be4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:20:01.0398 0x0be4 ErrDev - ok
16:20:01.0448 0x0be4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:20:01.0465 0x0be4 EventSystem - ok
16:20:01.0490 0x0be4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:20:01.0507 0x0be4 exfat - ok
16:20:01.0531 0x0be4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:20:01.0548 0x0be4 fastfat - ok
16:20:01.0605 0x0be4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:20:01.0640 0x0be4 Fax - ok
16:20:01.0663 0x0be4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:20:01.0665 0x0be4 fdc - ok
16:20:01.0676 0x0be4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:20:01.0678 0x0be4 fdPHost - ok
16:20:01.0694 0x0be4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:20:01.0697 0x0be4 FDResPub - ok
16:20:01.0713 0x0be4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:20:01.0718 0x0be4 FileInfo - ok
16:20:01.0735 0x0be4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:20:01.0738 0x0be4 Filetrace - ok
16:20:01.0755 0x0be4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:20:01.0758 0x0be4 flpydisk - ok
16:20:01.0791 0x0be4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:20:01.0807 0x0be4 FltMgr - ok
16:20:01.0862 0x0be4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:20:01.0907 0x0be4 FontCache - ok
16:20:01.0949 0x0be4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:01.0952 0x0be4 FontCache3.0.0.0 - ok
16:20:01.0970 0x0be4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:20:01.0974 0x0be4 FsDepends - ok
16:20:01.0996 0x0be4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:20:01.0999 0x0be4 Fs_Rec - ok
16:20:02.0046 0x0be4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:20:02.0054 0x0be4 fvevol - ok
16:20:02.0084 0x0be4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:20:02.0089 0x0be4 gagp30kx - ok
16:20:02.0171 0x0be4 [ F184BF99066764F9B0507C26404DD271, 99721A2407BC86B88CA1D36949EFBFC9DE97204821A63F2E3F4CB27C9F59FD83 ] galvanic_isolation C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe
16:20:02.0176 0x0be4 galvanic_isolation - ok
16:20:02.0234 0x0be4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:20:02.0276 0x0be4 gpsvc - ok
16:20:02.0305 0x0be4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:20:02.0308 0x0be4 hcw85cir - ok
16:20:02.0348 0x0be4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:20:02.0359 0x0be4 HdAudAddService - ok
16:20:02.0389 0x0be4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:20:02.0393 0x0be4 HDAudBus - ok
16:20:02.0408 0x0be4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:20:02.0412 0x0be4 HidBatt - ok
16:20:02.0432 0x0be4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:20:02.0435 0x0be4 HidBth - ok
16:20:02.0460 0x0be4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:20:02.0463 0x0be4 HidIr - ok
16:20:02.0483 0x0be4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:20:02.0487 0x0be4 hidserv - ok
16:20:02.0544 0x0be4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:20:02.0550 0x0be4 HidUsb - ok
16:20:02.0585 0x0be4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:20:02.0590 0x0be4 hkmsvc - ok
16:20:02.0606 0x0be4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:20:02.0615 0x0be4 HomeGroupListener - ok
16:20:02.0639 0x0be4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:20:02.0654 0x0be4 HomeGroupProvider - ok
16:20:02.0675 0x0be4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:20:02.0679 0x0be4 HpSAMD - ok
16:20:02.0749 0x0be4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:20:02.0782 0x0be4 HTTP - ok
16:20:02.0802 0x0be4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:20:02.0804 0x0be4 hwpolicy - ok
16:20:02.0823 0x0be4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:20:02.0829 0x0be4 i8042prt - ok
16:20:02.0867 0x0be4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:20:02.0881 0x0be4 iaStorV - ok
16:20:02.0947 0x0be4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:20:02.0981 0x0be4 idsvc - ok
16:20:03.0080 0x0be4 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151013.003\IDSvia64.sys
16:20:03.0109 0x0be4 IDSVia64 - ok
16:20:03.0144 0x0be4 IEEtwCollectorService - ok
16:20:03.0391 0x0be4 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:20:03.0634 0x0be4 igfx - ok
16:20:03.0681 0x0be4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:20:03.0684 0x0be4 iirsp - ok
16:20:03.0749 0x0be4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:20:03.0783 0x0be4 IKEEXT - ok
16:20:03.0812 0x0be4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:20:03.0815 0x0be4 intelide - ok
16:20:03.0842 0x0be4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:20:03.0846 0x0be4 intelppm - ok
16:20:03.0874 0x0be4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:20:03.0879 0x0be4 IPBusEnum - ok
16:20:03.0891 0x0be4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:03.0897 0x0be4 IpFilterDriver - ok
16:20:03.0946 0x0be4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:20:03.0973 0x0be4 iphlpsvc - ok
16:20:03.0998 0x0be4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:20:04.0002 0x0be4 IPMIDRV - ok
16:20:04.0036 0x0be4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:20:04.0040 0x0be4 IPNAT - ok
16:20:04.0067 0x0be4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:20:04.0068 0x0be4 IRENUM - ok
16:20:04.0084 0x0be4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:20:04.0086 0x0be4 isapnp - ok
16:20:04.0134 0x0be4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:20:04.0151 0x0be4 iScsiPrt - ok
16:20:04.0233 0x0be4 [ 97F1FBDCE6E5492466A308611D579B72, A90F1CE5465F644BE41181C75ABDD3C991AD102AB6BA3C7DAA9E74389418D7FB ] junction_fet C:\Windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\change_of_base_rule.exe
16:20:04.0238 0x0be4 junction_fet - ok
16:20:04.0258 0x0be4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:20:04.0262 0x0be4 kbdclass - ok
16:20:04.0298 0x0be4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:20:04.0301 0x0be4 kbdhid - ok
16:20:04.0310 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
16:20:04.0313 0x0be4 KeyIso - ok
16:20:04.0350 0x0be4 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:20:04.0354 0x0be4 KSecDD - ok
16:20:04.0373 0x0be4 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:20:04.0380 0x0be4 KSecPkg - ok
16:20:04.0394 0x0be4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:20:04.0397 0x0be4 ksthunk - ok
16:20:04.0439 0x0be4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:20:04.0458 0x0be4 KtmRm - ok
16:20:04.0515 0x0be4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:20:04.0532 0x0be4 LanmanServer - ok
16:20:04.0565 0x0be4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:20:04.0573 0x0be4 LanmanWorkstation - ok
16:20:04.0608 0x0be4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:20:04.0612 0x0be4 lltdio - ok
16:20:04.0636 0x0be4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:20:04.0654 0x0be4 lltdsvc - ok
16:20:04.0676 0x0be4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:20:04.0679 0x0be4 lmhosts - ok
16:20:04.0704 0x0be4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:20:04.0710 0x0be4 LSI_FC - ok
16:20:04.0742 0x0be4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:20:04.0749 0x0be4 LSI_SAS - ok
16:20:04.0766 0x0be4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:20:04.0769 0x0be4 LSI_SAS2 - ok
16:20:04.0787 0x0be4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:20:04.0792 0x0be4 LSI_SCSI - ok
16:20:04.0810 0x0be4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:20:04.0816 0x0be4 luafv - ok
16:20:04.0840 0x0be4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:20:04.0859 0x0be4 Mcx2Svc - ok
16:20:04.0875 0x0be4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:20:04.0878 0x0be4 megasas - ok
16:20:04.0904 0x0be4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:20:04.0921 0x0be4 MegaSR - ok
16:20:04.0997 0x0be4 Microsoft SharePoint Workspace Audit Service - ok
16:20:05.0020 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:20:05.0026 0x0be4 MMCSS - ok
16:20:05.0039 0x0be4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:20:05.0042 0x0be4 Modem - ok
16:20:05.0073 0x0be4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:20:05.0075 0x0be4 monitor - ok
16:20:05.0100 0x0be4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:20:05.0104 0x0be4 mouclass - ok
16:20:05.0126 0x0be4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:20:05.0128 0x0be4 mouhid - ok
16:20:05.0169 0x0be4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:20:05.0174 0x0be4 mountmgr - ok
16:20:05.0234 0x0be4 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:20:05.0238 0x0be4 MozillaMaintenance - ok
16:20:05.0277 0x0be4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:20:05.0284 0x0be4 mpio - ok
16:20:05.0308 0x0be4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:20:05.0312 0x0be4 mpsdrv - ok
16:20:05.0385 0x0be4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:20:05.0427 0x0be4 MpsSvc - ok
16:20:05.0470 0x0be4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:20:05.0475 0x0be4 MRxDAV - ok
16:20:05.0500 0x0be4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:05.0507 0x0be4 mrxsmb - ok
16:20:05.0534 0x0be4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:05.0551 0x0be4 mrxsmb10 - ok
16:20:05.0584 0x0be4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:05.0588 0x0be4 mrxsmb20 - ok
16:20:05.0621 0x0be4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:20:05.0623 0x0be4 msahci - ok
16:20:05.0662 0x0be4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:20:05.0669 0x0be4 msdsm - ok
16:20:05.0708 0x0be4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:20:05.0717 0x0be4 MSDTC - ok
16:20:05.0858 0x0be4 [ 3DE4F1440DE21DC7DECEE9B1F1AC35D8, F4D75C1D84CF27DF421E144F2733EA20BD4F1415B43C379D6D73EBB3BA8CE037 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
16:20:05.0877 0x0be4 MsDtsServer110 - ok
16:20:05.0914 0x0be4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:20:05.0918 0x0be4 Msfs - ok
16:20:05.0930 0x0be4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:20:05.0933 0x0be4 mshidkmdf - ok
16:20:05.0942 0x0be4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:20:05.0946 0x0be4 msisadrv - ok
16:20:05.0971 0x0be4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:20:05.0979 0x0be4 MSiSCSI - ok
16:20:05.0987 0x0be4 msiserver - ok
16:20:06.0011 0x0be4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:20:06.0013 0x0be4 MSKSSRV - ok
16:20:06.0028 0x0be4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:06.0031 0x0be4 MSPCLOCK - ok
16:20:06.0039 0x0be4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:20:06.0040 0x0be4 MSPQM - ok
16:20:06.0069 0x0be4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:20:06.0087 0x0be4 MsRPC - ok
16:20:06.0124 0x0be4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:20:06.0128 0x0be4 mssmbios - ok
16:20:06.0215 0x0be4 [ F4991C8C070C86082E6F0597F73E02D0, C39F47D2D4525BB4950827F1EDB92CCF5067267AA1AAEF7137E45482C1436D97 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
16:20:06.0218 0x0be4 MSSQLFDLauncher - ok
16:20:06.0262 0x0be4 [ 64D793C35644E12FA72A679069F85668, 071E9A8863E7ADFD81678CC84AB9053B13D999920C4A8282C3E28A5A30D0123A ] MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
16:20:06.0270 0x0be4 MSSQLSERVER - ok
16:20:06.0338 0x0be4 MSSQLServerOLAPService - ok
16:20:06.0365 0x0be4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:20:06.0366 0x0be4 MSTEE - ok
16:20:06.0395 0x0be4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:20:06.0399 0x0be4 MTConfig - ok
16:20:06.0409 0x0be4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:20:06.0414 0x0be4 Mup - ok
16:20:06.0458 0x0be4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:20:06.0485 0x0be4 napagent - ok
16:20:06.0527 0x0be4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:20:06.0540 0x0be4 NativeWifiP - ok
16:20:06.0625 0x0be4 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\ENG64.SYS
16:20:06.0630 0x0be4 NAVENG - ok
16:20:06.0741 0x0be4 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\EX64.SYS
16:20:06.0825 0x0be4 NAVEX15 - ok
16:20:06.0901 0x0be4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:20:06.0934 0x0be4 NDIS - ok
16:20:06.0971 0x0be4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:20:06.0973 0x0be4 NdisCap - ok
16:20:06.0989 0x0be4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:06.0991 0x0be4 NdisTapi - ok
16:20:07.0009 0x0be4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:07.0012 0x0be4 Ndisuio - ok
16:20:07.0027 0x0be4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:07.0037 0x0be4 NdisWan - ok
16:20:07.0064 0x0be4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:20:07.0069 0x0be4 NDProxy - ok
16:20:07.0083 0x0be4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:20:07.0086 0x0be4 NetBIOS - ok
16:20:07.0109 0x0be4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:20:07.0126 0x0be4 NetBT - ok
16:20:07.0143 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
16:20:07.0146 0x0be4 Netlogon - ok
16:20:07.0187 0x0be4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:20:07.0205 0x0be4 Netman - ok
16:20:07.0245 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0251 0x0be4 NetMsmqActivator - ok
16:20:07.0269 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0273 0x0be4 NetPipeActivator - ok
16:20:07.0303 0x0be4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:20:07.0316 0x0be4 netprofm - ok
16:20:07.0336 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0339 0x0be4 NetTcpActivator - ok
16:20:07.0353 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0357 0x0be4 NetTcpPortSharing - ok
16:20:07.0384 0x0be4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:20:07.0387 0x0be4 nfrd960 - ok
16:20:07.0435 0x0be4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:20:07.0446 0x0be4 NlaSvc - ok
16:20:07.0467 0x0be4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:20:07.0470 0x0be4 Npfs - ok
16:20:07.0492 0x0be4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:20:07.0496 0x0be4 nsi - ok
16:20:07.0505 0x0be4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:20:07.0508 0x0be4 nsiproxy - ok
16:20:07.0618 0x0be4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:20:07.0691 0x0be4 Ntfs - ok
16:20:07.0719 0x0be4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:20:07.0720 0x0be4 Null - ok
16:20:07.0743 0x0be4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:20:07.0751 0x0be4 nvraid - ok
16:20:07.0774 0x0be4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:20:07.0780 0x0be4 nvstor - ok
16:20:07.0809 0x0be4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:20:07.0815 0x0be4 nv_agp - ok
16:20:07.0835 0x0be4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:20:07.0839 0x0be4 ohci1394 - ok
16:20:07.0913 0x0be4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:07.0919 0x0be4 ose - ok
16:20:08.0179 0x0be4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:08.0358 0x0be4 osppsvc - ok
16:20:08.0431 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:20:08.0441 0x0be4 p2pimsvc - ok
16:20:08.0475 0x0be4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:20:08.0502 0x0be4 p2psvc - ok
16:20:08.0527 0x0be4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:20:08.0534 0x0be4 Parport - ok
16:20:08.0565 0x0be4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:20:08.0570 0x0be4 partmgr - ok
16:20:08.0608 0x0be4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:20:08.0616 0x0be4 PcaSvc - ok
16:20:08.0649 0x0be4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:20:08.0656 0x0be4 pci - ok
16:20:08.0685 0x0be4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:20:08.0688 0x0be4 pciide - ok
16:20:08.0706 0x0be4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:20:08.0715 0x0be4 pcmcia - ok
16:20:08.0731 0x0be4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:20:08.0739 0x0be4 pcw - ok
16:20:08.0794 0x0be4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:20:08.0821 0x0be4 PEAUTH - ok
16:20:08.0902 0x0be4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:20:08.0957 0x0be4 PeerDistSvc - ok
16:20:09.0024 0x0be4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:20:09.0026 0x0be4 PerfHost - ok
16:20:09.0113 0x0be4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:20:09.0174 0x0be4 pla - ok
16:20:09.0213 0x0be4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:20:09.0239 0x0be4 PlugPlay - ok
16:20:09.0254 0x0be4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:20:09.0257 0x0be4 PNRPAutoReg - ok
16:20:09.0281 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:20:09.0290 0x0be4 PNRPsvc - ok
16:20:09.0331 0x0be4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:20:09.0357 0x0be4 PolicyAgent - ok
16:20:09.0398 0x0be4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:20:09.0415 0x0be4 Power - ok
16:20:09.0449 0x0be4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:20:09.0454 0x0be4 PptpMiniport - ok
16:20:09.0479 0x0be4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:20:09.0482 0x0be4 Processor - ok
16:20:09.0530 0x0be4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:20:09.0541 0x0be4 ProfSvc - ok
16:20:09.0550 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:20:09.0553 0x0be4 ProtectedStorage - ok
16:20:09.0580 0x0be4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:20:09.0585 0x0be4 Psched - ok
16:20:09.0672 0x0be4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:20:09.0747 0x0be4 ql2300 - ok
16:20:09.0783 0x0be4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:20:09.0792 0x0be4 ql40xx - ok
16:20:09.0827 0x0be4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:20:09.0844 0x0be4 QWAVE - ok
16:20:09.0859 0x0be4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:20:09.0862 0x0be4 QWAVEdrv - ok
16:20:09.0871 0x0be4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:20:09.0873 0x0be4 RasAcd - ok
16:20:09.0905 0x0be4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:20:09.0909 0x0be4 RasAgileVpn - ok
16:20:09.0924 0x0be4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:20:09.0930 0x0be4 RasAuto - ok
16:20:09.0949 0x0be4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:09.0966 0x0be4 Rasl2tp - ok
16:20:09.0995 0x0be4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:20:10.0013 0x0be4 RasMan - ok
16:20:10.0062 0x0be4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:10.0066 0x0be4 RasPppoe - ok
16:20:10.0093 0x0be4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:20:10.0097 0x0be4 RasSstp - ok
16:20:10.0273 0x0be4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:20:10.0291 0x0be4 rdbss - ok
16:20:10.0306 0x0be4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:20:10.0308 0x0be4 rdpbus - ok
16:20:10.0319 0x0be4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:10.0322 0x0be4 RDPCDD - ok
16:20:10.0347 0x0be4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:20:10.0354 0x0be4 RDPDR - ok
16:20:10.0378 0x0be4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:20:10.0380 0x0be4 RDPENCDD - ok
16:20:10.0399 0x0be4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:20:10.0402 0x0be4 RDPREFMP - ok
16:20:10.0487 0x0be4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:20:10.0490 0x0be4 RdpVideoMiniport - ok
16:20:10.0529 0x0be4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:20:10.0539 0x0be4 RDPWD - ok
16:20:10.0564 0x0be4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:20:10.0573 0x0be4 rdyboost - ok
16:20:10.0599 0x0be4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:20:10.0608 0x0be4 RemoteAccess - ok
16:20:10.0642 0x0be4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:20:10.0653 0x0be4 RemoteRegistry - ok
16:20:10.0837 0x0be4 [ 0D84CB080B36EECBC8201E046C6CE763, 195344E2E623B811349FD594880D45D7B992580A83FF82C3354B0ED4C50A999F ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
16:20:10.0941 0x0be4 ReportServer - ok
16:20:10.0976 0x0be4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:20:10.0981 0x0be4 RpcEptMapper - ok
16:20:11.0009 0x0be4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:20:11.0012 0x0be4 RpcLocator - ok
16:20:11.0046 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:20:11.0058 0x0be4 RpcSs - ok
16:20:11.0123 0x0be4 [ 964E8376B0B3FE1354B19907E1A4A692, 7B955D071EC7E681DA11F1DBF530AEE03A120D2FBA184A2A203E59BA1121C3AB ] RsFx0201 C:\Windows\system32\DRIVERS\RsFx0201.sys
16:20:11.0140 0x0be4 RsFx0201 - ok
16:20:11.0178 0x0be4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:20:11.0182 0x0be4 rspndr - ok
16:20:11.0220 0x0be4 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
16:20:11.0223 0x0be4 RTL8023x64 - ok
16:20:11.0250 0x0be4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:20:11.0252 0x0be4 s3cap - ok
16:20:11.0334 0x0be4 [ 5D9932536F12E1E125DC9B48E2CDF784, B149E606E35FF1038BAAF41648AE7542D788F4101C6BB92506EF2D9D3AD325FC ] SageDeploymentService C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
16:20:11.0345 0x0be4 SageDeploymentService - ok
16:20:11.0411 0x0be4 [ F6A730B70F4BB31133C2C0C45A369671, 68BD5CCCC4E6E1EFAC336BE1FBD4963F30169E29D7DDFF6FBDF2893DEAF85200 ] SageMultiUserService40 C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
16:20:11.0416 0x0be4 SageMultiUserService40 - ok
16:20:11.0433 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
16:20:11.0435 0x0be4 SamSs - ok
16:20:11.0464 0x0be4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:20:11.0471 0x0be4 sbp2port - ok
16:20:11.0503 0x0be4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:20:11.0522 0x0be4 SCardSvr - ok
16:20:11.0534 0x0be4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:20:11.0537 0x0be4 scfilter - ok
16:20:11.0591 0x0be4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:20:11.0634 0x0be4 Schedule - ok
16:20:11.0669 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:20:11.0671 0x0be4 SCPolicySvc - ok
16:20:11.0688 0x0be4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:20:11.0695 0x0be4 SDRSVC - ok
16:20:11.0723 0x0be4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:20:11.0726 0x0be4 secdrv - ok
16:20:11.0740 0x0be4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:20:11.0744 0x0be4 seclogon - ok
16:20:11.0757 0x0be4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:20:11.0762 0x0be4 SENS - ok
16:20:11.0787 0x0be4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:20:11.0792 0x0be4 SensrSvc - ok
16:20:11.0866 0x0be4 [ 74885BDFF62E537F268EBF8E8CEC24BB, D49949C3ED3CE748FD5EF0CA4ECEA5F30B9EEAE365EBA7072A0BE203A84D8227 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
16:20:11.0869 0x0be4 SepMasterService - ok
16:20:11.0899 0x0be4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:20:11.0901 0x0be4 Serenum - ok
16:20:11.0918 0x0be4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:20:11.0923 0x0be4 Serial - ok
16:20:11.0934 0x0be4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:20:11.0938 0x0be4 sermouse - ok
16:20:11.0969 0x0be4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:20:11.0978 0x0be4 SessionEnv - ok
16:20:11.0990 0x0be4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:20:11.0994 0x0be4 sffdisk - ok
16:20:12.0007 0x0be4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:20:12.0010 0x0be4 sffp_mmc - ok
16:20:12.0023 0x0be4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:20:12.0026 0x0be4 sffp_sd - ok
16:20:12.0037 0x0be4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:20:12.0040 0x0be4 sfloppy - ok
16:20:12.0072 0x0be4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:20:12.0090 0x0be4 SharedAccess - ok
16:20:12.0122 0x0be4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:20:12.0139 0x0be4 ShellHWDetection - ok
16:20:12.0155 0x0be4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:20:12.0159 0x0be4 SiSRaid2 - ok
16:20:12.0181 0x0be4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:20:12.0185 0x0be4 SiSRaid4 - ok
16:20:12.0205 0x0be4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:20:12.0210 0x0be4 Smb - ok
16:20:12.0338 0x0be4 [ B8EF6F1FAFBE89E24E152907605E7A25, B1771BB419265EFBA3185DA884FD921C66A86492C3DF19AB06E26010372C9442 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
16:20:12.0395 0x0be4 SmcService - ok
16:20:12.0450 0x0be4 [ 89733DCC3817455FBC3AB4A3C19EE765, 0D550153860D9557BC5E8B7B03CEF677FA4E24DB0A8F51F536B87D1CD0100A1C ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
16:20:12.0465 0x0be4 SNAC - ok
16:20:12.0499 0x0be4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:20:12.0502 0x0be4 SNMPTRAP - ok
16:20:12.0529 0x0be4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:20:12.0532 0x0be4 spldr - ok
16:20:12.0581 0x0be4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:20:12.0601 0x0be4 Spooler - ok
16:20:12.0761 0x0be4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:20:12.0893 0x0be4 sppsvc - ok
16:20:12.0924 0x0be4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:20:12.0930 0x0be4 sppuinotify - ok
16:20:13.0034 0x0be4 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:20:13.0041 0x0be4 SQLBrowser - ok
16:20:13.0266 0x0be4 [ F4A50C0B17A39B77B2DAB6A89C1A820F, 750CB6E862D45B28BF2822D5A053FB06D2D45EE45C8F28322BE892E81E48FB47 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
16:20:13.0284 0x0be4 SQLSERVERAGENT - ok
16:20:13.0353 0x0be4 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:20:13.0356 0x0be4 SQLWriter - ok
16:20:13.0418 0x0be4 [ 48FD53FED3C81726001E438A2201E9FF, 96CC81F74917960382101AD839D86DEA8B48BE7211A00BCC2AB400BA1E4CBCB1 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
16:20:13.0444 0x0be4 SRTSP - ok
16:20:13.0467 0x0be4 [ 63199A936D9BDEA578DFB8F5E9A40095, B38593311A6ACCA1F3EE3F441A533DCB7639E6E6FCA4A83A5B11696A355CD533 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
16:20:13.0470 0x0be4 SRTSPX - ok
16:20:13.0516 0x0be4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:20:13.0541 0x0be4 srv - ok
16:20:13.0588 0x0be4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:20:13.0605 0x0be4 srv2 - ok
16:20:13.0628 0x0be4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:20:13.0645 0x0be4 srvnet - ok
16:20:13.0679 0x0be4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:20:13.0688 0x0be4 SSDPSRV - ok
16:20:13.0703 0x0be4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:20:13.0710 0x0be4 SstpSvc - ok
16:20:13.0741 0x0be4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:20:13.0743 0x0be4 stexstor - ok
16:20:13.0787 0x0be4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:20:13.0814 0x0be4 stisvc - ok
16:20:13.0850 0x0be4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:20:13.0854 0x0be4 storflt - ok
16:20:13.0875 0x0be4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:20:13.0880 0x0be4 StorSvc - ok
16:20:13.0903 0x0be4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:20:13.0905 0x0be4 storvsc - ok
16:20:13.0935 0x0be4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:20:13.0937 0x0be4 swenum - ok
16:20:13.0982 0x0be4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:20:14.0006 0x0be4 swprv - ok
16:20:14.0052 0x0be4 [ F017987B177F7BBC989318D59309D091, 3ED316AC86FB1F871B36ABA65E5B164B22D255B7509574A2CA8FC878A1142266 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
16:20:14.0078 0x0be4 SymDS - ok
16:20:14.0137 0x0be4 [ E7F25D768EE0CDF69D8B752398C262BB, D401B892EB4C7CFCEDBFB228EA8918513674A26516CA733F4777050F4F425D2A ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
16:20:14.0171 0x0be4 SymEFA - ok
16:20:14.0211 0x0be4 [ 36B77F5C9E21F88A8C8EC67AD5415819, 0ECB96799F614C1C17F2D705A3C17E83078225A2350F3048A11F5C3164F7894A ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:20:14.0218 0x0be4 SymEvent - ok
16:20:14.0242 0x0be4 [ 1611FA7A95A48387DF22757FA81B46A9, B32C4D9FB9D35B5A37D9BF321F6BE2964EE536BADFFEB23C3D8693C08B35A795 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
16:20:14.0249 0x0be4 SymIRON - ok
16:20:14.0287 0x0be4 [ D41557715C1C792D1391DB5AA81A00DF, D08013347ED5F3CD62BF48075A2A5C71E2EE5E95A7BDB43F2435D5F0F19880D8 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
16:20:14.0299 0x0be4 SYMNETS - ok
16:20:14.0396 0x0be4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:20:14.0464 0x0be4 SysMain - ok
16:20:14.0492 0x0be4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:20:14.0499 0x0be4 TabletInputService - ok
16:20:14.0523 0x0be4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:20:14.0535 0x0be4 TapiSrv - ok
16:20:14.0556 0x0be4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:20:14.0561 0x0be4 TBS - ok
16:20:14.0672 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:20:14.0748 0x0be4 Tcpip - ok
16:20:14.0858 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:20:14.0900 0x0be4 TCPIP6 - ok
16:20:14.0944 0x0be4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:20:14.0947 0x0be4 tcpipreg - ok
16:20:14.0976 0x0be4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:20:14.0978 0x0be4 TDPIPE - ok
16:20:15.0004 0x0be4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:20:15.0007 0x0be4 TDTCP - ok
16:20:15.0048 0x0be4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:20:15.0053 0x0be4 tdx - ok
16:20:15.0332 0x0be4 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:20:15.0463 0x0be4 TeamViewer - ok
16:20:15.0512 0x0be4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:20:15.0517 0x0be4 TermDD - ok
16:20:15.0568 0x0be4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:20:15.0594 0x0be4 TermService - ok
16:20:15.0624 0x0be4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:20:15.0630 0x0be4 Themes - ok
16:20:15.0649 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:20:15.0652 0x0be4 THREADORDER - ok
16:20:15.0671 0x0be4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:20:15.0680 0x0be4 TrkWks - ok
16:20:15.0733 0x0be4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:20:15.0738 0x0be4 TrustedInstaller - ok
16:20:15.0776 0x0be4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:20:15.0779 0x0be4 tssecsrv - ok
16:20:15.0826 0x0be4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:20:15.0830 0x0be4 TsUsbFlt - ok
16:20:15.0864 0x0be4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:20:15.0867 0x0be4 TsUsbGD - ok
16:20:15.0913 0x0be4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:20:15.0918 0x0be4 tunnel - ok
16:20:15.0932 0x0be4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:20:15.0936 0x0be4 uagp35 - ok
16:20:15.0973 0x0be4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:20:15.0990 0x0be4 udfs - ok
16:20:16.0032 0x0be4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:20:16.0037 0x0be4 UI0Detect - ok
16:20:16.0073 0x0be4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:20:16.0076 0x0be4 uliagpkx - ok
16:20:16.0115 0x0be4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:20:16.0118 0x0be4 umbus - ok
16:20:16.0137 0x0be4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:20:16.0139 0x0be4 UmPass - ok
16:20:16.0167 0x0be4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:20:16.0184 0x0be4 UmRdpService - ok
16:20:16.0217 0x0be4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:20:16.0234 0x0be4 upnphost - ok
16:20:16.0269 0x0be4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:20:16.0273 0x0be4 usbccgp - ok
16:20:16.0316 0x0be4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:20:16.0325 0x0be4 usbcir - ok
16:20:16.0361 0x0be4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:20:16.0365 0x0be4 usbehci - ok
16:20:16.0417 0x0be4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:20:16.0434 0x0be4 usbhub - ok
16:20:16.0456 0x0be4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:20:16.0459 0x0be4 usbohci - ok
16:20:16.0487 0x0be4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:20:16.0490 0x0be4 usbprint - ok
16:20:16.0524 0x0be4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:20:16.0527 0x0be4 usbscan - ok
16:20:16.0554 0x0be4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:20:16.0558 0x0be4 USBSTOR - ok
16:20:16.0603 0x0be4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:20:16.0605 0x0be4 usbuhci - ok
16:20:16.0625 0x0be4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:20:16.0633 0x0be4 UxSms - ok
16:20:16.0647 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
16:20:16.0649 0x0be4 VaultSvc - ok
16:20:16.0684 0x0be4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:20:16.0686 0x0be4 vdrvroot - ok
16:20:16.0729 0x0be4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:20:16.0755 0x0be4 vds - ok
16:20:16.0773 0x0be4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:20:16.0775 0x0be4 vga - ok
16:20:16.0793 0x0be4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:20:16.0796 0x0be4 VgaSave - ok
16:20:16.0817 0x0be4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:20:16.0834 0x0be4 vhdmp - ok
16:20:16.0853 0x0be4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:20:16.0855 0x0be4 viaide - ok
16:20:16.0898 0x0be4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:20:16.0917 0x0be4 vmbus - ok
16:20:16.0934 0x0be4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:20:16.0936 0x0be4 VMBusHID - ok
16:20:16.0956 0x0be4 vmci - ok
16:20:16.0965 0x0be4 VMnetAdapter - ok
16:20:16.0994 0x0be4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:20:16.0998 0x0be4 volmgr - ok
16:20:17.0025 0x0be4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:20:17.0042 0x0be4 volmgrx - ok
16:20:17.0069 0x0be4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:20:17.0086 0x0be4 volsnap - ok
16:20:17.0108 0x0be4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:20:17.0115 0x0be4 vsmraid - ok
16:20:17.0204 0x0be4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:20:17.0255 0x0be4 VSS - ok
16:20:17.0270 0x0be4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:20:17.0273 0x0be4 vwifibus - ok
16:20:17.0301 0x0be4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:20:17.0316 0x0be4 W32Time - ok
16:20:17.0337 0x0be4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:20:17.0340 0x0be4 WacomPen - ok
16:20:17.0369 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0373 0x0be4 WANARP - ok
16:20:17.0380 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0383 0x0be4 Wanarpv6 - ok
16:20:17.0471 0x0be4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:20:17.0538 0x0be4 wbengine - ok
16:20:17.0567 0x0be4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:20:17.0600 0x0be4 WbioSrvc - ok
16:20:17.0624 0x0be4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:20:17.0657 0x0be4 wcncsvc - ok
16:20:17.0679 0x0be4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:20:17.0685 0x0be4 WcsPlugInService - ok
16:20:17.0714 0x0be4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:20:17.0717 0x0be4 Wd - ok
16:20:17.0795 0x0be4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:20:17.0837 0x0be4 Wdf01000 - ok
16:20:17.0873 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:20:17.0880 0x0be4 WdiServiceHost - ok
16:20:17.0890 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:20:17.0894 0x0be4 WdiSystemHost - ok
16:20:17.0942 0x0be4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:20:17.0956 0x0be4 WebClient - ok
16:20:17.0988 0x0be4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:20:18.0005 0x0be4 Wecsvc - ok
16:20:18.0017 0x0be4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:20:18.0023 0x0be4 wercplsupport - ok
16:20:18.0047 0x0be4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:20:18.0051 0x0be4 WerSvc - ok
16:20:18.0076 0x0be4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:20:18.0078 0x0be4 WfpLwf - ok
16:20:18.0108 0x0be4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:20:18.0111 0x0be4 WIMMount - ok
16:20:18.0132 0x0be4 WinDefend - ok
16:20:18.0150 0x0be4 WinHttpAutoProxySvc - ok
16:20:18.0194 0x0be4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:20:18.0203 0x0be4 Winmgmt - ok
16:20:18.0306 0x0be4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:20:18.0399 0x0be4 WinRM - ok
16:20:18.0458 0x0be4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:20:18.0461 0x0be4 WinUsb - ok
16:20:18.0514 0x0be4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:20:18.0555 0x0be4 Wlansvc - ok
16:20:18.0572 0x0be4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:20:18.0574 0x0be4 WmiAcpi - ok
16:20:18.0610 0x0be4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:20:18.0627 0x0be4 wmiApSrv - ok
16:20:18.0654 0x0be4 WMPNetworkSvc - ok
16:20:18.0661 0x0be4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:20:18.0664 0x0be4 WPCSvc - ok
16:20:18.0683 0x0be4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:20:18.0691 0x0be4 WPDBusEnum - ok
16:20:18.0717 0x0be4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:20:18.0719 0x0be4 ws2ifsl - ok
16:20:18.0748 0x0be4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:20:18.0757 0x0be4 wscsvc - ok
16:20:18.0763 0x0be4 WSearch - ok
16:20:18.0907 0x0be4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
16:20:19.0009 0x0be4 wuauserv - ok
16:20:19.0052 0x0be4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:20:19.0056 0x0be4 WudfPf - ok
16:20:19.0091 0x0be4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:20:19.0100 0x0be4 WUDFRd - ok
16:20:19.0123 0x0be4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:20:19.0128 0x0be4 wudfsvc - ok
16:20:19.0190 0x0be4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:20:19.0207 0x0be4 WwanSvc - ok
16:20:19.0283 0x0be4 ================ Scan global ===============================
16:20:19.0332 0x0be4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:20:19.0428 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0469 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0513 0x0be4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:20:19.0588 0x0be4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:20:19.0598 0x0be4 [ Global ] - ok
16:20:19.0600 0x0be4 ================ Scan MBR ==================================
16:20:19.0619 0x0be4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:20:19.0820 0x0be4 \Device\Harddisk0\DR0 - ok
16:20:19.0820 0x0be4 ================ Scan VBR ==================================
16:20:19.0824 0x0be4 [ F769AA0408A7FABB7A0BE02CC2B6057E ] \Device\Harddisk0\DR0\Partition1
16:20:19.0826 0x0be4 \Device\Harddisk0\DR0\Partition1 - ok
16:20:19.0830 0x0be4 [ 299D461E9AB116841197CF11FCB8C71C ] \Device\Harddisk0\DR0\Partition2
16:20:19.0834 0x0be4 \Device\Harddisk0\DR0\Partition2 - ok
16:20:19.0856 0x0be4 [ B387B3E85DD46C84BFFF0B66AE451F67 ] \Device\Harddisk0\DR0\Partition3
16:20:19.0857 0x0be4 \Device\Harddisk0\DR0\Partition3 - ok
16:20:19.0858 0x0be4 ================ Scan generic autorun ======================
16:20:19.0888 0x0be4 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
16:20:19.0892 0x0be4 IgfxTray - ok
16:20:19.0917 0x0be4 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
16:20:19.0925 0x0be4 HotKeysCmds - ok
16:20:19.0951 0x0be4 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
16:20:19.0959 0x0be4 Persistence - ok
16:20:20.0111 0x0be4 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:20:20.0166 0x0be4 CanonMyPrinter - ok
16:20:20.0236 0x0be4 [ 15A8C9530AA97DAF8F917BED957D833C, 3319C6A1B1F9FF0BAC17B7D50105BE28942099A6AFE308BA1A7C8BA0D89FB0D8 ] C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:20.0241 0x0be4 current_mode_pwm - ok
16:20:20.0283 0x0be4 [ C57096C601324DF1C5344BCD39093C0C, C2007D0585105F5AA72C6E1E9A3E69514C32F76BE3A664D4BDB6F9D256667689 ] C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\broadband.exe
16:20:20.0325 0x0be4 glitch_immunity - ok
16:20:20.0396 0x0be4 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
16:20:20.0403 0x0be4 FreePDF Assistant - ok
16:20:20.0471 0x0be4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:20:20.0475 0x0be4 BCSSync - ok
16:20:20.0622 0x0be4 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
16:20:20.0661 0x0be4 CanonSolutionMenuEx - ok
16:20:20.0706 0x0be4 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
16:20:20.0714 0x0be4 IJNetworkScannerSelectorEX - ok
16:20:20.0797 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:20.0839 0x0be4 Sidebar - ok
16:20:20.0875 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:20.0945 0x0be4 mctadmin - ok
16:20:21.0017 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:21.0039 0x0be4 Sidebar - ok
16:20:21.0048 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:21.0051 0x0be4 mctadmin - ok
16:20:21.0102 0x0be4 [ 755DB0FABD639DE8D9FA6D446BA90D36, 144A3975545311270825E64FE564F16A8895573ABF0B4C0AD07A766D4E8D86DC ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
16:20:21.0112 0x0be4 Gadwin PrintScreen - ok
16:20:21.0228 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:21.0229 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:20:21.0551 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:24.0159 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:24.0159 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:26.0606 0x0be4 Object send P2P result: true
16:20:29.0091 0x0be4 Have new async UDS detects: 1
16:20:29.0092 0x0be4 current_mode_pwm - detected UDS:DangerousObject.Multi.Generic ( 0 )
16:20:29.0092 0x0be4 current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - infected
16:20:29.0092 0x0be4 Force sending object to P2P due to detect: C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:31.0508 0x0be4 Object send P2P result: true
16:20:33.0897 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:33.0897 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:20:33.0929 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:36.0445 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:36.0445 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:38.0860 0x0be4 Object send P2P result: true
16:20:41.0244 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:41.0245 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:41.0253 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:43.0756 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:43.0756 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:46.0168 0x0be4 Object send P2P result: true
16:20:48.0551 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:48.0551 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:20:48.0559 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:51.0067 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:51.0068 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:53.0475 0x0be4 Object send P2P result: true
16:20:56.0070 0x0be4 [ E6C60E153524E8C18E06C643B11D5AD3, 834FAEB4AE15C3F197816B0CEF7A45FE361FBDB9ED958C81584ED15751A9AE91 ] C:\Program Files\CCleaner\CCleaner64.exe
16:20:56.0258 0x0be4 ccleaner - ok
16:20:56.0303 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:56.0303 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:56.0313 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:56.0313 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:56.0313 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:58.0722 0x0be4 Object send P2P result: true
16:21:01.0078 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:01.0078 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:21:01.0085 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:01.0085 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:01.0086 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:03.0500 0x0be4 Object send P2P result: true
16:21:05.0876 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:05.0877 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:21:05.0885 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:05.0886 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:05.0886 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:08.0300 0x0be4 Object send P2P result: true
16:21:10.0667 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:10.0667 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:21:10.0673 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:10.0673 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:10.0673 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:13.0089 0x0be4 Object send P2P result: true
16:21:15.0492 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:21:15.0515 0x0be4 Sidebar - ok
16:21:15.0542 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:21:15.0545 0x0be4 mctadmin - ok
16:21:15.0625 0x0be4 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WSCSavNotifier.exe ( 12.1.1000.157 ), 0x71000 ( enabled : updated )
16:21:15.0648 0x0be4 Win FW state via NFP2: enabled ( trusted )
16:21:17.0995 0x0be4 ============================================================
16:21:17.0995 0x0be4 Scan finished
16:21:17.0995 0x0be4 ============================================================
16:21:18.0008 0x186c Detected object count: 9
16:21:18.0008 0x186c Actual detected object count: 9
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - skipped by user
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
16:21:56.0356 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0357 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0367 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0368 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
|
|
14.10.2015, 15:34
| #6 |
| | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Log 2 von TDSSKiller: Code:
ATTFilter 16:19:41.0134 0x1a30 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:19:48.0089 0x1a30 ============================================================
16:19:48.0089 0x1a30 Current date / time: 2015/10/14 16:19:48.0089
16:19:48.0089 0x1a30 SystemInfo:
16:19:48.0089 0x1a30
16:19:48.0089 0x1a30 OS Version: 6.1.7601 ServicePack: 1.0
16:19:48.0089 0x1a30 Product type: Workstation
16:19:48.0089 0x1a30 ComputerName: ADD-INN-BUHA
16:19:48.0090 0x1a30 UserName: Tina
16:19:48.0090 0x1a30 Windows directory: C:\Windows
16:19:48.0090 0x1a30 System windows directory: C:\Windows
16:19:48.0090 0x1a30 Running under WOW64
16:19:48.0090 0x1a30 Processor architecture: Intel x64
16:19:48.0090 0x1a30 Number of processors: 2
16:19:48.0090 0x1a30 Page size: 0x1000
16:19:48.0090 0x1a30 Boot type: Normal boot
16:19:48.0090 0x1a30 ============================================================
16:19:49.0668 0x1a30 KLMD registered as C:\Windows\system32\drivers\73387239.sys
16:19:50.0111 0x1a30 System UUID: {781AA5B7-1B30-C024-7160-9241876131D7}
16:19:50.0966 0x1a30 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:19:50.0972 0x1a30 ============================================================
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0:
16:19:50.0972 0x1a30 MBR partitions:
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x404000, BlocksNum 0x32000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x436000, BlocksNum 0xAF96000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB3CC000, BlocksNum 0x11DF9000
16:19:50.0972 0x1a30 ============================================================
16:19:51.0000 0x1a30 C: <-> \Device\Harddisk0\DR0\Partition2
16:19:51.0034 0x1a30 D: <-> \Device\Harddisk0\DR0\Partition3
16:19:51.0034 0x1a30 ============================================================
16:19:51.0034 0x1a30 Initialize success
16:19:51.0034 0x1a30 ============================================================
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 Scan started
16:19:52.0621 0x0be4 Mode: Manual;
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 KSN ping started
16:19:55.0083 0x0be4 KSN ping finished: true
16:19:56.0540 0x0be4 ================ Scan system memory ========================
16:19:56.0540 0x0be4 System memory - ok
16:19:56.0541 0x0be4 ================ Scan services =============================
16:19:56.0674 0x0be4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:19:56.0691 0x0be4 1394ohci - ok
16:19:56.0752 0x0be4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:19:56.0769 0x0be4 ACPI - ok
16:19:56.0791 0x0be4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:19:56.0793 0x0be4 AcpiPmi - ok
16:19:56.0921 0x0be4 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:19:56.0923 0x0be4 AdobeARMservice - ok
16:19:56.0981 0x0be4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:19:57.0007 0x0be4 adp94xx - ok
16:19:57.0041 0x0be4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:19:57.0057 0x0be4 adpahci - ok
16:19:57.0100 0x0be4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:19:57.0106 0x0be4 adpu320 - ok
16:19:57.0138 0x0be4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:19:57.0140 0x0be4 AeLookupSvc - ok
16:19:57.0210 0x0be4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:19:57.0237 0x0be4 AFD - ok
16:19:57.0274 0x0be4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:19:57.0277 0x0be4 agp440 - ok
16:19:57.0331 0x0be4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:19:57.0335 0x0be4 ALG - ok
16:19:57.0368 0x0be4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:19:57.0370 0x0be4 aliide - ok
16:19:57.0390 0x0be4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:19:57.0392 0x0be4 amdide - ok
16:19:57.0421 0x0be4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:19:57.0424 0x0be4 AmdK8 - ok
16:19:57.0448 0x0be4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:19:57.0452 0x0be4 AmdPPM - ok
16:19:57.0490 0x0be4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:19:57.0495 0x0be4 amdsata - ok
16:19:57.0520 0x0be4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:19:57.0527 0x0be4 amdsbs - ok
16:19:57.0545 0x0be4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:19:57.0549 0x0be4 amdxata - ok
16:19:57.0590 0x0be4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
16:19:57.0593 0x0be4 AppID - ok
16:19:57.0625 0x0be4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:19:57.0627 0x0be4 AppIDSvc - ok
16:19:57.0669 0x0be4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:19:57.0678 0x0be4 Appinfo - ok
16:19:57.0737 0x0be4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:19:57.0745 0x0be4 AppMgmt - ok
16:19:57.0775 0x0be4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:19:57.0780 0x0be4 arc - ok
16:19:57.0801 0x0be4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:19:57.0804 0x0be4 arcsas - ok
16:19:57.0912 0x0be4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:19:57.0921 0x0be4 aspnet_state - ok
16:19:57.0955 0x0be4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:19:57.0957 0x0be4 AsyncMac - ok
16:19:57.0978 0x0be4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:19:57.0979 0x0be4 atapi - ok
16:19:58.0041 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:19:58.0066 0x0be4 AudioEndpointBuilder - ok
16:19:58.0098 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:19:58.0112 0x0be4 AudioSrv - ok
16:19:58.0155 0x0be4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:19:58.0160 0x0be4 AxInstSV - ok
16:19:58.0205 0x0be4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:19:58.0231 0x0be4 b06bdrv - ok
16:19:58.0274 0x0be4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:19:58.0285 0x0be4 b57nd60a - ok
16:19:58.0306 0x0be4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:19:58.0311 0x0be4 BDESVC - ok
16:19:58.0335 0x0be4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:19:58.0336 0x0be4 Beep - ok
16:19:58.0383 0x0be4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:19:58.0414 0x0be4 BFE - ok
16:19:58.0583 0x0be4 [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys
16:19:58.0650 0x0be4 BHDrvx64 - ok
16:19:58.0711 0x0be4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:19:58.0743 0x0be4 BITS - ok
16:19:58.0770 0x0be4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:19:58.0772 0x0be4 blbdrive - ok
16:19:58.0806 0x0be4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:19:58.0810 0x0be4 bowser - ok
16:19:58.0830 0x0be4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:19:58.0833 0x0be4 BrFiltLo - ok
16:19:58.0849 0x0be4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:19:58.0851 0x0be4 BrFiltUp - ok
16:19:58.0876 0x0be4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:19:58.0881 0x0be4 Browser - ok
16:19:58.0920 0x0be4 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
16:19:58.0924 0x0be4 BrSerIb - ok
16:19:58.0947 0x0be4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:19:58.0964 0x0be4 Brserid - ok
16:19:58.0983 0x0be4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:19:58.0987 0x0be4 BrSerWdm - ok
16:19:58.0999 0x0be4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:19:59.0000 0x0be4 BrUsbMdm - ok
16:19:59.0017 0x0be4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:19:59.0020 0x0be4 BrUsbSer - ok
16:19:59.0037 0x0be4 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
16:19:59.0040 0x0be4 BrUsbSIb - ok
16:19:59.0059 0x0be4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:19:59.0063 0x0be4 BTHMODEM - ok
16:19:59.0095 0x0be4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:19:59.0101 0x0be4 bthserv - ok
16:19:59.0139 0x0be4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:19:59.0143 0x0be4 cdfs - ok
16:19:59.0177 0x0be4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:19:59.0183 0x0be4 cdrom - ok
16:19:59.0258 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:19:59.0262 0x0be4 CertPropSvc - ok
16:19:59.0290 0x0be4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:19:59.0292 0x0be4 circlass - ok
16:19:59.0342 0x0be4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:19:59.0376 0x0be4 CLFS - ok
16:19:59.0432 0x0be4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:19:59.0437 0x0be4 clr_optimization_v2.0.50727_32 - ok
16:19:59.0478 0x0be4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:19:59.0482 0x0be4 clr_optimization_v2.0.50727_64 - ok
16:19:59.0552 0x0be4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:19:59.0571 0x0be4 clr_optimization_v4.0.30319_32 - ok
16:19:59.0595 0x0be4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:19:59.0600 0x0be4 clr_optimization_v4.0.30319_64 - ok
16:19:59.0620 0x0be4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:19:59.0623 0x0be4 CmBatt - ok
16:19:59.0647 0x0be4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:19:59.0650 0x0be4 cmdide - ok
16:19:59.0699 0x0be4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:19:59.0725 0x0be4 CNG - ok
16:19:59.0757 0x0be4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:19:59.0760 0x0be4 Compbatt - ok
16:19:59.0786 0x0be4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:19:59.0789 0x0be4 CompositeBus - ok
16:19:59.0801 0x0be4 COMSysApp - ok
16:19:59.0821 0x0be4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:19:59.0824 0x0be4 crcdisk - ok
16:19:59.0874 0x0be4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:19:59.0883 0x0be4 CryptSvc - ok
16:19:59.0925 0x0be4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:19:59.0954 0x0be4 CSC - ok
16:20:00.0007 0x0be4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:20:00.0033 0x0be4 CscService - ok
16:20:00.0083 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:20:00.0109 0x0be4 DcomLaunch - ok
16:20:00.0139 0x0be4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:20:00.0158 0x0be4 defragsvc - ok
16:20:00.0190 0x0be4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:20:00.0193 0x0be4 DfsC - ok
16:20:00.0223 0x0be4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:20:00.0241 0x0be4 Dhcp - ok
16:20:00.0259 0x0be4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:20:00.0261 0x0be4 discache - ok
16:20:00.0285 0x0be4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:20:00.0290 0x0be4 Disk - ok
16:20:00.0323 0x0be4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:20:00.0327 0x0be4 dmvsc - ok
16:20:00.0359 0x0be4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:20:00.0376 0x0be4 Dnscache - ok
16:20:00.0417 0x0be4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:20:00.0434 0x0be4 dot3svc - ok
16:20:00.0459 0x0be4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:20:00.0467 0x0be4 DPS - ok
16:20:00.0520 0x0be4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:20:00.0523 0x0be4 drmkaud - ok
16:20:00.0613 0x0be4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:20:00.0659 0x0be4 DXGKrnl - ok
16:20:00.0693 0x0be4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:20:00.0698 0x0be4 EapHost - ok
16:20:00.0859 0x0be4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:20:00.0989 0x0be4 ebdrv - ok
16:20:01.0072 0x0be4 [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:20:01.0097 0x0be4 eeCtrl - ok
16:20:01.0137 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
16:20:01.0139 0x0be4 EFS - ok
16:20:01.0205 0x0be4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:20:01.0232 0x0be4 ehRecvr - ok
16:20:01.0255 0x0be4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:20:01.0260 0x0be4 ehSched - ok
16:20:01.0311 0x0be4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:20:01.0334 0x0be4 elxstor - ok
16:20:01.0373 0x0be4 [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:20:01.0378 0x0be4 EraserUtilRebootDrv - ok
16:20:01.0396 0x0be4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:20:01.0398 0x0be4 ErrDev - ok
16:20:01.0448 0x0be4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:20:01.0465 0x0be4 EventSystem - ok
16:20:01.0490 0x0be4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:20:01.0507 0x0be4 exfat - ok
16:20:01.0531 0x0be4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:20:01.0548 0x0be4 fastfat - ok
16:20:01.0605 0x0be4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:20:01.0640 0x0be4 Fax - ok
16:20:01.0663 0x0be4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:20:01.0665 0x0be4 fdc - ok
16:20:01.0676 0x0be4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:20:01.0678 0x0be4 fdPHost - ok
16:20:01.0694 0x0be4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:20:01.0697 0x0be4 FDResPub - ok
16:20:01.0713 0x0be4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:20:01.0718 0x0be4 FileInfo - ok
16:20:01.0735 0x0be4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:20:01.0738 0x0be4 Filetrace - ok
16:20:01.0755 0x0be4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:20:01.0758 0x0be4 flpydisk - ok
16:20:01.0791 0x0be4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:20:01.0807 0x0be4 FltMgr - ok
16:20:01.0862 0x0be4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:20:01.0907 0x0be4 FontCache - ok
16:20:01.0949 0x0be4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:01.0952 0x0be4 FontCache3.0.0.0 - ok
16:20:01.0970 0x0be4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:20:01.0974 0x0be4 FsDepends - ok
16:20:01.0996 0x0be4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:20:01.0999 0x0be4 Fs_Rec - ok
16:20:02.0046 0x0be4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:20:02.0054 0x0be4 fvevol - ok
16:20:02.0084 0x0be4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:20:02.0089 0x0be4 gagp30kx - ok
16:20:02.0171 0x0be4 [ F184BF99066764F9B0507C26404DD271, 99721A2407BC86B88CA1D36949EFBFC9DE97204821A63F2E3F4CB27C9F59FD83 ] galvanic_isolation C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe
16:20:02.0176 0x0be4 galvanic_isolation - ok
16:20:02.0234 0x0be4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:20:02.0276 0x0be4 gpsvc - ok
16:20:02.0305 0x0be4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:20:02.0308 0x0be4 hcw85cir - ok
16:20:02.0348 0x0be4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:20:02.0359 0x0be4 HdAudAddService - ok
16:20:02.0389 0x0be4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:20:02.0393 0x0be4 HDAudBus - ok
16:20:02.0408 0x0be4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:20:02.0412 0x0be4 HidBatt - ok
16:20:02.0432 0x0be4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:20:02.0435 0x0be4 HidBth - ok
16:20:02.0460 0x0be4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:20:02.0463 0x0be4 HidIr - ok
16:20:02.0483 0x0be4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:20:02.0487 0x0be4 hidserv - ok
16:20:02.0544 0x0be4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:20:02.0550 0x0be4 HidUsb - ok
16:20:02.0585 0x0be4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:20:02.0590 0x0be4 hkmsvc - ok
16:20:02.0606 0x0be4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:20:02.0615 0x0be4 HomeGroupListener - ok
16:20:02.0639 0x0be4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:20:02.0654 0x0be4 HomeGroupProvider - ok
16:20:02.0675 0x0be4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:20:02.0679 0x0be4 HpSAMD - ok
16:20:02.0749 0x0be4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:20:02.0782 0x0be4 HTTP - ok
16:20:02.0802 0x0be4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:20:02.0804 0x0be4 hwpolicy - ok
16:20:02.0823 0x0be4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:20:02.0829 0x0be4 i8042prt - ok
16:20:02.0867 0x0be4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:20:02.0881 0x0be4 iaStorV - ok
16:20:02.0947 0x0be4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:20:02.0981 0x0be4 idsvc - ok
16:20:03.0080 0x0be4 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151013.003\IDSvia64.sys
16:20:03.0109 0x0be4 IDSVia64 - ok
16:20:03.0144 0x0be4 IEEtwCollectorService - ok
16:20:03.0391 0x0be4 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:20:03.0634 0x0be4 igfx - ok
16:20:03.0681 0x0be4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:20:03.0684 0x0be4 iirsp - ok
16:20:03.0749 0x0be4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:20:03.0783 0x0be4 IKEEXT - ok
16:20:03.0812 0x0be4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:20:03.0815 0x0be4 intelide - ok
16:20:03.0842 0x0be4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:20:03.0846 0x0be4 intelppm - ok
16:20:03.0874 0x0be4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:20:03.0879 0x0be4 IPBusEnum - ok
16:20:03.0891 0x0be4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:03.0897 0x0be4 IpFilterDriver - ok
16:20:03.0946 0x0be4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:20:03.0973 0x0be4 iphlpsvc - ok
16:20:03.0998 0x0be4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:20:04.0002 0x0be4 IPMIDRV - ok
16:20:04.0036 0x0be4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:20:04.0040 0x0be4 IPNAT - ok
16:20:04.0067 0x0be4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:20:04.0068 0x0be4 IRENUM - ok
16:20:04.0084 0x0be4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:20:04.0086 0x0be4 isapnp - ok
16:20:04.0134 0x0be4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:20:04.0151 0x0be4 iScsiPrt - ok
16:20:04.0233 0x0be4 [ 97F1FBDCE6E5492466A308611D579B72, A90F1CE5465F644BE41181C75ABDD3C991AD102AB6BA3C7DAA9E74389418D7FB ] junction_fet C:\Windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\change_of_base_rule.exe
16:20:04.0238 0x0be4 junction_fet - ok
16:20:04.0258 0x0be4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:20:04.0262 0x0be4 kbdclass - ok
16:20:04.0298 0x0be4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:20:04.0301 0x0be4 kbdhid - ok
16:20:04.0310 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
16:20:04.0313 0x0be4 KeyIso - ok
16:20:04.0350 0x0be4 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:20:04.0354 0x0be4 KSecDD - ok
16:20:04.0373 0x0be4 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:20:04.0380 0x0be4 KSecPkg - ok
16:20:04.0394 0x0be4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:20:04.0397 0x0be4 ksthunk - ok
16:20:04.0439 0x0be4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:20:04.0458 0x0be4 KtmRm - ok
16:20:04.0515 0x0be4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:20:04.0532 0x0be4 LanmanServer - ok
16:20:04.0565 0x0be4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:20:04.0573 0x0be4 LanmanWorkstation - ok
16:20:04.0608 0x0be4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:20:04.0612 0x0be4 lltdio - ok
16:20:04.0636 0x0be4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:20:04.0654 0x0be4 lltdsvc - ok
16:20:04.0676 0x0be4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:20:04.0679 0x0be4 lmhosts - ok
16:20:04.0704 0x0be4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:20:04.0710 0x0be4 LSI_FC - ok
16:20:04.0742 0x0be4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:20:04.0749 0x0be4 LSI_SAS - ok
16:20:04.0766 0x0be4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:20:04.0769 0x0be4 LSI_SAS2 - ok
16:20:04.0787 0x0be4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:20:04.0792 0x0be4 LSI_SCSI - ok
16:20:04.0810 0x0be4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:20:04.0816 0x0be4 luafv - ok
16:20:04.0840 0x0be4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:20:04.0859 0x0be4 Mcx2Svc - ok
16:20:04.0875 0x0be4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:20:04.0878 0x0be4 megasas - ok
16:20:04.0904 0x0be4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:20:04.0921 0x0be4 MegaSR - ok
16:20:04.0997 0x0be4 Microsoft SharePoint Workspace Audit Service - ok
16:20:05.0020 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:20:05.0026 0x0be4 MMCSS - ok
16:20:05.0039 0x0be4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:20:05.0042 0x0be4 Modem - ok
16:20:05.0073 0x0be4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:20:05.0075 0x0be4 monitor - ok
16:20:05.0100 0x0be4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:20:05.0104 0x0be4 mouclass - ok
16:20:05.0126 0x0be4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:20:05.0128 0x0be4 mouhid - ok
16:20:05.0169 0x0be4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:20:05.0174 0x0be4 mountmgr - ok
16:20:05.0234 0x0be4 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:20:05.0238 0x0be4 MozillaMaintenance - ok
16:20:05.0277 0x0be4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:20:05.0284 0x0be4 mpio - ok
16:20:05.0308 0x0be4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:20:05.0312 0x0be4 mpsdrv - ok
16:20:05.0385 0x0be4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:20:05.0427 0x0be4 MpsSvc - ok
16:20:05.0470 0x0be4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:20:05.0475 0x0be4 MRxDAV - ok
16:20:05.0500 0x0be4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:05.0507 0x0be4 mrxsmb - ok
16:20:05.0534 0x0be4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:05.0551 0x0be4 mrxsmb10 - ok
16:20:05.0584 0x0be4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:05.0588 0x0be4 mrxsmb20 - ok
16:20:05.0621 0x0be4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:20:05.0623 0x0be4 msahci - ok
16:20:05.0662 0x0be4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:20:05.0669 0x0be4 msdsm - ok
16:20:05.0708 0x0be4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:20:05.0717 0x0be4 MSDTC - ok
16:20:05.0858 0x0be4 [ 3DE4F1440DE21DC7DECEE9B1F1AC35D8, F4D75C1D84CF27DF421E144F2733EA20BD4F1415B43C379D6D73EBB3BA8CE037 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
16:20:05.0877 0x0be4 MsDtsServer110 - ok
16:20:05.0914 0x0be4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:20:05.0918 0x0be4 Msfs - ok
16:20:05.0930 0x0be4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:20:05.0933 0x0be4 mshidkmdf - ok
16:20:05.0942 0x0be4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:20:05.0946 0x0be4 msisadrv - ok
16:20:05.0971 0x0be4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:20:05.0979 0x0be4 MSiSCSI - ok
16:20:05.0987 0x0be4 msiserver - ok
16:20:06.0011 0x0be4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:20:06.0013 0x0be4 MSKSSRV - ok
16:20:06.0028 0x0be4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:06.0031 0x0be4 MSPCLOCK - ok
16:20:06.0039 0x0be4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:20:06.0040 0x0be4 MSPQM - ok
16:20:06.0069 0x0be4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:20:06.0087 0x0be4 MsRPC - ok
16:20:06.0124 0x0be4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:20:06.0128 0x0be4 mssmbios - ok
16:20:06.0215 0x0be4 [ F4991C8C070C86082E6F0597F73E02D0, C39F47D2D4525BB4950827F1EDB92CCF5067267AA1AAEF7137E45482C1436D97 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
16:20:06.0218 0x0be4 MSSQLFDLauncher - ok
16:20:06.0262 0x0be4 [ 64D793C35644E12FA72A679069F85668, 071E9A8863E7ADFD81678CC84AB9053B13D999920C4A8282C3E28A5A30D0123A ] MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
16:20:06.0270 0x0be4 MSSQLSERVER - ok
16:20:06.0338 0x0be4 MSSQLServerOLAPService - ok
16:20:06.0365 0x0be4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:20:06.0366 0x0be4 MSTEE - ok
16:20:06.0395 0x0be4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:20:06.0399 0x0be4 MTConfig - ok
16:20:06.0409 0x0be4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:20:06.0414 0x0be4 Mup - ok
16:20:06.0458 0x0be4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:20:06.0485 0x0be4 napagent - ok
16:20:06.0527 0x0be4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:20:06.0540 0x0be4 NativeWifiP - ok
16:20:06.0625 0x0be4 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\ENG64.SYS
16:20:06.0630 0x0be4 NAVENG - ok
16:20:06.0741 0x0be4 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\EX64.SYS
16:20:06.0825 0x0be4 NAVEX15 - ok
16:20:06.0901 0x0be4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:20:06.0934 0x0be4 NDIS - ok
16:20:06.0971 0x0be4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:20:06.0973 0x0be4 NdisCap - ok
16:20:06.0989 0x0be4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:06.0991 0x0be4 NdisTapi - ok
16:20:07.0009 0x0be4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:07.0012 0x0be4 Ndisuio - ok
16:20:07.0027 0x0be4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:07.0037 0x0be4 NdisWan - ok
16:20:07.0064 0x0be4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:20:07.0069 0x0be4 NDProxy - ok
16:20:07.0083 0x0be4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:20:07.0086 0x0be4 NetBIOS - ok
16:20:07.0109 0x0be4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:20:07.0126 0x0be4 NetBT - ok
16:20:07.0143 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
16:20:07.0146 0x0be4 Netlogon - ok
16:20:07.0187 0x0be4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:20:07.0205 0x0be4 Netman - ok
16:20:07.0245 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0251 0x0be4 NetMsmqActivator - ok
16:20:07.0269 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0273 0x0be4 NetPipeActivator - ok
16:20:07.0303 0x0be4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:20:07.0316 0x0be4 netprofm - ok
16:20:07.0336 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0339 0x0be4 NetTcpActivator - ok
16:20:07.0353 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0357 0x0be4 NetTcpPortSharing - ok
16:20:07.0384 0x0be4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:20:07.0387 0x0be4 nfrd960 - ok
16:20:07.0435 0x0be4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:20:07.0446 0x0be4 NlaSvc - ok
16:20:07.0467 0x0be4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:20:07.0470 0x0be4 Npfs - ok
16:20:07.0492 0x0be4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:20:07.0496 0x0be4 nsi - ok
16:20:07.0505 0x0be4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:20:07.0508 0x0be4 nsiproxy - ok
16:20:07.0618 0x0be4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:20:07.0691 0x0be4 Ntfs - ok
16:20:07.0719 0x0be4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:20:07.0720 0x0be4 Null - ok
16:20:07.0743 0x0be4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:20:07.0751 0x0be4 nvraid - ok
16:20:07.0774 0x0be4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:20:07.0780 0x0be4 nvstor - ok
16:20:07.0809 0x0be4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:20:07.0815 0x0be4 nv_agp - ok
16:20:07.0835 0x0be4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:20:07.0839 0x0be4 ohci1394 - ok
16:20:07.0913 0x0be4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:07.0919 0x0be4 ose - ok
16:20:08.0179 0x0be4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:08.0358 0x0be4 osppsvc - ok
16:20:08.0431 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:20:08.0441 0x0be4 p2pimsvc - ok
16:20:08.0475 0x0be4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:20:08.0502 0x0be4 p2psvc - ok
16:20:08.0527 0x0be4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:20:08.0534 0x0be4 Parport - ok
16:20:08.0565 0x0be4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:20:08.0570 0x0be4 partmgr - ok
16:20:08.0608 0x0be4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:20:08.0616 0x0be4 PcaSvc - ok
16:20:08.0649 0x0be4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:20:08.0656 0x0be4 pci - ok
16:20:08.0685 0x0be4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:20:08.0688 0x0be4 pciide - ok
16:20:08.0706 0x0be4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:20:08.0715 0x0be4 pcmcia - ok
16:20:08.0731 0x0be4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:20:08.0739 0x0be4 pcw - ok
16:20:08.0794 0x0be4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:20:08.0821 0x0be4 PEAUTH - ok
16:20:08.0902 0x0be4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:20:08.0957 0x0be4 PeerDistSvc - ok
16:20:09.0024 0x0be4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:20:09.0026 0x0be4 PerfHost - ok
16:20:09.0113 0x0be4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:20:09.0174 0x0be4 pla - ok
16:20:09.0213 0x0be4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:20:09.0239 0x0be4 PlugPlay - ok
16:20:09.0254 0x0be4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:20:09.0257 0x0be4 PNRPAutoReg - ok
16:20:09.0281 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:20:09.0290 0x0be4 PNRPsvc - ok
16:20:09.0331 0x0be4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:20:09.0357 0x0be4 PolicyAgent - ok
16:20:09.0398 0x0be4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:20:09.0415 0x0be4 Power - ok
16:20:09.0449 0x0be4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:20:09.0454 0x0be4 PptpMiniport - ok
16:20:09.0479 0x0be4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:20:09.0482 0x0be4 Processor - ok
16:20:09.0530 0x0be4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:20:09.0541 0x0be4 ProfSvc - ok
16:20:09.0550 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:20:09.0553 0x0be4 ProtectedStorage - ok
16:20:09.0580 0x0be4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:20:09.0585 0x0be4 Psched - ok
16:20:09.0672 0x0be4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:20:09.0747 0x0be4 ql2300 - ok
16:20:09.0783 0x0be4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:20:09.0792 0x0be4 ql40xx - ok
16:20:09.0827 0x0be4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:20:09.0844 0x0be4 QWAVE - ok
16:20:09.0859 0x0be4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:20:09.0862 0x0be4 QWAVEdrv - ok
16:20:09.0871 0x0be4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:20:09.0873 0x0be4 RasAcd - ok
16:20:09.0905 0x0be4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:20:09.0909 0x0be4 RasAgileVpn - ok
16:20:09.0924 0x0be4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:20:09.0930 0x0be4 RasAuto - ok
16:20:09.0949 0x0be4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:09.0966 0x0be4 Rasl2tp - ok
16:20:09.0995 0x0be4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:20:10.0013 0x0be4 RasMan - ok
16:20:10.0062 0x0be4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:10.0066 0x0be4 RasPppoe - ok
16:20:10.0093 0x0be4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:20:10.0097 0x0be4 RasSstp - ok
16:20:10.0273 0x0be4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:20:10.0291 0x0be4 rdbss - ok
16:20:10.0306 0x0be4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:20:10.0308 0x0be4 rdpbus - ok
16:20:10.0319 0x0be4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:10.0322 0x0be4 RDPCDD - ok
16:20:10.0347 0x0be4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:20:10.0354 0x0be4 RDPDR - ok
16:20:10.0378 0x0be4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:20:10.0380 0x0be4 RDPENCDD - ok
16:20:10.0399 0x0be4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:20:10.0402 0x0be4 RDPREFMP - ok
16:20:10.0487 0x0be4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:20:10.0490 0x0be4 RdpVideoMiniport - ok
16:20:10.0529 0x0be4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:20:10.0539 0x0be4 RDPWD - ok
16:20:10.0564 0x0be4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:20:10.0573 0x0be4 rdyboost - ok
16:20:10.0599 0x0be4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:20:10.0608 0x0be4 RemoteAccess - ok
16:20:10.0642 0x0be4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:20:10.0653 0x0be4 RemoteRegistry - ok
16:20:10.0837 0x0be4 [ 0D84CB080B36EECBC8201E046C6CE763, 195344E2E623B811349FD594880D45D7B992580A83FF82C3354B0ED4C50A999F ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
16:20:10.0941 0x0be4 ReportServer - ok
16:20:10.0976 0x0be4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:20:10.0981 0x0be4 RpcEptMapper - ok
16:20:11.0009 0x0be4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:20:11.0012 0x0be4 RpcLocator - ok
16:20:11.0046 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:20:11.0058 0x0be4 RpcSs - ok
16:20:11.0123 0x0be4 [ 964E8376B0B3FE1354B19907E1A4A692, 7B955D071EC7E681DA11F1DBF530AEE03A120D2FBA184A2A203E59BA1121C3AB ] RsFx0201 C:\Windows\system32\DRIVERS\RsFx0201.sys
16:20:11.0140 0x0be4 RsFx0201 - ok
16:20:11.0178 0x0be4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:20:11.0182 0x0be4 rspndr - ok
16:20:11.0220 0x0be4 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
16:20:11.0223 0x0be4 RTL8023x64 - ok
16:20:11.0250 0x0be4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:20:11.0252 0x0be4 s3cap - ok
16:20:11.0334 0x0be4 [ 5D9932536F12E1E125DC9B48E2CDF784, B149E606E35FF1038BAAF41648AE7542D788F4101C6BB92506EF2D9D3AD325FC ] SageDeploymentService C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
16:20:11.0345 0x0be4 SageDeploymentService - ok
16:20:11.0411 0x0be4 [ F6A730B70F4BB31133C2C0C45A369671, 68BD5CCCC4E6E1EFAC336BE1FBD4963F30169E29D7DDFF6FBDF2893DEAF85200 ] SageMultiUserService40 C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
16:20:11.0416 0x0be4 SageMultiUserService40 - ok
16:20:11.0433 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
16:20:11.0435 0x0be4 SamSs - ok
16:20:11.0464 0x0be4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:20:11.0471 0x0be4 sbp2port - ok
16:20:11.0503 0x0be4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:20:11.0522 0x0be4 SCardSvr - ok
16:20:11.0534 0x0be4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:20:11.0537 0x0be4 scfilter - ok
16:20:11.0591 0x0be4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:20:11.0634 0x0be4 Schedule - ok
16:20:11.0669 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:20:11.0671 0x0be4 SCPolicySvc - ok
16:20:11.0688 0x0be4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:20:11.0695 0x0be4 SDRSVC - ok
16:20:11.0723 0x0be4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:20:11.0726 0x0be4 secdrv - ok
16:20:11.0740 0x0be4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:20:11.0744 0x0be4 seclogon - ok
16:20:11.0757 0x0be4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:20:11.0762 0x0be4 SENS - ok
16:20:11.0787 0x0be4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:20:11.0792 0x0be4 SensrSvc - ok
16:20:11.0866 0x0be4 [ 74885BDFF62E537F268EBF8E8CEC24BB, D49949C3ED3CE748FD5EF0CA4ECEA5F30B9EEAE365EBA7072A0BE203A84D8227 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
16:20:11.0869 0x0be4 SepMasterService - ok
16:20:11.0899 0x0be4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:20:11.0901 0x0be4 Serenum - ok
16:20:11.0918 0x0be4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:20:11.0923 0x0be4 Serial - ok
16:20:11.0934 0x0be4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:20:11.0938 0x0be4 sermouse - ok
16:20:11.0969 0x0be4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:20:11.0978 0x0be4 SessionEnv - ok
16:20:11.0990 0x0be4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:20:11.0994 0x0be4 sffdisk - ok
16:20:12.0007 0x0be4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:20:12.0010 0x0be4 sffp_mmc - ok
16:20:12.0023 0x0be4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:20:12.0026 0x0be4 sffp_sd - ok
16:20:12.0037 0x0be4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:20:12.0040 0x0be4 sfloppy - ok
16:20:12.0072 0x0be4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:20:12.0090 0x0be4 SharedAccess - ok
16:20:12.0122 0x0be4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:20:12.0139 0x0be4 ShellHWDetection - ok
16:20:12.0155 0x0be4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:20:12.0159 0x0be4 SiSRaid2 - ok
16:20:12.0181 0x0be4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:20:12.0185 0x0be4 SiSRaid4 - ok
16:20:12.0205 0x0be4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:20:12.0210 0x0be4 Smb - ok
16:20:12.0338 0x0be4 [ B8EF6F1FAFBE89E24E152907605E7A25, B1771BB419265EFBA3185DA884FD921C66A86492C3DF19AB06E26010372C9442 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
16:20:12.0395 0x0be4 SmcService - ok
16:20:12.0450 0x0be4 [ 89733DCC3817455FBC3AB4A3C19EE765, 0D550153860D9557BC5E8B7B03CEF677FA4E24DB0A8F51F536B87D1CD0100A1C ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
16:20:12.0465 0x0be4 SNAC - ok
16:20:12.0499 0x0be4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:20:12.0502 0x0be4 SNMPTRAP - ok
16:20:12.0529 0x0be4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:20:12.0532 0x0be4 spldr - ok
16:20:12.0581 0x0be4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:20:12.0601 0x0be4 Spooler - ok
16:20:12.0761 0x0be4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:20:12.0893 0x0be4 sppsvc - ok
16:20:12.0924 0x0be4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:20:12.0930 0x0be4 sppuinotify - ok
16:20:13.0034 0x0be4 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:20:13.0041 0x0be4 SQLBrowser - ok
16:20:13.0266 0x0be4 [ F4A50C0B17A39B77B2DAB6A89C1A820F, 750CB6E862D45B28BF2822D5A053FB06D2D45EE45C8F28322BE892E81E48FB47 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
16:20:13.0284 0x0be4 SQLSERVERAGENT - ok
16:20:13.0353 0x0be4 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:20:13.0356 0x0be4 SQLWriter - ok
16:20:13.0418 0x0be4 [ 48FD53FED3C81726001E438A2201E9FF, 96CC81F74917960382101AD839D86DEA8B48BE7211A00BCC2AB400BA1E4CBCB1 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
16:20:13.0444 0x0be4 SRTSP - ok
16:20:13.0467 0x0be4 [ 63199A936D9BDEA578DFB8F5E9A40095, B38593311A6ACCA1F3EE3F441A533DCB7639E6E6FCA4A83A5B11696A355CD533 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
16:20:13.0470 0x0be4 SRTSPX - ok
16:20:13.0516 0x0be4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:20:13.0541 0x0be4 srv - ok
16:20:13.0588 0x0be4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:20:13.0605 0x0be4 srv2 - ok
16:20:13.0628 0x0be4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:20:13.0645 0x0be4 srvnet - ok
16:20:13.0679 0x0be4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:20:13.0688 0x0be4 SSDPSRV - ok
16:20:13.0703 0x0be4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:20:13.0710 0x0be4 SstpSvc - ok
16:20:13.0741 0x0be4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:20:13.0743 0x0be4 stexstor - ok
16:20:13.0787 0x0be4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:20:13.0814 0x0be4 stisvc - ok
16:20:13.0850 0x0be4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:20:13.0854 0x0be4 storflt - ok
16:20:13.0875 0x0be4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:20:13.0880 0x0be4 StorSvc - ok
16:20:13.0903 0x0be4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:20:13.0905 0x0be4 storvsc - ok
16:20:13.0935 0x0be4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:20:13.0937 0x0be4 swenum - ok
16:20:13.0982 0x0be4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:20:14.0006 0x0be4 swprv - ok
16:20:14.0052 0x0be4 [ F017987B177F7BBC989318D59309D091, 3ED316AC86FB1F871B36ABA65E5B164B22D255B7509574A2CA8FC878A1142266 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
16:20:14.0078 0x0be4 SymDS - ok
16:20:14.0137 0x0be4 [ E7F25D768EE0CDF69D8B752398C262BB, D401B892EB4C7CFCEDBFB228EA8918513674A26516CA733F4777050F4F425D2A ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
16:20:14.0171 0x0be4 SymEFA - ok
16:20:14.0211 0x0be4 [ 36B77F5C9E21F88A8C8EC67AD5415819, 0ECB96799F614C1C17F2D705A3C17E83078225A2350F3048A11F5C3164F7894A ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:20:14.0218 0x0be4 SymEvent - ok
16:20:14.0242 0x0be4 [ 1611FA7A95A48387DF22757FA81B46A9, B32C4D9FB9D35B5A37D9BF321F6BE2964EE536BADFFEB23C3D8693C08B35A795 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
16:20:14.0249 0x0be4 SymIRON - ok
16:20:14.0287 0x0be4 [ D41557715C1C792D1391DB5AA81A00DF, D08013347ED5F3CD62BF48075A2A5C71E2EE5E95A7BDB43F2435D5F0F19880D8 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
16:20:14.0299 0x0be4 SYMNETS - ok
16:20:14.0396 0x0be4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:20:14.0464 0x0be4 SysMain - ok
16:20:14.0492 0x0be4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:20:14.0499 0x0be4 TabletInputService - ok
16:20:14.0523 0x0be4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:20:14.0535 0x0be4 TapiSrv - ok
16:20:14.0556 0x0be4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:20:14.0561 0x0be4 TBS - ok
16:20:14.0672 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:20:14.0748 0x0be4 Tcpip - ok
16:20:14.0858 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:20:14.0900 0x0be4 TCPIP6 - ok
16:20:14.0944 0x0be4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:20:14.0947 0x0be4 tcpipreg - ok
16:20:14.0976 0x0be4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:20:14.0978 0x0be4 TDPIPE - ok
16:20:15.0004 0x0be4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:20:15.0007 0x0be4 TDTCP - ok
16:20:15.0048 0x0be4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:20:15.0053 0x0be4 tdx - ok
16:20:15.0332 0x0be4 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:20:15.0463 0x0be4 TeamViewer - ok
16:20:15.0512 0x0be4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:20:15.0517 0x0be4 TermDD - ok
16:20:15.0568 0x0be4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:20:15.0594 0x0be4 TermService - ok
16:20:15.0624 0x0be4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:20:15.0630 0x0be4 Themes - ok
16:20:15.0649 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:20:15.0652 0x0be4 THREADORDER - ok
16:20:15.0671 0x0be4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:20:15.0680 0x0be4 TrkWks - ok
16:20:15.0733 0x0be4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:20:15.0738 0x0be4 TrustedInstaller - ok
16:20:15.0776 0x0be4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:20:15.0779 0x0be4 tssecsrv - ok
16:20:15.0826 0x0be4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:20:15.0830 0x0be4 TsUsbFlt - ok
16:20:15.0864 0x0be4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:20:15.0867 0x0be4 TsUsbGD - ok
16:20:15.0913 0x0be4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:20:15.0918 0x0be4 tunnel - ok
16:20:15.0932 0x0be4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:20:15.0936 0x0be4 uagp35 - ok
16:20:15.0973 0x0be4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:20:15.0990 0x0be4 udfs - ok
16:20:16.0032 0x0be4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:20:16.0037 0x0be4 UI0Detect - ok
16:20:16.0073 0x0be4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:20:16.0076 0x0be4 uliagpkx - ok
16:20:16.0115 0x0be4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:20:16.0118 0x0be4 umbus - ok
16:20:16.0137 0x0be4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:20:16.0139 0x0be4 UmPass - ok
16:20:16.0167 0x0be4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:20:16.0184 0x0be4 UmRdpService - ok
16:20:16.0217 0x0be4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:20:16.0234 0x0be4 upnphost - ok
16:20:16.0269 0x0be4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:20:16.0273 0x0be4 usbccgp - ok
16:20:16.0316 0x0be4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:20:16.0325 0x0be4 usbcir - ok
16:20:16.0361 0x0be4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:20:16.0365 0x0be4 usbehci - ok
16:20:16.0417 0x0be4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:20:16.0434 0x0be4 usbhub - ok
16:20:16.0456 0x0be4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:20:16.0459 0x0be4 usbohci - ok
16:20:16.0487 0x0be4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:20:16.0490 0x0be4 usbprint - ok
16:20:16.0524 0x0be4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:20:16.0527 0x0be4 usbscan - ok
16:20:16.0554 0x0be4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:20:16.0558 0x0be4 USBSTOR - ok
16:20:16.0603 0x0be4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:20:16.0605 0x0be4 usbuhci - ok
16:20:16.0625 0x0be4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:20:16.0633 0x0be4 UxSms - ok
16:20:16.0647 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
16:20:16.0649 0x0be4 VaultSvc - ok
16:20:16.0684 0x0be4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:20:16.0686 0x0be4 vdrvroot - ok
16:20:16.0729 0x0be4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:20:16.0755 0x0be4 vds - ok
16:20:16.0773 0x0be4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:20:16.0775 0x0be4 vga - ok
16:20:16.0793 0x0be4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:20:16.0796 0x0be4 VgaSave - ok
16:20:16.0817 0x0be4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:20:16.0834 0x0be4 vhdmp - ok
16:20:16.0853 0x0be4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:20:16.0855 0x0be4 viaide - ok
16:20:16.0898 0x0be4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:20:16.0917 0x0be4 vmbus - ok
16:20:16.0934 0x0be4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:20:16.0936 0x0be4 VMBusHID - ok
16:20:16.0956 0x0be4 vmci - ok
16:20:16.0965 0x0be4 VMnetAdapter - ok
16:20:16.0994 0x0be4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:20:16.0998 0x0be4 volmgr - ok
16:20:17.0025 0x0be4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:20:17.0042 0x0be4 volmgrx - ok
16:20:17.0069 0x0be4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:20:17.0086 0x0be4 volsnap - ok
16:20:17.0108 0x0be4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:20:17.0115 0x0be4 vsmraid - ok
16:20:17.0204 0x0be4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:20:17.0255 0x0be4 VSS - ok
16:20:17.0270 0x0be4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:20:17.0273 0x0be4 vwifibus - ok
16:20:17.0301 0x0be4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:20:17.0316 0x0be4 W32Time - ok
16:20:17.0337 0x0be4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:20:17.0340 0x0be4 WacomPen - ok
16:20:17.0369 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0373 0x0be4 WANARP - ok
16:20:17.0380 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0383 0x0be4 Wanarpv6 - ok
16:20:17.0471 0x0be4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:20:17.0538 0x0be4 wbengine - ok
16:20:17.0567 0x0be4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:20:17.0600 0x0be4 WbioSrvc - ok
16:20:17.0624 0x0be4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:20:17.0657 0x0be4 wcncsvc - ok
16:20:17.0679 0x0be4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:20:17.0685 0x0be4 WcsPlugInService - ok
16:20:17.0714 0x0be4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:20:17.0717 0x0be4 Wd - ok
16:20:17.0795 0x0be4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:20:17.0837 0x0be4 Wdf01000 - ok
16:20:17.0873 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:20:17.0880 0x0be4 WdiServiceHost - ok
16:20:17.0890 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:20:17.0894 0x0be4 WdiSystemHost - ok
16:20:17.0942 0x0be4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:20:17.0956 0x0be4 WebClient - ok
16:20:17.0988 0x0be4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:20:18.0005 0x0be4 Wecsvc - ok
16:20:18.0017 0x0be4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:20:18.0023 0x0be4 wercplsupport - ok
16:20:18.0047 0x0be4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:20:18.0051 0x0be4 WerSvc - ok
16:20:18.0076 0x0be4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:20:18.0078 0x0be4 WfpLwf - ok
16:20:18.0108 0x0be4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:20:18.0111 0x0be4 WIMMount - ok
16:20:18.0132 0x0be4 WinDefend - ok
16:20:18.0150 0x0be4 WinHttpAutoProxySvc - ok
16:20:18.0194 0x0be4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:20:18.0203 0x0be4 Winmgmt - ok
16:20:18.0306 0x0be4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:20:18.0399 0x0be4 WinRM - ok
16:20:18.0458 0x0be4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:20:18.0461 0x0be4 WinUsb - ok
16:20:18.0514 0x0be4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:20:18.0555 0x0be4 Wlansvc - ok
16:20:18.0572 0x0be4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:20:18.0574 0x0be4 WmiAcpi - ok
16:20:18.0610 0x0be4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:20:18.0627 0x0be4 wmiApSrv - ok
16:20:18.0654 0x0be4 WMPNetworkSvc - ok
16:20:18.0661 0x0be4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:20:18.0664 0x0be4 WPCSvc - ok
16:20:18.0683 0x0be4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:20:18.0691 0x0be4 WPDBusEnum - ok
16:20:18.0717 0x0be4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:20:18.0719 0x0be4 ws2ifsl - ok
16:20:18.0748 0x0be4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:20:18.0757 0x0be4 wscsvc - ok
16:20:18.0763 0x0be4 WSearch - ok
16:20:18.0907 0x0be4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
16:20:19.0009 0x0be4 wuauserv - ok
16:20:19.0052 0x0be4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:20:19.0056 0x0be4 WudfPf - ok
16:20:19.0091 0x0be4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:20:19.0100 0x0be4 WUDFRd - ok
16:20:19.0123 0x0be4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:20:19.0128 0x0be4 wudfsvc - ok
16:20:19.0190 0x0be4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:20:19.0207 0x0be4 WwanSvc - ok
16:20:19.0283 0x0be4 ================ Scan global ===============================
16:20:19.0332 0x0be4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:20:19.0428 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0469 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0513 0x0be4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:20:19.0588 0x0be4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:20:19.0598 0x0be4 [ Global ] - ok
16:20:19.0600 0x0be4 ================ Scan MBR ==================================
16:20:19.0619 0x0be4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:20:19.0820 0x0be4 \Device\Harddisk0\DR0 - ok
16:20:19.0820 0x0be4 ================ Scan VBR ==================================
16:20:19.0824 0x0be4 [ F769AA0408A7FABB7A0BE02CC2B6057E ] \Device\Harddisk0\DR0\Partition1
16:20:19.0826 0x0be4 \Device\Harddisk0\DR0\Partition1 - ok
16:20:19.0830 0x0be4 [ 299D461E9AB116841197CF11FCB8C71C ] \Device\Harddisk0\DR0\Partition2
16:20:19.0834 0x0be4 \Device\Harddisk0\DR0\Partition2 - ok
16:20:19.0856 0x0be4 [ B387B3E85DD46C84BFFF0B66AE451F67 ] \Device\Harddisk0\DR0\Partition3
16:20:19.0857 0x0be4 \Device\Harddisk0\DR0\Partition3 - ok
16:20:19.0858 0x0be4 ================ Scan generic autorun ======================
16:20:19.0888 0x0be4 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
16:20:19.0892 0x0be4 IgfxTray - ok
16:20:19.0917 0x0be4 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
16:20:19.0925 0x0be4 HotKeysCmds - ok
16:20:19.0951 0x0be4 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
16:20:19.0959 0x0be4 Persistence - ok
16:20:20.0111 0x0be4 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:20:20.0166 0x0be4 CanonMyPrinter - ok
16:20:20.0236 0x0be4 [ 15A8C9530AA97DAF8F917BED957D833C, 3319C6A1B1F9FF0BAC17B7D50105BE28942099A6AFE308BA1A7C8BA0D89FB0D8 ] C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:20.0241 0x0be4 current_mode_pwm - ok
16:20:20.0283 0x0be4 [ C57096C601324DF1C5344BCD39093C0C, C2007D0585105F5AA72C6E1E9A3E69514C32F76BE3A664D4BDB6F9D256667689 ] C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\broadband.exe
16:20:20.0325 0x0be4 glitch_immunity - ok
16:20:20.0396 0x0be4 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
16:20:20.0403 0x0be4 FreePDF Assistant - ok
16:20:20.0471 0x0be4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:20:20.0475 0x0be4 BCSSync - ok
16:20:20.0622 0x0be4 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
16:20:20.0661 0x0be4 CanonSolutionMenuEx - ok
16:20:20.0706 0x0be4 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
16:20:20.0714 0x0be4 IJNetworkScannerSelectorEX - ok
16:20:20.0797 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:20.0839 0x0be4 Sidebar - ok
16:20:20.0875 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:20.0945 0x0be4 mctadmin - ok
16:20:21.0017 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:21.0039 0x0be4 Sidebar - ok
16:20:21.0048 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:21.0051 0x0be4 mctadmin - ok
16:20:21.0102 0x0be4 [ 755DB0FABD639DE8D9FA6D446BA90D36, 144A3975545311270825E64FE564F16A8895573ABF0B4C0AD07A766D4E8D86DC ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
16:20:21.0112 0x0be4 Gadwin PrintScreen - ok
16:20:21.0228 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:21.0229 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:20:21.0551 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:24.0159 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:24.0159 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:26.0606 0x0be4 Object send P2P result: true
16:20:29.0091 0x0be4 Have new async UDS detects: 1
16:20:29.0092 0x0be4 current_mode_pwm - detected UDS:DangerousObject.Multi.Generic ( 0 )
16:20:29.0092 0x0be4 current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - infected
16:20:29.0092 0x0be4 Force sending object to P2P due to detect: C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:31.0508 0x0be4 Object send P2P result: true
16:20:33.0897 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:33.0897 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:20:33.0929 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:36.0445 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:36.0445 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:38.0860 0x0be4 Object send P2P result: true
16:20:41.0244 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:41.0245 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:41.0253 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:43.0756 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:43.0756 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:46.0168 0x0be4 Object send P2P result: true
16:20:48.0551 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:48.0551 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:20:48.0559 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:51.0067 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:51.0068 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:53.0475 0x0be4 Object send P2P result: true
16:20:56.0070 0x0be4 [ E6C60E153524E8C18E06C643B11D5AD3, 834FAEB4AE15C3F197816B0CEF7A45FE361FBDB9ED958C81584ED15751A9AE91 ] C:\Program Files\CCleaner\CCleaner64.exe
16:20:56.0258 0x0be4 ccleaner - ok
16:20:56.0303 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:56.0303 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:56.0313 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:56.0313 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:56.0313 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:58.0722 0x0be4 Object send P2P result: true
16:21:01.0078 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:01.0078 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:21:01.0085 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:01.0085 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:01.0086 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:03.0500 0x0be4 Object send P2P result: true
16:21:05.0876 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:05.0877 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:21:05.0885 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:05.0886 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:05.0886 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:08.0300 0x0be4 Object send P2P result: true
16:21:10.0667 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:10.0667 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:21:10.0673 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:10.0673 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:10.0673 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:13.0089 0x0be4 Object send P2P result: true
16:21:15.0492 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:21:15.0515 0x0be4 Sidebar - ok
16:21:15.0542 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:21:15.0545 0x0be4 mctadmin - ok
16:21:15.0625 0x0be4 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WSCSavNotifier.exe ( 12.1.1000.157 ), 0x71000 ( enabled : updated )
16:21:15.0648 0x0be4 Win FW state via NFP2: enabled ( trusted )
16:21:17.0995 0x0be4 ============================================================
16:21:17.0995 0x0be4 Scan finished
16:21:17.0995 0x0be4 ============================================================
16:21:18.0008 0x186c Detected object count: 9
16:21:18.0008 0x186c Actual detected object count: 9
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - skipped by user
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
16:21:56.0356 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0357 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0367 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0368 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
|
|
14.10.2015, 15:35
| #7 |
| | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( und Log 3 von TDSSKILLer: Code:
ATTFilter 16:19:41.0134 0x1a30 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:19:48.0089 0x1a30 ============================================================
16:19:48.0089 0x1a30 Current date / time: 2015/10/14 16:19:48.0089
16:19:48.0089 0x1a30 SystemInfo:
16:19:48.0089 0x1a30
16:19:48.0089 0x1a30 OS Version: 6.1.7601 ServicePack: 1.0
16:19:48.0089 0x1a30 Product type: Workstation
16:19:48.0089 0x1a30 ComputerName: ADD-INN-BUHA
16:19:48.0090 0x1a30 UserName: Tina
16:19:48.0090 0x1a30 Windows directory: C:\Windows
16:19:48.0090 0x1a30 System windows directory: C:\Windows
16:19:48.0090 0x1a30 Running under WOW64
16:19:48.0090 0x1a30 Processor architecture: Intel x64
16:19:48.0090 0x1a30 Number of processors: 2
16:19:48.0090 0x1a30 Page size: 0x1000
16:19:48.0090 0x1a30 Boot type: Normal boot
16:19:48.0090 0x1a30 ============================================================
16:19:49.0668 0x1a30 KLMD registered as C:\Windows\system32\drivers\73387239.sys
16:19:50.0111 0x1a30 System UUID: {781AA5B7-1B30-C024-7160-9241876131D7}
16:19:50.0966 0x1a30 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:19:50.0972 0x1a30 ============================================================
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0:
16:19:50.0972 0x1a30 MBR partitions:
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x404000, BlocksNum 0x32000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x436000, BlocksNum 0xAF96000
16:19:50.0972 0x1a30 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB3CC000, BlocksNum 0x11DF9000
16:19:50.0972 0x1a30 ============================================================
16:19:51.0000 0x1a30 C: <-> \Device\Harddisk0\DR0\Partition2
16:19:51.0034 0x1a30 D: <-> \Device\Harddisk0\DR0\Partition3
16:19:51.0034 0x1a30 ============================================================
16:19:51.0034 0x1a30 Initialize success
16:19:51.0034 0x1a30 ============================================================
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 Scan started
16:19:52.0621 0x0be4 Mode: Manual;
16:19:52.0621 0x0be4 ============================================================
16:19:52.0621 0x0be4 KSN ping started
16:19:55.0083 0x0be4 KSN ping finished: true
16:19:56.0540 0x0be4 ================ Scan system memory ========================
16:19:56.0540 0x0be4 System memory - ok
16:19:56.0541 0x0be4 ================ Scan services =============================
16:19:56.0674 0x0be4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:19:56.0691 0x0be4 1394ohci - ok
16:19:56.0752 0x0be4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:19:56.0769 0x0be4 ACPI - ok
16:19:56.0791 0x0be4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:19:56.0793 0x0be4 AcpiPmi - ok
16:19:56.0921 0x0be4 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:19:56.0923 0x0be4 AdobeARMservice - ok
16:19:56.0981 0x0be4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
16:19:57.0007 0x0be4 adp94xx - ok
16:19:57.0041 0x0be4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
16:19:57.0057 0x0be4 adpahci - ok
16:19:57.0100 0x0be4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
16:19:57.0106 0x0be4 adpu320 - ok
16:19:57.0138 0x0be4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:19:57.0140 0x0be4 AeLookupSvc - ok
16:19:57.0210 0x0be4 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:19:57.0237 0x0be4 AFD - ok
16:19:57.0274 0x0be4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:19:57.0277 0x0be4 agp440 - ok
16:19:57.0331 0x0be4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:19:57.0335 0x0be4 ALG - ok
16:19:57.0368 0x0be4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:19:57.0370 0x0be4 aliide - ok
16:19:57.0390 0x0be4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:19:57.0392 0x0be4 amdide - ok
16:19:57.0421 0x0be4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
16:19:57.0424 0x0be4 AmdK8 - ok
16:19:57.0448 0x0be4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
16:19:57.0452 0x0be4 AmdPPM - ok
16:19:57.0490 0x0be4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:19:57.0495 0x0be4 amdsata - ok
16:19:57.0520 0x0be4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
16:19:57.0527 0x0be4 amdsbs - ok
16:19:57.0545 0x0be4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:19:57.0549 0x0be4 amdxata - ok
16:19:57.0590 0x0be4 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
16:19:57.0593 0x0be4 AppID - ok
16:19:57.0625 0x0be4 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:19:57.0627 0x0be4 AppIDSvc - ok
16:19:57.0669 0x0be4 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:19:57.0678 0x0be4 Appinfo - ok
16:19:57.0737 0x0be4 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
16:19:57.0745 0x0be4 AppMgmt - ok
16:19:57.0775 0x0be4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
16:19:57.0780 0x0be4 arc - ok
16:19:57.0801 0x0be4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
16:19:57.0804 0x0be4 arcsas - ok
16:19:57.0912 0x0be4 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:19:57.0921 0x0be4 aspnet_state - ok
16:19:57.0955 0x0be4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:19:57.0957 0x0be4 AsyncMac - ok
16:19:57.0978 0x0be4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:19:57.0979 0x0be4 atapi - ok
16:19:58.0041 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:19:58.0066 0x0be4 AudioEndpointBuilder - ok
16:19:58.0098 0x0be4 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:19:58.0112 0x0be4 AudioSrv - ok
16:19:58.0155 0x0be4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:19:58.0160 0x0be4 AxInstSV - ok
16:19:58.0205 0x0be4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
16:19:58.0231 0x0be4 b06bdrv - ok
16:19:58.0274 0x0be4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:19:58.0285 0x0be4 b57nd60a - ok
16:19:58.0306 0x0be4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:19:58.0311 0x0be4 BDESVC - ok
16:19:58.0335 0x0be4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:19:58.0336 0x0be4 Beep - ok
16:19:58.0383 0x0be4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:19:58.0414 0x0be4 BFE - ok
16:19:58.0583 0x0be4 [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys
16:19:58.0650 0x0be4 BHDrvx64 - ok
16:19:58.0711 0x0be4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:19:58.0743 0x0be4 BITS - ok
16:19:58.0770 0x0be4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:19:58.0772 0x0be4 blbdrive - ok
16:19:58.0806 0x0be4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:19:58.0810 0x0be4 bowser - ok
16:19:58.0830 0x0be4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
16:19:58.0833 0x0be4 BrFiltLo - ok
16:19:58.0849 0x0be4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
16:19:58.0851 0x0be4 BrFiltUp - ok
16:19:58.0876 0x0be4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:19:58.0881 0x0be4 Browser - ok
16:19:58.0920 0x0be4 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
16:19:58.0924 0x0be4 BrSerIb - ok
16:19:58.0947 0x0be4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:19:58.0964 0x0be4 Brserid - ok
16:19:58.0983 0x0be4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:19:58.0987 0x0be4 BrSerWdm - ok
16:19:58.0999 0x0be4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:19:59.0000 0x0be4 BrUsbMdm - ok
16:19:59.0017 0x0be4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:19:59.0020 0x0be4 BrUsbSer - ok
16:19:59.0037 0x0be4 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
16:19:59.0040 0x0be4 BrUsbSIb - ok
16:19:59.0059 0x0be4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
16:19:59.0063 0x0be4 BTHMODEM - ok
16:19:59.0095 0x0be4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:19:59.0101 0x0be4 bthserv - ok
16:19:59.0139 0x0be4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:19:59.0143 0x0be4 cdfs - ok
16:19:59.0177 0x0be4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:19:59.0183 0x0be4 cdrom - ok
16:19:59.0258 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:19:59.0262 0x0be4 CertPropSvc - ok
16:19:59.0290 0x0be4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
16:19:59.0292 0x0be4 circlass - ok
16:19:59.0342 0x0be4 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
16:19:59.0376 0x0be4 CLFS - ok
16:19:59.0432 0x0be4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:19:59.0437 0x0be4 clr_optimization_v2.0.50727_32 - ok
16:19:59.0478 0x0be4 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:19:59.0482 0x0be4 clr_optimization_v2.0.50727_64 - ok
16:19:59.0552 0x0be4 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:19:59.0571 0x0be4 clr_optimization_v4.0.30319_32 - ok
16:19:59.0595 0x0be4 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:19:59.0600 0x0be4 clr_optimization_v4.0.30319_64 - ok
16:19:59.0620 0x0be4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
16:19:59.0623 0x0be4 CmBatt - ok
16:19:59.0647 0x0be4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:19:59.0650 0x0be4 cmdide - ok
16:19:59.0699 0x0be4 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
16:19:59.0725 0x0be4 CNG - ok
16:19:59.0757 0x0be4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
16:19:59.0760 0x0be4 Compbatt - ok
16:19:59.0786 0x0be4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:19:59.0789 0x0be4 CompositeBus - ok
16:19:59.0801 0x0be4 COMSysApp - ok
16:19:59.0821 0x0be4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
16:19:59.0824 0x0be4 crcdisk - ok
16:19:59.0874 0x0be4 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:19:59.0883 0x0be4 CryptSvc - ok
16:19:59.0925 0x0be4 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
16:19:59.0954 0x0be4 CSC - ok
16:20:00.0007 0x0be4 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
16:20:00.0033 0x0be4 CscService - ok
16:20:00.0083 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:20:00.0109 0x0be4 DcomLaunch - ok
16:20:00.0139 0x0be4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:20:00.0158 0x0be4 defragsvc - ok
16:20:00.0190 0x0be4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:20:00.0193 0x0be4 DfsC - ok
16:20:00.0223 0x0be4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:20:00.0241 0x0be4 Dhcp - ok
16:20:00.0259 0x0be4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:20:00.0261 0x0be4 discache - ok
16:20:00.0285 0x0be4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
16:20:00.0290 0x0be4 Disk - ok
16:20:00.0323 0x0be4 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
16:20:00.0327 0x0be4 dmvsc - ok
16:20:00.0359 0x0be4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:20:00.0376 0x0be4 Dnscache - ok
16:20:00.0417 0x0be4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:20:00.0434 0x0be4 dot3svc - ok
16:20:00.0459 0x0be4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:20:00.0467 0x0be4 DPS - ok
16:20:00.0520 0x0be4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:20:00.0523 0x0be4 drmkaud - ok
16:20:00.0613 0x0be4 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:20:00.0659 0x0be4 DXGKrnl - ok
16:20:00.0693 0x0be4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:20:00.0698 0x0be4 EapHost - ok
16:20:00.0859 0x0be4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
16:20:00.0989 0x0be4 ebdrv - ok
16:20:01.0072 0x0be4 [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:20:01.0097 0x0be4 eeCtrl - ok
16:20:01.0137 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
16:20:01.0139 0x0be4 EFS - ok
16:20:01.0205 0x0be4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:20:01.0232 0x0be4 ehRecvr - ok
16:20:01.0255 0x0be4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:20:01.0260 0x0be4 ehSched - ok
16:20:01.0311 0x0be4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
16:20:01.0334 0x0be4 elxstor - ok
16:20:01.0373 0x0be4 [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:20:01.0378 0x0be4 EraserUtilRebootDrv - ok
16:20:01.0396 0x0be4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:20:01.0398 0x0be4 ErrDev - ok
16:20:01.0448 0x0be4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:20:01.0465 0x0be4 EventSystem - ok
16:20:01.0490 0x0be4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:20:01.0507 0x0be4 exfat - ok
16:20:01.0531 0x0be4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:20:01.0548 0x0be4 fastfat - ok
16:20:01.0605 0x0be4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:20:01.0640 0x0be4 Fax - ok
16:20:01.0663 0x0be4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:20:01.0665 0x0be4 fdc - ok
16:20:01.0676 0x0be4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:20:01.0678 0x0be4 fdPHost - ok
16:20:01.0694 0x0be4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:20:01.0697 0x0be4 FDResPub - ok
16:20:01.0713 0x0be4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:20:01.0718 0x0be4 FileInfo - ok
16:20:01.0735 0x0be4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:20:01.0738 0x0be4 Filetrace - ok
16:20:01.0755 0x0be4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
16:20:01.0758 0x0be4 flpydisk - ok
16:20:01.0791 0x0be4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:20:01.0807 0x0be4 FltMgr - ok
16:20:01.0862 0x0be4 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:20:01.0907 0x0be4 FontCache - ok
16:20:01.0949 0x0be4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:20:01.0952 0x0be4 FontCache3.0.0.0 - ok
16:20:01.0970 0x0be4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:20:01.0974 0x0be4 FsDepends - ok
16:20:01.0996 0x0be4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:20:01.0999 0x0be4 Fs_Rec - ok
16:20:02.0046 0x0be4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:20:02.0054 0x0be4 fvevol - ok
16:20:02.0084 0x0be4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
16:20:02.0089 0x0be4 gagp30kx - ok
16:20:02.0171 0x0be4 [ F184BF99066764F9B0507C26404DD271, 99721A2407BC86B88CA1D36949EFBFC9DE97204821A63F2E3F4CB27C9F59FD83 ] galvanic_isolation C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe
16:20:02.0176 0x0be4 galvanic_isolation - ok
16:20:02.0234 0x0be4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:20:02.0276 0x0be4 gpsvc - ok
16:20:02.0305 0x0be4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:20:02.0308 0x0be4 hcw85cir - ok
16:20:02.0348 0x0be4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:20:02.0359 0x0be4 HdAudAddService - ok
16:20:02.0389 0x0be4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:20:02.0393 0x0be4 HDAudBus - ok
16:20:02.0408 0x0be4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
16:20:02.0412 0x0be4 HidBatt - ok
16:20:02.0432 0x0be4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
16:20:02.0435 0x0be4 HidBth - ok
16:20:02.0460 0x0be4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
16:20:02.0463 0x0be4 HidIr - ok
16:20:02.0483 0x0be4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:20:02.0487 0x0be4 hidserv - ok
16:20:02.0544 0x0be4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:20:02.0550 0x0be4 HidUsb - ok
16:20:02.0585 0x0be4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:20:02.0590 0x0be4 hkmsvc - ok
16:20:02.0606 0x0be4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:20:02.0615 0x0be4 HomeGroupListener - ok
16:20:02.0639 0x0be4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:20:02.0654 0x0be4 HomeGroupProvider - ok
16:20:02.0675 0x0be4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:20:02.0679 0x0be4 HpSAMD - ok
16:20:02.0749 0x0be4 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:20:02.0782 0x0be4 HTTP - ok
16:20:02.0802 0x0be4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:20:02.0804 0x0be4 hwpolicy - ok
16:20:02.0823 0x0be4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:20:02.0829 0x0be4 i8042prt - ok
16:20:02.0867 0x0be4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:20:02.0881 0x0be4 iaStorV - ok
16:20:02.0947 0x0be4 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:20:02.0981 0x0be4 idsvc - ok
16:20:03.0080 0x0be4 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151013.003\IDSvia64.sys
16:20:03.0109 0x0be4 IDSVia64 - ok
16:20:03.0144 0x0be4 IEEtwCollectorService - ok
16:20:03.0391 0x0be4 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
16:20:03.0634 0x0be4 igfx - ok
16:20:03.0681 0x0be4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
16:20:03.0684 0x0be4 iirsp - ok
16:20:03.0749 0x0be4 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:20:03.0783 0x0be4 IKEEXT - ok
16:20:03.0812 0x0be4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:20:03.0815 0x0be4 intelide - ok
16:20:03.0842 0x0be4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:20:03.0846 0x0be4 intelppm - ok
16:20:03.0874 0x0be4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:20:03.0879 0x0be4 IPBusEnum - ok
16:20:03.0891 0x0be4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:20:03.0897 0x0be4 IpFilterDriver - ok
16:20:03.0946 0x0be4 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:20:03.0973 0x0be4 iphlpsvc - ok
16:20:03.0998 0x0be4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:20:04.0002 0x0be4 IPMIDRV - ok
16:20:04.0036 0x0be4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:20:04.0040 0x0be4 IPNAT - ok
16:20:04.0067 0x0be4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:20:04.0068 0x0be4 IRENUM - ok
16:20:04.0084 0x0be4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:20:04.0086 0x0be4 isapnp - ok
16:20:04.0134 0x0be4 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:20:04.0151 0x0be4 iScsiPrt - ok
16:20:04.0233 0x0be4 [ 97F1FBDCE6E5492466A308611D579B72, A90F1CE5465F644BE41181C75ABDD3C991AD102AB6BA3C7DAA9E74389418D7FB ] junction_fet C:\Windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\change_of_base_rule.exe
16:20:04.0238 0x0be4 junction_fet - ok
16:20:04.0258 0x0be4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:20:04.0262 0x0be4 kbdclass - ok
16:20:04.0298 0x0be4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:20:04.0301 0x0be4 kbdhid - ok
16:20:04.0310 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
16:20:04.0313 0x0be4 KeyIso - ok
16:20:04.0350 0x0be4 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:20:04.0354 0x0be4 KSecDD - ok
16:20:04.0373 0x0be4 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:20:04.0380 0x0be4 KSecPkg - ok
16:20:04.0394 0x0be4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:20:04.0397 0x0be4 ksthunk - ok
16:20:04.0439 0x0be4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:20:04.0458 0x0be4 KtmRm - ok
16:20:04.0515 0x0be4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:20:04.0532 0x0be4 LanmanServer - ok
16:20:04.0565 0x0be4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:20:04.0573 0x0be4 LanmanWorkstation - ok
16:20:04.0608 0x0be4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:20:04.0612 0x0be4 lltdio - ok
16:20:04.0636 0x0be4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:20:04.0654 0x0be4 lltdsvc - ok
16:20:04.0676 0x0be4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:20:04.0679 0x0be4 lmhosts - ok
16:20:04.0704 0x0be4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
16:20:04.0710 0x0be4 LSI_FC - ok
16:20:04.0742 0x0be4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
16:20:04.0749 0x0be4 LSI_SAS - ok
16:20:04.0766 0x0be4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
16:20:04.0769 0x0be4 LSI_SAS2 - ok
16:20:04.0787 0x0be4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
16:20:04.0792 0x0be4 LSI_SCSI - ok
16:20:04.0810 0x0be4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:20:04.0816 0x0be4 luafv - ok
16:20:04.0840 0x0be4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:20:04.0859 0x0be4 Mcx2Svc - ok
16:20:04.0875 0x0be4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
16:20:04.0878 0x0be4 megasas - ok
16:20:04.0904 0x0be4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
16:20:04.0921 0x0be4 MegaSR - ok
16:20:04.0997 0x0be4 Microsoft SharePoint Workspace Audit Service - ok
16:20:05.0020 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:20:05.0026 0x0be4 MMCSS - ok
16:20:05.0039 0x0be4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:20:05.0042 0x0be4 Modem - ok
16:20:05.0073 0x0be4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:20:05.0075 0x0be4 monitor - ok
16:20:05.0100 0x0be4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:20:05.0104 0x0be4 mouclass - ok
16:20:05.0126 0x0be4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:20:05.0128 0x0be4 mouhid - ok
16:20:05.0169 0x0be4 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:20:05.0174 0x0be4 mountmgr - ok
16:20:05.0234 0x0be4 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:20:05.0238 0x0be4 MozillaMaintenance - ok
16:20:05.0277 0x0be4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:20:05.0284 0x0be4 mpio - ok
16:20:05.0308 0x0be4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:20:05.0312 0x0be4 mpsdrv - ok
16:20:05.0385 0x0be4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:20:05.0427 0x0be4 MpsSvc - ok
16:20:05.0470 0x0be4 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:20:05.0475 0x0be4 MRxDAV - ok
16:20:05.0500 0x0be4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:20:05.0507 0x0be4 mrxsmb - ok
16:20:05.0534 0x0be4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:20:05.0551 0x0be4 mrxsmb10 - ok
16:20:05.0584 0x0be4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:20:05.0588 0x0be4 mrxsmb20 - ok
16:20:05.0621 0x0be4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:20:05.0623 0x0be4 msahci - ok
16:20:05.0662 0x0be4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:20:05.0669 0x0be4 msdsm - ok
16:20:05.0708 0x0be4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:20:05.0717 0x0be4 MSDTC - ok
16:20:05.0858 0x0be4 [ 3DE4F1440DE21DC7DECEE9B1F1AC35D8, F4D75C1D84CF27DF421E144F2733EA20BD4F1415B43C379D6D73EBB3BA8CE037 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
16:20:05.0877 0x0be4 MsDtsServer110 - ok
16:20:05.0914 0x0be4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:20:05.0918 0x0be4 Msfs - ok
16:20:05.0930 0x0be4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:20:05.0933 0x0be4 mshidkmdf - ok
16:20:05.0942 0x0be4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:20:05.0946 0x0be4 msisadrv - ok
16:20:05.0971 0x0be4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:20:05.0979 0x0be4 MSiSCSI - ok
16:20:05.0987 0x0be4 msiserver - ok
16:20:06.0011 0x0be4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:20:06.0013 0x0be4 MSKSSRV - ok
16:20:06.0028 0x0be4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:20:06.0031 0x0be4 MSPCLOCK - ok
16:20:06.0039 0x0be4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:20:06.0040 0x0be4 MSPQM - ok
16:20:06.0069 0x0be4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:20:06.0087 0x0be4 MsRPC - ok
16:20:06.0124 0x0be4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:20:06.0128 0x0be4 mssmbios - ok
16:20:06.0215 0x0be4 [ F4991C8C070C86082E6F0597F73E02D0, C39F47D2D4525BB4950827F1EDB92CCF5067267AA1AAEF7137E45482C1436D97 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
16:20:06.0218 0x0be4 MSSQLFDLauncher - ok
16:20:06.0262 0x0be4 [ 64D793C35644E12FA72A679069F85668, 071E9A8863E7ADFD81678CC84AB9053B13D999920C4A8282C3E28A5A30D0123A ] MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
16:20:06.0270 0x0be4 MSSQLSERVER - ok
16:20:06.0338 0x0be4 MSSQLServerOLAPService - ok
16:20:06.0365 0x0be4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:20:06.0366 0x0be4 MSTEE - ok
16:20:06.0395 0x0be4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
16:20:06.0399 0x0be4 MTConfig - ok
16:20:06.0409 0x0be4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:20:06.0414 0x0be4 Mup - ok
16:20:06.0458 0x0be4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:20:06.0485 0x0be4 napagent - ok
16:20:06.0527 0x0be4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:20:06.0540 0x0be4 NativeWifiP - ok
16:20:06.0625 0x0be4 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\ENG64.SYS
16:20:06.0630 0x0be4 NAVENG - ok
16:20:06.0741 0x0be4 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151013.040\EX64.SYS
16:20:06.0825 0x0be4 NAVEX15 - ok
16:20:06.0901 0x0be4 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:20:06.0934 0x0be4 NDIS - ok
16:20:06.0971 0x0be4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:20:06.0973 0x0be4 NdisCap - ok
16:20:06.0989 0x0be4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:20:06.0991 0x0be4 NdisTapi - ok
16:20:07.0009 0x0be4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:20:07.0012 0x0be4 Ndisuio - ok
16:20:07.0027 0x0be4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:20:07.0037 0x0be4 NdisWan - ok
16:20:07.0064 0x0be4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:20:07.0069 0x0be4 NDProxy - ok
16:20:07.0083 0x0be4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:20:07.0086 0x0be4 NetBIOS - ok
16:20:07.0109 0x0be4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:20:07.0126 0x0be4 NetBT - ok
16:20:07.0143 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
16:20:07.0146 0x0be4 Netlogon - ok
16:20:07.0187 0x0be4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:20:07.0205 0x0be4 Netman - ok
16:20:07.0245 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0251 0x0be4 NetMsmqActivator - ok
16:20:07.0269 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0273 0x0be4 NetPipeActivator - ok
16:20:07.0303 0x0be4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:20:07.0316 0x0be4 netprofm - ok
16:20:07.0336 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0339 0x0be4 NetTcpActivator - ok
16:20:07.0353 0x0be4 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:20:07.0357 0x0be4 NetTcpPortSharing - ok
16:20:07.0384 0x0be4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
16:20:07.0387 0x0be4 nfrd960 - ok
16:20:07.0435 0x0be4 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
16:20:07.0446 0x0be4 NlaSvc - ok
16:20:07.0467 0x0be4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:20:07.0470 0x0be4 Npfs - ok
16:20:07.0492 0x0be4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:20:07.0496 0x0be4 nsi - ok
16:20:07.0505 0x0be4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:20:07.0508 0x0be4 nsiproxy - ok
16:20:07.0618 0x0be4 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:20:07.0691 0x0be4 Ntfs - ok
16:20:07.0719 0x0be4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:20:07.0720 0x0be4 Null - ok
16:20:07.0743 0x0be4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:20:07.0751 0x0be4 nvraid - ok
16:20:07.0774 0x0be4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:20:07.0780 0x0be4 nvstor - ok
16:20:07.0809 0x0be4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:20:07.0815 0x0be4 nv_agp - ok
16:20:07.0835 0x0be4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:20:07.0839 0x0be4 ohci1394 - ok
16:20:07.0913 0x0be4 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:20:07.0919 0x0be4 ose - ok
16:20:08.0179 0x0be4 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:20:08.0358 0x0be4 osppsvc - ok
16:20:08.0431 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:20:08.0441 0x0be4 p2pimsvc - ok
16:20:08.0475 0x0be4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:20:08.0502 0x0be4 p2psvc - ok
16:20:08.0527 0x0be4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
16:20:08.0534 0x0be4 Parport - ok
16:20:08.0565 0x0be4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:20:08.0570 0x0be4 partmgr - ok
16:20:08.0608 0x0be4 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:20:08.0616 0x0be4 PcaSvc - ok
16:20:08.0649 0x0be4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:20:08.0656 0x0be4 pci - ok
16:20:08.0685 0x0be4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:20:08.0688 0x0be4 pciide - ok
16:20:08.0706 0x0be4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
16:20:08.0715 0x0be4 pcmcia - ok
16:20:08.0731 0x0be4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:20:08.0739 0x0be4 pcw - ok
16:20:08.0794 0x0be4 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:20:08.0821 0x0be4 PEAUTH - ok
16:20:08.0902 0x0be4 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:20:08.0957 0x0be4 PeerDistSvc - ok
16:20:09.0024 0x0be4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:20:09.0026 0x0be4 PerfHost - ok
16:20:09.0113 0x0be4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:20:09.0174 0x0be4 pla - ok
16:20:09.0213 0x0be4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:20:09.0239 0x0be4 PlugPlay - ok
16:20:09.0254 0x0be4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:20:09.0257 0x0be4 PNRPAutoReg - ok
16:20:09.0281 0x0be4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:20:09.0290 0x0be4 PNRPsvc - ok
16:20:09.0331 0x0be4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:20:09.0357 0x0be4 PolicyAgent - ok
16:20:09.0398 0x0be4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:20:09.0415 0x0be4 Power - ok
16:20:09.0449 0x0be4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:20:09.0454 0x0be4 PptpMiniport - ok
16:20:09.0479 0x0be4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
16:20:09.0482 0x0be4 Processor - ok
16:20:09.0530 0x0be4 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
16:20:09.0541 0x0be4 ProfSvc - ok
16:20:09.0550 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:20:09.0553 0x0be4 ProtectedStorage - ok
16:20:09.0580 0x0be4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:20:09.0585 0x0be4 Psched - ok
16:20:09.0672 0x0be4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
16:20:09.0747 0x0be4 ql2300 - ok
16:20:09.0783 0x0be4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
16:20:09.0792 0x0be4 ql40xx - ok
16:20:09.0827 0x0be4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:20:09.0844 0x0be4 QWAVE - ok
16:20:09.0859 0x0be4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:20:09.0862 0x0be4 QWAVEdrv - ok
16:20:09.0871 0x0be4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:20:09.0873 0x0be4 RasAcd - ok
16:20:09.0905 0x0be4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:20:09.0909 0x0be4 RasAgileVpn - ok
16:20:09.0924 0x0be4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:20:09.0930 0x0be4 RasAuto - ok
16:20:09.0949 0x0be4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:20:09.0966 0x0be4 Rasl2tp - ok
16:20:09.0995 0x0be4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:20:10.0013 0x0be4 RasMan - ok
16:20:10.0062 0x0be4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:20:10.0066 0x0be4 RasPppoe - ok
16:20:10.0093 0x0be4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:20:10.0097 0x0be4 RasSstp - ok
16:20:10.0273 0x0be4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:20:10.0291 0x0be4 rdbss - ok
16:20:10.0306 0x0be4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:20:10.0308 0x0be4 rdpbus - ok
16:20:10.0319 0x0be4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:20:10.0322 0x0be4 RDPCDD - ok
16:20:10.0347 0x0be4 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:20:10.0354 0x0be4 RDPDR - ok
16:20:10.0378 0x0be4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:20:10.0380 0x0be4 RDPENCDD - ok
16:20:10.0399 0x0be4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:20:10.0402 0x0be4 RDPREFMP - ok
16:20:10.0487 0x0be4 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:20:10.0490 0x0be4 RdpVideoMiniport - ok
16:20:10.0529 0x0be4 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:20:10.0539 0x0be4 RDPWD - ok
16:20:10.0564 0x0be4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:20:10.0573 0x0be4 rdyboost - ok
16:20:10.0599 0x0be4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:20:10.0608 0x0be4 RemoteAccess - ok
16:20:10.0642 0x0be4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:20:10.0653 0x0be4 RemoteRegistry - ok
16:20:10.0837 0x0be4 [ 0D84CB080B36EECBC8201E046C6CE763, 195344E2E623B811349FD594880D45D7B992580A83FF82C3354B0ED4C50A999F ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
16:20:10.0941 0x0be4 ReportServer - ok
16:20:10.0976 0x0be4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:20:10.0981 0x0be4 RpcEptMapper - ok
16:20:11.0009 0x0be4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:20:11.0012 0x0be4 RpcLocator - ok
16:20:11.0046 0x0be4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:20:11.0058 0x0be4 RpcSs - ok
16:20:11.0123 0x0be4 [ 964E8376B0B3FE1354B19907E1A4A692, 7B955D071EC7E681DA11F1DBF530AEE03A120D2FBA184A2A203E59BA1121C3AB ] RsFx0201 C:\Windows\system32\DRIVERS\RsFx0201.sys
16:20:11.0140 0x0be4 RsFx0201 - ok
16:20:11.0178 0x0be4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:20:11.0182 0x0be4 rspndr - ok
16:20:11.0220 0x0be4 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
16:20:11.0223 0x0be4 RTL8023x64 - ok
16:20:11.0250 0x0be4 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
16:20:11.0252 0x0be4 s3cap - ok
16:20:11.0334 0x0be4 [ 5D9932536F12E1E125DC9B48E2CDF784, B149E606E35FF1038BAAF41648AE7542D788F4101C6BB92506EF2D9D3AD325FC ] SageDeploymentService C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
16:20:11.0345 0x0be4 SageDeploymentService - ok
16:20:11.0411 0x0be4 [ F6A730B70F4BB31133C2C0C45A369671, 68BD5CCCC4E6E1EFAC336BE1FBD4963F30169E29D7DDFF6FBDF2893DEAF85200 ] SageMultiUserService40 C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
16:20:11.0416 0x0be4 SageMultiUserService40 - ok
16:20:11.0433 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
16:20:11.0435 0x0be4 SamSs - ok
16:20:11.0464 0x0be4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:20:11.0471 0x0be4 sbp2port - ok
16:20:11.0503 0x0be4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:20:11.0522 0x0be4 SCardSvr - ok
16:20:11.0534 0x0be4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:20:11.0537 0x0be4 scfilter - ok
16:20:11.0591 0x0be4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:20:11.0634 0x0be4 Schedule - ok
16:20:11.0669 0x0be4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:20:11.0671 0x0be4 SCPolicySvc - ok
16:20:11.0688 0x0be4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:20:11.0695 0x0be4 SDRSVC - ok
16:20:11.0723 0x0be4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:20:11.0726 0x0be4 secdrv - ok
16:20:11.0740 0x0be4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:20:11.0744 0x0be4 seclogon - ok
16:20:11.0757 0x0be4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:20:11.0762 0x0be4 SENS - ok
16:20:11.0787 0x0be4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:20:11.0792 0x0be4 SensrSvc - ok
16:20:11.0866 0x0be4 [ 74885BDFF62E537F268EBF8E8CEC24BB, D49949C3ED3CE748FD5EF0CA4ECEA5F30B9EEAE365EBA7072A0BE203A84D8227 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
16:20:11.0869 0x0be4 SepMasterService - ok
16:20:11.0899 0x0be4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:20:11.0901 0x0be4 Serenum - ok
16:20:11.0918 0x0be4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:20:11.0923 0x0be4 Serial - ok
16:20:11.0934 0x0be4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
16:20:11.0938 0x0be4 sermouse - ok
16:20:11.0969 0x0be4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:20:11.0978 0x0be4 SessionEnv - ok
16:20:11.0990 0x0be4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:20:11.0994 0x0be4 sffdisk - ok
16:20:12.0007 0x0be4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:20:12.0010 0x0be4 sffp_mmc - ok
16:20:12.0023 0x0be4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:20:12.0026 0x0be4 sffp_sd - ok
16:20:12.0037 0x0be4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
16:20:12.0040 0x0be4 sfloppy - ok
16:20:12.0072 0x0be4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:20:12.0090 0x0be4 SharedAccess - ok
16:20:12.0122 0x0be4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:20:12.0139 0x0be4 ShellHWDetection - ok
16:20:12.0155 0x0be4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
16:20:12.0159 0x0be4 SiSRaid2 - ok
16:20:12.0181 0x0be4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
16:20:12.0185 0x0be4 SiSRaid4 - ok
16:20:12.0205 0x0be4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:20:12.0210 0x0be4 Smb - ok
16:20:12.0338 0x0be4 [ B8EF6F1FAFBE89E24E152907605E7A25, B1771BB419265EFBA3185DA884FD921C66A86492C3DF19AB06E26010372C9442 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
16:20:12.0395 0x0be4 SmcService - ok
16:20:12.0450 0x0be4 [ 89733DCC3817455FBC3AB4A3C19EE765, 0D550153860D9557BC5E8B7B03CEF677FA4E24DB0A8F51F536B87D1CD0100A1C ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
16:20:12.0465 0x0be4 SNAC - ok
16:20:12.0499 0x0be4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:20:12.0502 0x0be4 SNMPTRAP - ok
16:20:12.0529 0x0be4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:20:12.0532 0x0be4 spldr - ok
16:20:12.0581 0x0be4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:20:12.0601 0x0be4 Spooler - ok
16:20:12.0761 0x0be4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:20:12.0893 0x0be4 sppsvc - ok
16:20:12.0924 0x0be4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:20:12.0930 0x0be4 sppuinotify - ok
16:20:13.0034 0x0be4 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
16:20:13.0041 0x0be4 SQLBrowser - ok
16:20:13.0266 0x0be4 [ F4A50C0B17A39B77B2DAB6A89C1A820F, 750CB6E862D45B28BF2822D5A053FB06D2D45EE45C8F28322BE892E81E48FB47 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
16:20:13.0284 0x0be4 SQLSERVERAGENT - ok
16:20:13.0353 0x0be4 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
16:20:13.0356 0x0be4 SQLWriter - ok
16:20:13.0418 0x0be4 [ 48FD53FED3C81726001E438A2201E9FF, 96CC81F74917960382101AD839D86DEA8B48BE7211A00BCC2AB400BA1E4CBCB1 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
16:20:13.0444 0x0be4 SRTSP - ok
16:20:13.0467 0x0be4 [ 63199A936D9BDEA578DFB8F5E9A40095, B38593311A6ACCA1F3EE3F441A533DCB7639E6E6FCA4A83A5B11696A355CD533 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
16:20:13.0470 0x0be4 SRTSPX - ok
16:20:13.0516 0x0be4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:20:13.0541 0x0be4 srv - ok
16:20:13.0588 0x0be4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:20:13.0605 0x0be4 srv2 - ok
16:20:13.0628 0x0be4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:20:13.0645 0x0be4 srvnet - ok
16:20:13.0679 0x0be4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:20:13.0688 0x0be4 SSDPSRV - ok
16:20:13.0703 0x0be4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:20:13.0710 0x0be4 SstpSvc - ok
16:20:13.0741 0x0be4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
16:20:13.0743 0x0be4 stexstor - ok
16:20:13.0787 0x0be4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:20:13.0814 0x0be4 stisvc - ok
16:20:13.0850 0x0be4 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
16:20:13.0854 0x0be4 storflt - ok
16:20:13.0875 0x0be4 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
16:20:13.0880 0x0be4 StorSvc - ok
16:20:13.0903 0x0be4 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
16:20:13.0905 0x0be4 storvsc - ok
16:20:13.0935 0x0be4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:20:13.0937 0x0be4 swenum - ok
16:20:13.0982 0x0be4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:20:14.0006 0x0be4 swprv - ok
16:20:14.0052 0x0be4 [ F017987B177F7BBC989318D59309D091, 3ED316AC86FB1F871B36ABA65E5B164B22D255B7509574A2CA8FC878A1142266 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
16:20:14.0078 0x0be4 SymDS - ok
16:20:14.0137 0x0be4 [ E7F25D768EE0CDF69D8B752398C262BB, D401B892EB4C7CFCEDBFB228EA8918513674A26516CA733F4777050F4F425D2A ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
16:20:14.0171 0x0be4 SymEFA - ok
16:20:14.0211 0x0be4 [ 36B77F5C9E21F88A8C8EC67AD5415819, 0ECB96799F614C1C17F2D705A3C17E83078225A2350F3048A11F5C3164F7894A ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:20:14.0218 0x0be4 SymEvent - ok
16:20:14.0242 0x0be4 [ 1611FA7A95A48387DF22757FA81B46A9, B32C4D9FB9D35B5A37D9BF321F6BE2964EE536BADFFEB23C3D8693C08B35A795 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
16:20:14.0249 0x0be4 SymIRON - ok
16:20:14.0287 0x0be4 [ D41557715C1C792D1391DB5AA81A00DF, D08013347ED5F3CD62BF48075A2A5C71E2EE5E95A7BDB43F2435D5F0F19880D8 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
16:20:14.0299 0x0be4 SYMNETS - ok
16:20:14.0396 0x0be4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:20:14.0464 0x0be4 SysMain - ok
16:20:14.0492 0x0be4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:20:14.0499 0x0be4 TabletInputService - ok
16:20:14.0523 0x0be4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:20:14.0535 0x0be4 TapiSrv - ok
16:20:14.0556 0x0be4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:20:14.0561 0x0be4 TBS - ok
16:20:14.0672 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:20:14.0748 0x0be4 Tcpip - ok
16:20:14.0858 0x0be4 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:20:14.0900 0x0be4 TCPIP6 - ok
16:20:14.0944 0x0be4 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:20:14.0947 0x0be4 tcpipreg - ok
16:20:14.0976 0x0be4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:20:14.0978 0x0be4 TDPIPE - ok
16:20:15.0004 0x0be4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:20:15.0007 0x0be4 TDTCP - ok
16:20:15.0048 0x0be4 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:20:15.0053 0x0be4 tdx - ok
16:20:15.0332 0x0be4 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
16:20:15.0463 0x0be4 TeamViewer - ok
16:20:15.0512 0x0be4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:20:15.0517 0x0be4 TermDD - ok
16:20:15.0568 0x0be4 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
16:20:15.0594 0x0be4 TermService - ok
16:20:15.0624 0x0be4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:20:15.0630 0x0be4 Themes - ok
16:20:15.0649 0x0be4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:20:15.0652 0x0be4 THREADORDER - ok
16:20:15.0671 0x0be4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:20:15.0680 0x0be4 TrkWks - ok
16:20:15.0733 0x0be4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:20:15.0738 0x0be4 TrustedInstaller - ok
16:20:15.0776 0x0be4 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:20:15.0779 0x0be4 tssecsrv - ok
16:20:15.0826 0x0be4 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:20:15.0830 0x0be4 TsUsbFlt - ok
16:20:15.0864 0x0be4 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
16:20:15.0867 0x0be4 TsUsbGD - ok
16:20:15.0913 0x0be4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:20:15.0918 0x0be4 tunnel - ok
16:20:15.0932 0x0be4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
16:20:15.0936 0x0be4 uagp35 - ok
16:20:15.0973 0x0be4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:20:15.0990 0x0be4 udfs - ok
16:20:16.0032 0x0be4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:20:16.0037 0x0be4 UI0Detect - ok
16:20:16.0073 0x0be4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:20:16.0076 0x0be4 uliagpkx - ok
16:20:16.0115 0x0be4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:20:16.0118 0x0be4 umbus - ok
16:20:16.0137 0x0be4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
16:20:16.0139 0x0be4 UmPass - ok
16:20:16.0167 0x0be4 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
16:20:16.0184 0x0be4 UmRdpService - ok
16:20:16.0217 0x0be4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:20:16.0234 0x0be4 upnphost - ok
16:20:16.0269 0x0be4 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:20:16.0273 0x0be4 usbccgp - ok
16:20:16.0316 0x0be4 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:20:16.0325 0x0be4 usbcir - ok
16:20:16.0361 0x0be4 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:20:16.0365 0x0be4 usbehci - ok
16:20:16.0417 0x0be4 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:20:16.0434 0x0be4 usbhub - ok
16:20:16.0456 0x0be4 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:20:16.0459 0x0be4 usbohci - ok
16:20:16.0487 0x0be4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:20:16.0490 0x0be4 usbprint - ok
16:20:16.0524 0x0be4 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
16:20:16.0527 0x0be4 usbscan - ok
16:20:16.0554 0x0be4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:20:16.0558 0x0be4 USBSTOR - ok
16:20:16.0603 0x0be4 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:20:16.0605 0x0be4 usbuhci - ok
16:20:16.0625 0x0be4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:20:16.0633 0x0be4 UxSms - ok
16:20:16.0647 0x0be4 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
16:20:16.0649 0x0be4 VaultSvc - ok
16:20:16.0684 0x0be4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:20:16.0686 0x0be4 vdrvroot - ok
16:20:16.0729 0x0be4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:20:16.0755 0x0be4 vds - ok
16:20:16.0773 0x0be4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:20:16.0775 0x0be4 vga - ok
16:20:16.0793 0x0be4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:20:16.0796 0x0be4 VgaSave - ok
16:20:16.0817 0x0be4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:20:16.0834 0x0be4 vhdmp - ok
16:20:16.0853 0x0be4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:20:16.0855 0x0be4 viaide - ok
16:20:16.0898 0x0be4 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
16:20:16.0917 0x0be4 vmbus - ok
16:20:16.0934 0x0be4 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
16:20:16.0936 0x0be4 VMBusHID - ok
16:20:16.0956 0x0be4 vmci - ok
16:20:16.0965 0x0be4 VMnetAdapter - ok
16:20:16.0994 0x0be4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:20:16.0998 0x0be4 volmgr - ok
16:20:17.0025 0x0be4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:20:17.0042 0x0be4 volmgrx - ok
16:20:17.0069 0x0be4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:20:17.0086 0x0be4 volsnap - ok
16:20:17.0108 0x0be4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
16:20:17.0115 0x0be4 vsmraid - ok
16:20:17.0204 0x0be4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:20:17.0255 0x0be4 VSS - ok
16:20:17.0270 0x0be4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:20:17.0273 0x0be4 vwifibus - ok
16:20:17.0301 0x0be4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:20:17.0316 0x0be4 W32Time - ok
16:20:17.0337 0x0be4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
16:20:17.0340 0x0be4 WacomPen - ok
16:20:17.0369 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0373 0x0be4 WANARP - ok
16:20:17.0380 0x0be4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:20:17.0383 0x0be4 Wanarpv6 - ok
16:20:17.0471 0x0be4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:20:17.0538 0x0be4 wbengine - ok
16:20:17.0567 0x0be4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:20:17.0600 0x0be4 WbioSrvc - ok
16:20:17.0624 0x0be4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:20:17.0657 0x0be4 wcncsvc - ok
16:20:17.0679 0x0be4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:20:17.0685 0x0be4 WcsPlugInService - ok
16:20:17.0714 0x0be4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
16:20:17.0717 0x0be4 Wd - ok
16:20:17.0795 0x0be4 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:20:17.0837 0x0be4 Wdf01000 - ok
16:20:17.0873 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:20:17.0880 0x0be4 WdiServiceHost - ok
16:20:17.0890 0x0be4 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:20:17.0894 0x0be4 WdiSystemHost - ok
16:20:17.0942 0x0be4 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:20:17.0956 0x0be4 WebClient - ok
16:20:17.0988 0x0be4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:20:18.0005 0x0be4 Wecsvc - ok
16:20:18.0017 0x0be4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:20:18.0023 0x0be4 wercplsupport - ok
16:20:18.0047 0x0be4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:20:18.0051 0x0be4 WerSvc - ok
16:20:18.0076 0x0be4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:20:18.0078 0x0be4 WfpLwf - ok
16:20:18.0108 0x0be4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:20:18.0111 0x0be4 WIMMount - ok
16:20:18.0132 0x0be4 WinDefend - ok
16:20:18.0150 0x0be4 WinHttpAutoProxySvc - ok
16:20:18.0194 0x0be4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:20:18.0203 0x0be4 Winmgmt - ok
16:20:18.0306 0x0be4 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
16:20:18.0399 0x0be4 WinRM - ok
16:20:18.0458 0x0be4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:20:18.0461 0x0be4 WinUsb - ok
16:20:18.0514 0x0be4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:20:18.0555 0x0be4 Wlansvc - ok
16:20:18.0572 0x0be4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:20:18.0574 0x0be4 WmiAcpi - ok
16:20:18.0610 0x0be4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:20:18.0627 0x0be4 wmiApSrv - ok
16:20:18.0654 0x0be4 WMPNetworkSvc - ok
16:20:18.0661 0x0be4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:20:18.0664 0x0be4 WPCSvc - ok
16:20:18.0683 0x0be4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:20:18.0691 0x0be4 WPDBusEnum - ok
16:20:18.0717 0x0be4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:20:18.0719 0x0be4 ws2ifsl - ok
16:20:18.0748 0x0be4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:20:18.0757 0x0be4 wscsvc - ok
16:20:18.0763 0x0be4 WSearch - ok
16:20:18.0907 0x0be4 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
16:20:19.0009 0x0be4 wuauserv - ok
16:20:19.0052 0x0be4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:20:19.0056 0x0be4 WudfPf - ok
16:20:19.0091 0x0be4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:20:19.0100 0x0be4 WUDFRd - ok
16:20:19.0123 0x0be4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:20:19.0128 0x0be4 wudfsvc - ok
16:20:19.0190 0x0be4 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:20:19.0207 0x0be4 WwanSvc - ok
16:20:19.0283 0x0be4 ================ Scan global ===============================
16:20:19.0332 0x0be4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:20:19.0428 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0469 0x0be4 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
16:20:19.0513 0x0be4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:20:19.0588 0x0be4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:20:19.0598 0x0be4 [ Global ] - ok
16:20:19.0600 0x0be4 ================ Scan MBR ==================================
16:20:19.0619 0x0be4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:20:19.0820 0x0be4 \Device\Harddisk0\DR0 - ok
16:20:19.0820 0x0be4 ================ Scan VBR ==================================
16:20:19.0824 0x0be4 [ F769AA0408A7FABB7A0BE02CC2B6057E ] \Device\Harddisk0\DR0\Partition1
16:20:19.0826 0x0be4 \Device\Harddisk0\DR0\Partition1 - ok
16:20:19.0830 0x0be4 [ 299D461E9AB116841197CF11FCB8C71C ] \Device\Harddisk0\DR0\Partition2
16:20:19.0834 0x0be4 \Device\Harddisk0\DR0\Partition2 - ok
16:20:19.0856 0x0be4 [ B387B3E85DD46C84BFFF0B66AE451F67 ] \Device\Harddisk0\DR0\Partition3
16:20:19.0857 0x0be4 \Device\Harddisk0\DR0\Partition3 - ok
16:20:19.0858 0x0be4 ================ Scan generic autorun ======================
16:20:19.0888 0x0be4 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
16:20:19.0892 0x0be4 IgfxTray - ok
16:20:19.0917 0x0be4 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
16:20:19.0925 0x0be4 HotKeysCmds - ok
16:20:19.0951 0x0be4 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
16:20:19.0959 0x0be4 Persistence - ok
16:20:20.0111 0x0be4 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
16:20:20.0166 0x0be4 CanonMyPrinter - ok
16:20:20.0236 0x0be4 [ 15A8C9530AA97DAF8F917BED957D833C, 3319C6A1B1F9FF0BAC17B7D50105BE28942099A6AFE308BA1A7C8BA0D89FB0D8 ] C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:20.0241 0x0be4 current_mode_pwm - ok
16:20:20.0283 0x0be4 [ C57096C601324DF1C5344BCD39093C0C, C2007D0585105F5AA72C6E1E9A3E69514C32F76BE3A664D4BDB6F9D256667689 ] C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\broadband.exe
16:20:20.0325 0x0be4 glitch_immunity - ok
16:20:20.0396 0x0be4 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
16:20:20.0403 0x0be4 FreePDF Assistant - ok
16:20:20.0471 0x0be4 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
16:20:20.0475 0x0be4 BCSSync - ok
16:20:20.0622 0x0be4 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
16:20:20.0661 0x0be4 CanonSolutionMenuEx - ok
16:20:20.0706 0x0be4 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
16:20:20.0714 0x0be4 IJNetworkScannerSelectorEX - ok
16:20:20.0797 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:20.0839 0x0be4 Sidebar - ok
16:20:20.0875 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:20.0945 0x0be4 mctadmin - ok
16:20:21.0017 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:20:21.0039 0x0be4 Sidebar - ok
16:20:21.0048 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:20:21.0051 0x0be4 mctadmin - ok
16:20:21.0102 0x0be4 [ 755DB0FABD639DE8D9FA6D446BA90D36, 144A3975545311270825E64FE564F16A8895573ABF0B4C0AD07A766D4E8D86DC ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
16:20:21.0112 0x0be4 Gadwin PrintScreen - ok
16:20:21.0228 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:21.0229 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:20:21.0551 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:24.0159 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:24.0159 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:20:26.0606 0x0be4 Object send P2P result: true
16:20:29.0091 0x0be4 Have new async UDS detects: 1
16:20:29.0092 0x0be4 current_mode_pwm - detected UDS:DangerousObject.Multi.Generic ( 0 )
16:20:29.0092 0x0be4 current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - infected
16:20:29.0092 0x0be4 Force sending object to P2P due to detect: C:\Program Files\Common Files\Microsoft Shared\ink\ko-KR\superhard_material\non_return_to_zero.exe
16:20:31.0508 0x0be4 Object send P2P result: true
16:20:33.0897 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:33.0897 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:20:33.0929 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:36.0445 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:36.0445 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:20:38.0860 0x0be4 Object send P2P result: true
16:20:41.0244 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:41.0245 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:41.0253 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:43.0756 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:43.0756 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:46.0168 0x0be4 Object send P2P result: true
16:20:48.0551 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:48.0551 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:20:48.0559 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:51.0067 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:51.0068 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:20:53.0475 0x0be4 Object send P2P result: true
16:20:56.0070 0x0be4 [ E6C60E153524E8C18E06C643B11D5AD3, 834FAEB4AE15C3F197816B0CEF7A45FE361FBDB9ED958C81584ED15751A9AE91 ] C:\Program Files\CCleaner\CCleaner64.exe
16:20:56.0258 0x0be4 ccleaner - ok
16:20:56.0303 0x0be4 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:56.0303 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
16:20:56.0313 0x0be4 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:20:56.0313 0x0be4 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:20:56.0313 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
16:20:58.0722 0x0be4 Object send P2P result: true
16:21:01.0078 0x0be4 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:01.0078 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
16:21:01.0085 0x0be4 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:01.0085 0x0be4 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:01.0086 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
16:21:03.0500 0x0be4 Object send P2P result: true
16:21:05.0876 0x0be4 [ 72F13A189AEECF44596DFBEA7255D5B3, 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833 ] C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:05.0877 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe. md5: 72F13A189AEECF44596DFBEA7255D5B3, sha256: 2FE94F4CA4B5319EFFB8732D718F2380BDA6FE55520E6CA65ED9BD6D1F8B2833
16:21:05.0885 0x0be4 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:05.0886 0x0be4 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:05.0886 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue_progress\issue_let.exe
16:21:08.0300 0x0be4 Object send P2P result: true
16:21:10.0667 0x0be4 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:10.0667 0x0be4 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
16:21:10.0673 0x0be4 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
16:21:10.0673 0x0be4 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
16:21:10.0673 0x0be4 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
16:21:13.0089 0x0be4 Object send P2P result: true
16:21:15.0492 0x0be4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:21:15.0515 0x0be4 Sidebar - ok
16:21:15.0542 0x0be4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:21:15.0545 0x0be4 mctadmin - ok
16:21:15.0625 0x0be4 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WSCSavNotifier.exe ( 12.1.1000.157 ), 0x71000 ( enabled : updated )
16:21:15.0648 0x0be4 Win FW state via NFP2: enabled ( trusted )
16:21:17.0995 0x0be4 ============================================================
16:21:17.0995 0x0be4 Scan finished
16:21:17.0995 0x0be4 ============================================================
16:21:18.0008 0x186c Detected object count: 9
16:21:18.0008 0x186c Actual detected object count: 9
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0349 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - skipped by user
16:21:56.0352 0x186c current_mode_pwm ( UDS:DangerousObject.Multi.Generic ) - User select action: Skip
16:21:56.0356 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0357 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0360 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0363 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0365 0x186c meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0367 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0368 0x186c airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0370 0x186c issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - skipped by user
16:21:56.0375 0x186c court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Skip
Hoffe das passt soweit, da ich nicht wusste welche der drei Logfiles die richtige ist  |
|
15.10.2015, 13:20
| #8 |
| /// the machine /// TB-Ausbilder | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
15.10.2015, 13:43
| #9 |
| | TDSSKiller Log1Code:
ATTFilter 14:38:39.0880 0x0d98 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:38:40.0067 0x0d98 ============================================================
14:38:40.0067 0x0d98 Current date / time: 2015/10/15 14:38:40.0067
14:38:40.0067 0x0d98 SystemInfo:
14:38:40.0067 0x0d98
14:38:40.0067 0x0d98 OS Version: 6.1.7601 ServicePack: 1.0
14:38:40.0067 0x0d98 Product type: Workstation
14:38:40.0067 0x0d98 ComputerName: ADD-INN-BUHA
14:38:40.0067 0x0d98 UserName: Tina
14:38:40.0067 0x0d98 Windows directory: C:\Windows
14:38:40.0067 0x0d98 System windows directory: C:\Windows
14:38:40.0067 0x0d98 Running under WOW64
14:38:40.0067 0x0d98 Processor architecture: Intel x64
14:38:40.0067 0x0d98 Number of processors: 2
14:38:40.0067 0x0d98 Page size: 0x1000
14:38:40.0067 0x0d98 Boot type: Normal boot
14:38:40.0067 0x0d98 ============================================================
14:38:40.0067 0x0d98 BG loaded
14:38:40.0582 0x0d98 System UUID: {781AA5B7-1B30-C024-7160-9241876131D7}
14:38:41.0783 0x0d98 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:38:41.0783 0x0d98 ============================================================
14:38:41.0783 0x0d98 \Device\Harddisk0\DR0:
14:38:41.0783 0x0d98 MBR partitions:
14:38:41.0783 0x0d98 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x404000, BlocksNum 0x32000
14:38:41.0783 0x0d98 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x436000, BlocksNum 0xAF96000
14:38:41.0783 0x0d98 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB3CC000, BlocksNum 0x11DF9000
14:38:41.0783 0x0d98 ============================================================
14:38:41.0814 0x0d98 C: <-> \Device\Harddisk0\DR0\Partition2
14:38:41.0845 0x0d98 D: <-> \Device\Harddisk0\DR0\Partition3
14:38:41.0845 0x0d98 ============================================================
14:38:41.0845 0x0d98 Initialize success
14:38:41.0845 0x0d98 ============================================================
14:38:44.0014 0x0db8 ============================================================
14:38:44.0014 0x0db8 Scan started
14:38:44.0014 0x0db8 Mode: Manual;
14:38:44.0014 0x0db8 ============================================================
14:38:44.0014 0x0db8 KSN ping started
14:38:46.0775 0x0db8 KSN ping finished: true
14:38:48.0850 0x0db8 ================ Scan system memory ========================
14:38:48.0850 0x0db8 System memory - ok
14:38:48.0850 0x0db8 ================ Scan services =============================
14:38:48.0990 0x0db8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:38:49.0021 0x0db8 1394ohci - ok
14:38:49.0099 0x0db8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:38:49.0146 0x0db8 ACPI - ok
14:38:49.0162 0x0db8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:38:49.0162 0x0db8 AcpiPmi - ok
14:38:49.0271 0x0db8 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:38:49.0271 0x0db8 AdobeARMservice - ok
14:38:49.0349 0x0db8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:38:49.0396 0x0db8 adp94xx - ok
14:38:49.0443 0x0db8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:38:49.0474 0x0db8 adpahci - ok
14:38:49.0521 0x0db8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:38:49.0536 0x0db8 adpu320 - ok
14:38:49.0567 0x0db8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:38:49.0567 0x0db8 AeLookupSvc - ok
14:38:49.0614 0x0db8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:38:49.0630 0x0db8 AFD - ok
14:38:49.0661 0x0db8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:38:49.0677 0x0db8 agp440 - ok
14:38:49.0692 0x0db8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:38:49.0692 0x0db8 ALG - ok
14:38:49.0723 0x0db8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:38:49.0739 0x0db8 aliide - ok
14:38:49.0755 0x0db8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:38:49.0770 0x0db8 amdide - ok
14:38:49.0801 0x0db8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:38:49.0817 0x0db8 AmdK8 - ok
14:38:49.0817 0x0db8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:38:49.0833 0x0db8 AmdPPM - ok
14:38:49.0864 0x0db8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:38:49.0879 0x0db8 amdsata - ok
14:38:49.0911 0x0db8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:38:49.0942 0x0db8 amdsbs - ok
14:38:49.0957 0x0db8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:38:49.0973 0x0db8 amdxata - ok
14:38:50.0004 0x0db8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:38:50.0020 0x0db8 AppID - ok
14:38:50.0067 0x0db8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:38:50.0067 0x0db8 AppIDSvc - ok
14:38:50.0098 0x0db8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:38:50.0113 0x0db8 Appinfo - ok
14:38:50.0176 0x0db8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:38:50.0176 0x0db8 AppMgmt - ok
14:38:50.0207 0x0db8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:38:50.0238 0x0db8 arc - ok
14:38:50.0254 0x0db8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:38:50.0254 0x0db8 arcsas - ok
14:38:50.0363 0x0db8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:38:50.0457 0x0db8 aspnet_state - ok
14:38:50.0503 0x0db8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:38:50.0519 0x0db8 AsyncMac - ok
14:38:50.0535 0x0db8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:38:50.0535 0x0db8 atapi - ok
14:38:50.0613 0x0db8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:38:50.0628 0x0db8 AudioEndpointBuilder - ok
14:38:50.0659 0x0db8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:38:50.0675 0x0db8 AudioSrv - ok
14:38:50.0722 0x0db8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:38:50.0722 0x0db8 AxInstSV - ok
14:38:50.0784 0x0db8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:38:50.0831 0x0db8 b06bdrv - ok
14:38:50.0878 0x0db8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:38:50.0909 0x0db8 b57nd60a - ok
14:38:50.0956 0x0db8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:38:50.0956 0x0db8 BDESVC - ok
14:38:50.0971 0x0db8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:38:50.0971 0x0db8 Beep - ok
14:38:51.0034 0x0db8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:38:51.0049 0x0db8 BFE - ok
14:38:51.0221 0x0db8 [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys
14:38:51.0252 0x0db8 BHDrvx64 - ok
14:38:51.0315 0x0db8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:38:51.0330 0x0db8 BITS - ok
14:38:51.0361 0x0db8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:38:51.0361 0x0db8 blbdrive - ok
14:38:51.0393 0x0db8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:38:51.0393 0x0db8 bowser - ok
14:38:51.0408 0x0db8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:38:51.0408 0x0db8 BrFiltLo - ok
14:38:51.0439 0x0db8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:38:51.0439 0x0db8 BrFiltUp - ok
14:38:51.0455 0x0db8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:38:51.0455 0x0db8 Browser - ok
14:38:51.0502 0x0db8 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
14:38:51.0517 0x0db8 BrSerIb - ok
14:38:51.0549 0x0db8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:38:51.0580 0x0db8 Brserid - ok
14:38:51.0611 0x0db8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:38:51.0611 0x0db8 BrSerWdm - ok
14:38:51.0627 0x0db8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:38:51.0642 0x0db8 BrUsbMdm - ok
14:38:51.0658 0x0db8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:38:51.0673 0x0db8 BrUsbSer - ok
14:38:51.0705 0x0db8 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
14:38:51.0736 0x0db8 BrUsbSIb - ok
14:38:51.0767 0x0db8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:38:51.0767 0x0db8 BTHMODEM - ok
14:38:51.0798 0x0db8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:38:51.0798 0x0db8 bthserv - ok
14:38:51.0829 0x0db8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:38:51.0861 0x0db8 cdfs - ok
14:38:51.0892 0x0db8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:38:51.0892 0x0db8 cdrom - ok
14:38:51.0939 0x0db8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:38:51.0939 0x0db8 CertPropSvc - ok
14:38:52.0063 0x0db8 [ DEB2BF636F8C16BE3B66FD8F66306050, ED79B05E2ACA4B5E85D1133CB3CEF4A01D16CC4E161168A04AE56F4DDF22E0C8 ] charge_termination_method C:\Windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\laplace_transform.exe
14:38:52.0063 0x0db8 charge_termination_method - ok
14:38:52.0095 0x0db8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:38:52.0110 0x0db8 circlass - ok
14:38:52.0157 0x0db8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:38:52.0173 0x0db8 CLFS - ok
14:38:52.0219 0x0db8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:38:52.0251 0x0db8 clr_optimization_v2.0.50727_32 - ok
14:38:52.0297 0x0db8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:38:52.0329 0x0db8 clr_optimization_v2.0.50727_64 - ok
14:38:52.0391 0x0db8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:38:52.0625 0x0db8 clr_optimization_v4.0.30319_32 - ok
14:38:52.0641 0x0db8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:38:52.0672 0x0db8 clr_optimization_v4.0.30319_64 - ok
14:38:52.0703 0x0db8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:38:52.0719 0x0db8 CmBatt - ok
14:38:52.0750 0x0db8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:38:52.0750 0x0db8 cmdide - ok
14:38:52.0797 0x0db8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:38:52.0812 0x0db8 CNG - ok
14:38:52.0843 0x0db8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:38:52.0843 0x0db8 Compbatt - ok
14:38:52.0875 0x0db8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:38:52.0875 0x0db8 CompositeBus - ok
14:38:52.0890 0x0db8 COMSysApp - ok
14:38:52.0906 0x0db8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:38:52.0906 0x0db8 crcdisk - ok
14:38:52.0953 0x0db8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:38:52.0968 0x0db8 CryptSvc - ok
14:38:52.0999 0x0db8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:38:53.0015 0x0db8 CSC - ok
14:38:53.0046 0x0db8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:38:53.0062 0x0db8 CscService - ok
14:38:53.0093 0x0db8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:38:53.0109 0x0db8 DcomLaunch - ok
14:38:53.0140 0x0db8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:38:53.0140 0x0db8 defragsvc - ok
14:38:53.0171 0x0db8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:38:53.0171 0x0db8 DfsC - ok
14:38:53.0202 0x0db8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:38:53.0218 0x0db8 Dhcp - ok
14:38:53.0233 0x0db8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:38:53.0233 0x0db8 discache - ok
14:38:53.0249 0x0db8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:38:53.0249 0x0db8 Disk - ok
14:38:53.0280 0x0db8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:38:53.0280 0x0db8 dmvsc - ok
14:38:53.0327 0x0db8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:38:53.0327 0x0db8 Dnscache - ok
14:38:53.0374 0x0db8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:38:53.0374 0x0db8 dot3svc - ok
14:38:53.0389 0x0db8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:38:53.0389 0x0db8 DPS - ok
14:38:53.0436 0x0db8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:38:53.0452 0x0db8 drmkaud - ok
14:38:53.0561 0x0db8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:38:53.0577 0x0db8 DXGKrnl - ok
14:38:53.0608 0x0db8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:38:53.0608 0x0db8 EapHost - ok
14:38:53.0779 0x0db8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:38:53.0920 0x0db8 ebdrv - ok
14:38:53.0998 0x0db8 [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:38:54.0013 0x0db8 eeCtrl - ok
14:38:54.0045 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
14:38:54.0045 0x0db8 EFS - ok
14:38:54.0123 0x0db8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:38:54.0138 0x0db8 ehRecvr - ok
14:38:54.0154 0x0db8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:38:54.0154 0x0db8 ehSched - ok
14:38:54.0201 0x0db8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:38:54.0232 0x0db8 elxstor - ok
14:38:54.0263 0x0db8 [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:38:54.0263 0x0db8 EraserUtilRebootDrv - ok
14:38:54.0279 0x0db8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:38:54.0279 0x0db8 ErrDev - ok
14:38:54.0325 0x0db8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:38:54.0325 0x0db8 EventSystem - ok
14:38:54.0357 0x0db8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:38:54.0372 0x0db8 exfat - ok
14:38:54.0388 0x0db8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:38:54.0403 0x0db8 fastfat - ok
14:38:54.0435 0x0db8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:38:54.0497 0x0db8 Fax - ok
14:38:54.0513 0x0db8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:38:54.0513 0x0db8 fdc - ok
14:38:54.0528 0x0db8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:38:54.0544 0x0db8 fdPHost - ok
14:38:54.0559 0x0db8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:38:54.0559 0x0db8 FDResPub - ok
14:38:54.0575 0x0db8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:38:54.0575 0x0db8 FileInfo - ok
14:38:54.0591 0x0db8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:38:54.0591 0x0db8 Filetrace - ok
14:38:54.0606 0x0db8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:38:54.0606 0x0db8 flpydisk - ok
14:38:54.0637 0x0db8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:38:54.0637 0x0db8 FltMgr - ok
14:38:54.0700 0x0db8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:38:54.0731 0x0db8 FontCache - ok
14:38:54.0762 0x0db8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:38:54.0778 0x0db8 FontCache3.0.0.0 - ok
14:38:54.0809 0x0db8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:38:54.0809 0x0db8 FsDepends - ok
14:38:54.0825 0x0db8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:38:54.0840 0x0db8 Fs_Rec - ok
14:38:54.0887 0x0db8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:38:54.0887 0x0db8 fvevol - ok
14:38:54.0918 0x0db8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:38:54.0934 0x0db8 gagp30kx - ok
14:38:55.0027 0x0db8 [ F184BF99066764F9B0507C26404DD271, 99721A2407BC86B88CA1D36949EFBFC9DE97204821A63F2E3F4CB27C9F59FD83 ] galvanic_isolation C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe
14:38:55.0027 0x0db8 galvanic_isolation - ok
14:38:55.0105 0x0db8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:38:55.0137 0x0db8 gpsvc - ok
14:38:55.0168 0x0db8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:38:55.0183 0x0db8 hcw85cir - ok
14:38:55.0230 0x0db8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:38:55.0230 0x0db8 HdAudAddService - ok
14:38:55.0261 0x0db8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:38:55.0261 0x0db8 HDAudBus - ok
14:38:55.0277 0x0db8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:38:55.0293 0x0db8 HidBatt - ok
14:38:55.0308 0x0db8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:38:55.0308 0x0db8 HidBth - ok
14:38:55.0324 0x0db8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:38:55.0324 0x0db8 HidIr - ok
14:38:55.0355 0x0db8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:38:55.0355 0x0db8 hidserv - ok
14:38:55.0402 0x0db8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:38:55.0402 0x0db8 HidUsb - ok
14:38:55.0433 0x0db8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:38:55.0433 0x0db8 hkmsvc - ok
14:38:55.0464 0x0db8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:38:55.0480 0x0db8 HomeGroupListener - ok
14:38:55.0511 0x0db8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:38:55.0527 0x0db8 HomeGroupProvider - ok
14:38:55.0542 0x0db8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:38:55.0542 0x0db8 HpSAMD - ok
14:38:55.0620 0x0db8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:38:55.0636 0x0db8 HTTP - ok
14:38:55.0651 0x0db8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:38:55.0651 0x0db8 hwpolicy - ok
14:38:55.0683 0x0db8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:38:55.0683 0x0db8 i8042prt - ok
14:38:55.0729 0x0db8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:38:55.0729 0x0db8 iaStorV - ok
14:38:55.0823 0x0db8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:38:55.0885 0x0db8 idsvc - ok
14:38:55.0979 0x0db8 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151014.001\IDSvia64.sys
14:38:55.0995 0x0db8 IDSVia64 - ok
14:38:56.0026 0x0db8 IEEtwCollectorService - ok
14:38:56.0260 0x0db8 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:38:56.0369 0x0db8 igfx - ok
14:38:56.0416 0x0db8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:38:56.0416 0x0db8 iirsp - ok
14:38:56.0494 0x0db8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:38:56.0509 0x0db8 IKEEXT - ok
14:38:56.0541 0x0db8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:38:56.0556 0x0db8 intelide - ok
14:38:56.0587 0x0db8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:38:56.0587 0x0db8 intelppm - ok
14:38:56.0619 0x0db8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:38:56.0634 0x0db8 IPBusEnum - ok
14:38:56.0650 0x0db8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:38:56.0650 0x0db8 IpFilterDriver - ok
14:38:56.0712 0x0db8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:38:56.0728 0x0db8 iphlpsvc - ok
14:38:56.0743 0x0db8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:38:56.0759 0x0db8 IPMIDRV - ok
14:38:56.0790 0x0db8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:38:56.0790 0x0db8 IPNAT - ok
14:38:56.0806 0x0db8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:38:56.0806 0x0db8 IRENUM - ok
14:38:56.0821 0x0db8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:38:56.0821 0x0db8 isapnp - ok
14:38:56.0868 0x0db8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:38:56.0884 0x0db8 iScsiPrt - ok
14:38:56.0899 0x0db8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:38:56.0899 0x0db8 kbdclass - ok
14:38:56.0931 0x0db8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:38:56.0931 0x0db8 kbdhid - ok
14:38:56.0931 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
14:38:56.0931 0x0db8 KeyIso - ok
14:38:56.0993 0x0db8 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:38:57.0009 0x0db8 KSecDD - ok
14:38:57.0024 0x0db8 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:38:57.0040 0x0db8 KSecPkg - ok
14:38:57.0071 0x0db8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:38:57.0071 0x0db8 ksthunk - ok
14:38:57.0102 0x0db8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:38:57.0118 0x0db8 KtmRm - ok
14:38:57.0165 0x0db8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:38:57.0180 0x0db8 LanmanServer - ok
14:38:57.0211 0x0db8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:38:57.0227 0x0db8 LanmanWorkstation - ok
14:38:57.0258 0x0db8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:38:57.0258 0x0db8 lltdio - ok
14:38:57.0274 0x0db8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:38:57.0274 0x0db8 lltdsvc - ok
14:38:57.0305 0x0db8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:38:57.0305 0x0db8 lmhosts - ok
14:38:57.0336 0x0db8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:38:57.0336 0x0db8 LSI_FC - ok
14:38:57.0367 0x0db8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:38:57.0399 0x0db8 LSI_SAS - ok
14:38:57.0430 0x0db8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:38:57.0461 0x0db8 LSI_SAS2 - ok
14:38:57.0477 0x0db8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:38:57.0492 0x0db8 LSI_SCSI - ok
14:38:57.0508 0x0db8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:38:57.0523 0x0db8 luafv - ok
14:38:57.0539 0x0db8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:38:57.0555 0x0db8 Mcx2Svc - ok
14:38:57.0586 0x0db8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:38:57.0601 0x0db8 megasas - ok
14:38:57.0633 0x0db8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:38:57.0648 0x0db8 MegaSR - ok
14:38:57.0726 0x0db8 Microsoft SharePoint Workspace Audit Service - ok
14:38:57.0757 0x0db8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:38:57.0757 0x0db8 MMCSS - ok
14:38:57.0773 0x0db8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:38:57.0773 0x0db8 Modem - ok
14:38:57.0804 0x0db8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:38:57.0804 0x0db8 monitor - ok
14:38:57.0820 0x0db8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:38:57.0835 0x0db8 mouclass - ok
14:38:57.0851 0x0db8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:38:57.0851 0x0db8 mouhid - ok
14:38:57.0882 0x0db8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:38:57.0882 0x0db8 mountmgr - ok
14:38:57.0960 0x0db8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:38:57.0976 0x0db8 MozillaMaintenance - ok
14:38:58.0007 0x0db8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:38:58.0023 0x0db8 mpio - ok
14:38:58.0038 0x0db8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:38:58.0038 0x0db8 mpsdrv - ok
14:38:58.0085 0x0db8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:38:58.0101 0x0db8 MpsSvc - ok
14:38:58.0147 0x0db8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:38:58.0179 0x0db8 MRxDAV - ok
14:38:58.0210 0x0db8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:38:58.0225 0x0db8 mrxsmb - ok
14:38:58.0272 0x0db8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:38:58.0288 0x0db8 mrxsmb10 - ok
14:38:58.0319 0x0db8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:38:58.0335 0x0db8 mrxsmb20 - ok
14:38:58.0366 0x0db8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:38:58.0444 0x0db8 msahci - ok
14:38:58.0522 0x0db8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:38:58.0584 0x0db8 msdsm - ok
14:38:58.0647 0x0db8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:38:58.0709 0x0db8 MSDTC - ok
14:38:59.0333 0x0db8 [ 3DE4F1440DE21DC7DECEE9B1F1AC35D8, F4D75C1D84CF27DF421E144F2733EA20BD4F1415B43C379D6D73EBB3BA8CE037 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
14:38:59.0380 0x0db8 MsDtsServer110 - ok
14:38:59.0411 0x0db8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:38:59.0411 0x0db8 Msfs - ok
14:38:59.0442 0x0db8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:38:59.0442 0x0db8 mshidkmdf - ok
14:38:59.0473 0x0db8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:38:59.0473 0x0db8 msisadrv - ok
14:38:59.0551 0x0db8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:38:59.0567 0x0db8 MSiSCSI - ok
14:38:59.0583 0x0db8 msiserver - ok
14:38:59.0629 0x0db8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:38:59.0629 0x0db8 MSKSSRV - ok
14:38:59.0629 0x0db8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:38:59.0645 0x0db8 MSPCLOCK - ok
14:38:59.0645 0x0db8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:38:59.0645 0x0db8 MSPQM - ok
14:38:59.0676 0x0db8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:38:59.0692 0x0db8 MsRPC - ok
14:38:59.0754 0x0db8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:38:59.0754 0x0db8 mssmbios - ok
14:38:59.0832 0x0db8 [ F4991C8C070C86082E6F0597F73E02D0, C39F47D2D4525BB4950827F1EDB92CCF5067267AA1AAEF7137E45482C1436D97 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
14:38:59.0863 0x0db8 MSSQLFDLauncher - ok
14:38:59.0926 0x0db8 [ 64D793C35644E12FA72A679069F85668, 071E9A8863E7ADFD81678CC84AB9053B13D999920C4A8282C3E28A5A30D0123A ] MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
14:38:59.0973 0x0db8 MSSQLSERVER - ok
14:39:00.0035 0x0db8 MSSQLServerOLAPService - ok
14:39:00.0051 0x0db8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:39:00.0082 0x0db8 MSTEE - ok
14:39:00.0097 0x0db8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:39:00.0113 0x0db8 MTConfig - ok
14:39:00.0113 0x0db8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:39:00.0113 0x0db8 Mup - ok
14:39:00.0160 0x0db8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:39:00.0191 0x0db8 napagent - ok
14:39:00.0207 0x0db8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:39:00.0222 0x0db8 NativeWifiP - ok
14:39:00.0300 0x0db8 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151014.054\ENG64.SYS
14:39:00.0300 0x0db8 NAVENG - ok
14:39:00.0441 0x0db8 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151014.054\EX64.SYS
14:39:00.0472 0x0db8 NAVEX15 - ok
14:39:00.0550 0x0db8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:39:00.0565 0x0db8 NDIS - ok
14:39:00.0597 0x0db8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:39:00.0597 0x0db8 NdisCap - ok
14:39:00.0612 0x0db8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:39:00.0612 0x0db8 NdisTapi - ok
14:39:00.0628 0x0db8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:39:00.0628 0x0db8 Ndisuio - ok
14:39:00.0643 0x0db8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:39:00.0643 0x0db8 NdisWan - ok
14:39:00.0659 0x0db8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:39:00.0659 0x0db8 NDProxy - ok
14:39:00.0690 0x0db8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:39:00.0690 0x0db8 NetBIOS - ok
14:39:00.0706 0x0db8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:39:00.0721 0x0db8 NetBT - ok
14:39:00.0721 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
14:39:00.0721 0x0db8 Netlogon - ok
14:39:00.0768 0x0db8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:39:00.0784 0x0db8 Netman - ok
14:39:00.0815 0x0db8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:00.0862 0x0db8 NetMsmqActivator - ok
14:39:00.0893 0x0db8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:00.0893 0x0db8 NetPipeActivator - ok
14:39:00.0940 0x0db8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:39:00.0955 0x0db8 netprofm - ok
14:39:00.0971 0x0db8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:00.0987 0x0db8 NetTcpActivator - ok
14:39:00.0987 0x0db8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:39:01.0002 0x0db8 NetTcpPortSharing - ok
14:39:01.0018 0x0db8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:39:01.0033 0x0db8 nfrd960 - ok
14:39:01.0065 0x0db8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:39:01.0080 0x0db8 NlaSvc - ok
14:39:01.0080 0x0db8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:39:01.0080 0x0db8 Npfs - ok
14:39:01.0111 0x0db8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:39:01.0111 0x0db8 nsi - ok
14:39:01.0111 0x0db8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:39:01.0111 0x0db8 nsiproxy - ok
14:39:01.0236 0x0db8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:39:01.0330 0x0db8 Ntfs - ok
14:39:01.0361 0x0db8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:39:01.0361 0x0db8 Null - ok
14:39:01.0408 0x0db8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:39:01.0455 0x0db8 nvraid - ok
14:39:01.0486 0x0db8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:39:01.0486 0x0db8 nvstor - ok
14:39:01.0517 0x0db8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:39:01.0517 0x0db8 nv_agp - ok
14:39:01.0533 0x0db8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:39:01.0533 0x0db8 ohci1394 - ok
14:39:01.0611 0x0db8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:39:01.0642 0x0db8 ose - ok
14:39:01.0907 0x0db8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:39:02.0125 0x0db8 osppsvc - ok
14:39:02.0172 0x0db8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:39:02.0172 0x0db8 p2pimsvc - ok
14:39:02.0203 0x0db8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:39:02.0219 0x0db8 p2psvc - ok
14:39:02.0250 0x0db8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:39:02.0266 0x0db8 Parport - ok
14:39:02.0297 0x0db8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:39:02.0297 0x0db8 partmgr - ok
14:39:02.0328 0x0db8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:39:02.0344 0x0db8 PcaSvc - ok
14:39:02.0375 0x0db8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:39:02.0375 0x0db8 pci - ok
14:39:02.0406 0x0db8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:39:02.0422 0x0db8 pciide - ok
14:39:02.0453 0x0db8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:39:02.0453 0x0db8 pcmcia - ok
14:39:02.0484 0x0db8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:39:02.0484 0x0db8 pcw - ok
14:39:02.0531 0x0db8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:39:02.0547 0x0db8 PEAUTH - ok
14:39:02.0609 0x0db8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:39:02.0640 0x0db8 PeerDistSvc - ok
14:39:02.0687 0x0db8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:39:02.0687 0x0db8 PerfHost - ok
14:39:02.0765 0x0db8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:39:02.0796 0x0db8 pla - ok
14:39:02.0827 0x0db8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:39:02.0843 0x0db8 PlugPlay - ok
14:39:02.0859 0x0db8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:39:02.0859 0x0db8 PNRPAutoReg - ok
14:39:02.0874 0x0db8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:39:02.0874 0x0db8 PNRPsvc - ok
14:39:02.0921 0x0db8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:39:02.0937 0x0db8 PolicyAgent - ok
14:39:02.0968 0x0db8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:39:02.0968 0x0db8 Power - ok
14:39:02.0999 0x0db8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:39:02.0999 0x0db8 PptpMiniport - ok
14:39:03.0015 0x0db8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:39:03.0030 0x0db8 Processor - ok
14:39:03.0077 0x0db8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:39:03.0093 0x0db8 ProfSvc - ok
14:39:03.0108 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:39:03.0108 0x0db8 ProtectedStorage - ok
14:39:03.0124 0x0db8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:39:03.0124 0x0db8 Psched - ok
14:39:03.0217 0x0db8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:39:03.0280 0x0db8 ql2300 - ok
14:39:03.0327 0x0db8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:39:03.0327 0x0db8 ql40xx - ok
14:39:03.0358 0x0db8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:39:03.0373 0x0db8 QWAVE - ok
14:39:03.0389 0x0db8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:39:03.0389 0x0db8 QWAVEdrv - ok
14:39:03.0389 0x0db8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:39:03.0405 0x0db8 RasAcd - ok
14:39:03.0420 0x0db8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:39:03.0420 0x0db8 RasAgileVpn - ok
14:39:03.0436 0x0db8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:39:03.0436 0x0db8 RasAuto - ok
14:39:03.0451 0x0db8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:39:03.0467 0x0db8 Rasl2tp - ok
14:39:03.0483 0x0db8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:39:03.0483 0x0db8 RasMan - ok
14:39:03.0498 0x0db8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:39:03.0514 0x0db8 RasPppoe - ok
14:39:03.0529 0x0db8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:39:03.0529 0x0db8 RasSstp - ok
14:39:03.0561 0x0db8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:39:03.0576 0x0db8 rdbss - ok
14:39:03.0576 0x0db8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:39:03.0576 0x0db8 rdpbus - ok
14:39:03.0592 0x0db8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:39:03.0592 0x0db8 RDPCDD - ok
14:39:03.0623 0x0db8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:39:03.0639 0x0db8 RDPDR - ok
14:39:03.0670 0x0db8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:39:03.0670 0x0db8 RDPENCDD - ok
14:39:03.0685 0x0db8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:39:03.0685 0x0db8 RDPREFMP - ok
14:39:03.0763 0x0db8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:39:03.0810 0x0db8 RdpVideoMiniport - ok
14:39:03.0873 0x0db8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:39:03.0888 0x0db8 RDPWD - ok
14:39:03.0919 0x0db8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:39:03.0951 0x0db8 rdyboost - ok
14:39:03.0982 0x0db8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:39:03.0982 0x0db8 RemoteAccess - ok
14:39:04.0013 0x0db8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:39:04.0029 0x0db8 RemoteRegistry - ok
14:39:04.0231 0x0db8 [ 0D84CB080B36EECBC8201E046C6CE763, 195344E2E623B811349FD594880D45D7B992580A83FF82C3354B0ED4C50A999F ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
14:39:04.0356 0x0db8 ReportServer - ok
14:39:04.0387 0x0db8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:39:04.0403 0x0db8 RpcEptMapper - ok
14:39:04.0419 0x0db8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:39:04.0419 0x0db8 RpcLocator - ok
14:39:04.0450 0x0db8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:39:04.0450 0x0db8 RpcSs - ok
14:39:04.0528 0x0db8 [ 964E8376B0B3FE1354B19907E1A4A692, 7B955D071EC7E681DA11F1DBF530AEE03A120D2FBA184A2A203E59BA1121C3AB ] RsFx0201 C:\Windows\system32\DRIVERS\RsFx0201.sys
14:39:04.0559 0x0db8 RsFx0201 - ok
14:39:04.0575 0x0db8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:39:04.0575 0x0db8 rspndr - ok
14:39:04.0606 0x0db8 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
14:39:04.0621 0x0db8 RTL8023x64 - ok
14:39:04.0637 0x0db8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:39:04.0653 0x0db8 s3cap - ok
14:39:04.0746 0x0db8 [ 5D9932536F12E1E125DC9B48E2CDF784, B149E606E35FF1038BAAF41648AE7542D788F4101C6BB92506EF2D9D3AD325FC ] SageDeploymentService C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
14:39:04.0762 0x0db8 SageDeploymentService - ok
14:39:04.0809 0x0db8 [ F6A730B70F4BB31133C2C0C45A369671, 68BD5CCCC4E6E1EFAC336BE1FBD4963F30169E29D7DDFF6FBDF2893DEAF85200 ] SageMultiUserService40 C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
14:39:04.0809 0x0db8 SageMultiUserService40 - ok
14:39:04.0840 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
14:39:04.0840 0x0db8 SamSs - ok
14:39:04.0871 0x0db8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:39:04.0887 0x0db8 sbp2port - ok
14:39:04.0918 0x0db8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:39:04.0918 0x0db8 SCardSvr - ok
14:39:04.0933 0x0db8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:39:04.0933 0x0db8 scfilter - ok
14:39:04.0980 0x0db8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:39:05.0011 0x0db8 Schedule - ok
14:39:05.0043 0x0db8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:39:05.0043 0x0db8 SCPolicySvc - ok
14:39:05.0058 0x0db8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:39:05.0058 0x0db8 SDRSVC - ok
14:39:05.0089 0x0db8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:39:05.0089 0x0db8 secdrv - ok
14:39:05.0089 0x0db8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:39:05.0089 0x0db8 seclogon - ok
14:39:05.0105 0x0db8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:39:05.0105 0x0db8 SENS - ok
14:39:05.0121 0x0db8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:39:05.0121 0x0db8 SensrSvc - ok
14:39:05.0183 0x0db8 [ 74885BDFF62E537F268EBF8E8CEC24BB, D49949C3ED3CE748FD5EF0CA4ECEA5F30B9EEAE365EBA7072A0BE203A84D8227 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
14:39:05.0199 0x0db8 SepMasterService - ok
14:39:05.0230 0x0db8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:39:05.0230 0x0db8 Serenum - ok
14:39:05.0245 0x0db8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:39:05.0261 0x0db8 Serial - ok
14:39:05.0277 0x0db8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:39:05.0292 0x0db8 sermouse - ok
14:39:05.0323 0x0db8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:39:05.0339 0x0db8 SessionEnv - ok
14:39:05.0339 0x0db8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:39:05.0339 0x0db8 sffdisk - ok
14:39:05.0355 0x0db8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:39:05.0355 0x0db8 sffp_mmc - ok
14:39:05.0370 0x0db8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:39:05.0370 0x0db8 sffp_sd - ok
14:39:05.0386 0x0db8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:39:05.0386 0x0db8 sfloppy - ok
14:39:05.0417 0x0db8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:39:05.0433 0x0db8 SharedAccess - ok
14:39:05.0464 0x0db8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:39:05.0464 0x0db8 ShellHWDetection - ok
14:39:05.0495 0x0db8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:39:05.0495 0x0db8 SiSRaid2 - ok
14:39:05.0511 0x0db8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:39:05.0511 0x0db8 SiSRaid4 - ok
14:39:05.0542 0x0db8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:39:05.0557 0x0db8 Smb - ok
14:39:05.0682 0x0db8 [ B8EF6F1FAFBE89E24E152907605E7A25, B1771BB419265EFBA3185DA884FD921C66A86492C3DF19AB06E26010372C9442 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
14:39:05.0729 0x0db8 SmcService - ok
14:39:05.0776 0x0db8 [ 89733DCC3817455FBC3AB4A3C19EE765, 0D550153860D9557BC5E8B7B03CEF677FA4E24DB0A8F51F536B87D1CD0100A1C ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
14:39:05.0776 0x0db8 SNAC - ok
14:39:05.0823 0x0db8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:39:05.0823 0x0db8 SNMPTRAP - ok
14:39:05.0854 0x0db8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:39:05.0869 0x0db8 spldr - ok
14:39:05.0916 0x0db8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:39:05.0947 0x0db8 Spooler - ok
14:39:06.0103 0x0db8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:39:06.0166 0x0db8 sppsvc - ok
14:39:06.0197 0x0db8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:39:06.0197 0x0db8 sppuinotify - ok
14:39:06.0291 0x0db8 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:39:06.0306 0x0db8 SQLBrowser - ok
14:39:06.0400 0x0db8 [ F4A50C0B17A39B77B2DAB6A89C1A820F, 750CB6E862D45B28BF2822D5A053FB06D2D45EE45C8F28322BE892E81E48FB47 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
14:39:06.0462 0x0db8 SQLSERVERAGENT - ok
14:39:06.0540 0x0db8 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:39:06.0556 0x0db8 SQLWriter - ok
14:39:06.0618 0x0db8 [ 48FD53FED3C81726001E438A2201E9FF, 96CC81F74917960382101AD839D86DEA8B48BE7211A00BCC2AB400BA1E4CBCB1 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
14:39:06.0649 0x0db8 SRTSP - ok
14:39:06.0681 0x0db8 [ 63199A936D9BDEA578DFB8F5E9A40095, B38593311A6ACCA1F3EE3F441A533DCB7639E6E6FCA4A83A5B11696A355CD533 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
14:39:06.0696 0x0db8 SRTSPX - ok
14:39:06.0743 0x0db8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:39:06.0759 0x0db8 srv - ok
14:39:06.0790 0x0db8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:39:06.0790 0x0db8 srv2 - ok
14:39:06.0805 0x0db8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:39:06.0821 0x0db8 srvnet - ok
14:39:06.0852 0x0db8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:39:06.0852 0x0db8 SSDPSRV - ok
14:39:06.0868 0x0db8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:39:06.0868 0x0db8 SstpSvc - ok
14:39:06.0883 0x0db8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:39:06.0883 0x0db8 stexstor - ok
14:39:06.0930 0x0db8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:39:06.0946 0x0db8 stisvc - ok
14:39:06.0961 0x0db8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:39:06.0977 0x0db8 storflt - ok
14:39:06.0993 0x0db8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:39:06.0993 0x0db8 StorSvc - ok
14:39:07.0008 0x0db8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:39:07.0024 0x0db8 storvsc - ok
14:39:07.0055 0x0db8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:39:07.0055 0x0db8 swenum - ok
14:39:07.0102 0x0db8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:39:07.0117 0x0db8 swprv - ok
14:39:07.0149 0x0db8 [ F017987B177F7BBC989318D59309D091, 3ED316AC86FB1F871B36ABA65E5B164B22D255B7509574A2CA8FC878A1142266 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
14:39:07.0164 0x0db8 SymDS - ok
14:39:07.0211 0x0db8 [ E7F25D768EE0CDF69D8B752398C262BB, D401B892EB4C7CFCEDBFB228EA8918513674A26516CA733F4777050F4F425D2A ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
14:39:07.0242 0x0db8 SymEFA - ok
14:39:07.0289 0x0db8 [ 36B77F5C9E21F88A8C8EC67AD5415819, 0ECB96799F614C1C17F2D705A3C17E83078225A2350F3048A11F5C3164F7894A ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:39:07.0305 0x0db8 SymEvent - ok
14:39:07.0320 0x0db8 [ 1611FA7A95A48387DF22757FA81B46A9, B32C4D9FB9D35B5A37D9BF321F6BE2964EE536BADFFEB23C3D8693C08B35A795 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
14:39:07.0336 0x0db8 SymIRON - ok
14:39:07.0351 0x0db8 [ D41557715C1C792D1391DB5AA81A00DF, D08013347ED5F3CD62BF48075A2A5C71E2EE5E95A7BDB43F2435D5F0F19880D8 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
14:39:07.0367 0x0db8 SYMNETS - ok
14:39:07.0445 0x0db8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:39:07.0476 0x0db8 SysMain - ok
14:39:07.0507 0x0db8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:39:07.0507 0x0db8 TabletInputService - ok
14:39:07.0523 0x0db8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:39:07.0523 0x0db8 TapiSrv - ok
14:39:07.0539 0x0db8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:39:07.0539 0x0db8 TBS - ok
14:39:07.0648 0x0db8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:39:07.0710 0x0db8 Tcpip - ok
14:39:07.0788 0x0db8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:39:07.0835 0x0db8 TCPIP6 - ok
14:39:07.0866 0x0db8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:39:07.0866 0x0db8 tcpipreg - ok
14:39:07.0897 0x0db8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:39:07.0897 0x0db8 TDPIPE - ok
14:39:07.0929 0x0db8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:39:07.0944 0x0db8 TDTCP - ok
14:39:07.0991 0x0db8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:39:07.0991 0x0db8 tdx - ok
14:39:08.0256 0x0db8 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:39:08.0350 0x0db8 TeamViewer - ok
14:39:08.0397 0x0db8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:39:08.0397 0x0db8 TermDD - ok
14:39:08.0443 0x0db8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:39:08.0459 0x0db8 TermService - ok
14:39:08.0490 0x0db8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:39:08.0490 0x0db8 Themes - ok
14:39:08.0506 0x0db8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:39:08.0506 0x0db8 THREADORDER - ok
14:39:08.0537 0x0db8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:39:08.0537 0x0db8 TrkWks - ok
14:39:08.0584 0x0db8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:39:08.0584 0x0db8 TrustedInstaller - ok
14:39:08.0615 0x0db8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:39:08.0615 0x0db8 tssecsrv - ok
14:39:08.0662 0x0db8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:39:08.0677 0x0db8 TsUsbFlt - ok
14:39:08.0709 0x0db8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:39:08.0740 0x0db8 TsUsbGD - ok
14:39:08.0771 0x0db8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:39:08.0771 0x0db8 tunnel - ok
14:39:08.0802 0x0db8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:39:08.0818 0x0db8 uagp35 - ok
14:39:08.0849 0x0db8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:39:08.0880 0x0db8 udfs - ok
14:39:08.0911 0x0db8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:39:08.0927 0x0db8 UI0Detect - ok
14:39:08.0958 0x0db8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:39:08.0958 0x0db8 uliagpkx - ok
14:39:08.0989 0x0db8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:39:08.0989 0x0db8 umbus - ok
14:39:09.0005 0x0db8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:39:09.0005 0x0db8 UmPass - ok
14:39:09.0036 0x0db8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:39:09.0052 0x0db8 UmRdpService - ok
14:39:09.0083 0x0db8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:39:09.0083 0x0db8 upnphost - ok
14:39:09.0114 0x0db8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:39:09.0114 0x0db8 usbccgp - ok
14:39:09.0161 0x0db8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:39:09.0192 0x0db8 usbcir - ok
14:39:09.0223 0x0db8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:39:09.0239 0x0db8 usbehci - ok
14:39:09.0270 0x0db8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:39:09.0286 0x0db8 usbhub - ok
14:39:09.0301 0x0db8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:39:09.0317 0x0db8 usbohci - ok
14:39:09.0348 0x0db8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:39:09.0364 0x0db8 usbprint - ok
14:39:09.0395 0x0db8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:39:09.0411 0x0db8 usbscan - ok
14:39:09.0442 0x0db8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:39:09.0457 0x0db8 USBSTOR - ok
14:39:09.0504 0x0db8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:39:09.0504 0x0db8 usbuhci - ok
14:39:09.0520 0x0db8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:39:09.0535 0x0db8 UxSms - ok
14:39:09.0551 0x0db8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
14:39:09.0551 0x0db8 VaultSvc - ok
14:39:09.0582 0x0db8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:39:09.0598 0x0db8 vdrvroot - ok
14:39:09.0645 0x0db8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:39:09.0660 0x0db8 vds - ok
14:39:09.0676 0x0db8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:39:09.0676 0x0db8 vga - ok
14:39:09.0691 0x0db8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:39:09.0691 0x0db8 VgaSave - ok
14:39:09.0707 0x0db8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:39:09.0723 0x0db8 vhdmp - ok
14:39:09.0738 0x0db8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:39:09.0738 0x0db8 viaide - ok
14:39:09.0769 0x0db8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:39:09.0801 0x0db8 vmbus - ok
14:39:09.0816 0x0db8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:39:09.0832 0x0db8 VMBusHID - ok
14:39:09.0863 0x0db8 vmci - ok
14:39:09.0863 0x0db8 VMnetAdapter - ok
14:39:09.0894 0x0db8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:39:09.0910 0x0db8 volmgr - ok
14:39:09.0941 0x0db8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:39:09.0957 0x0db8 volmgrx - ok
14:39:09.0972 0x0db8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:39:09.0988 0x0db8 volsnap - ok
14:39:10.0019 0x0db8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:39:10.0019 0x0db8 vsmraid - ok
14:39:10.0113 0x0db8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:39:10.0144 0x0db8 VSS - ok
14:39:10.0159 0x0db8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:39:10.0159 0x0db8 vwifibus - ok
14:39:10.0175 0x0db8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:39:10.0191 0x0db8 W32Time - ok
14:39:10.0206 0x0db8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:39:10.0206 0x0db8 WacomPen - ok
14:39:10.0222 0x0db8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:39:10.0237 0x0db8 WANARP - ok
14:39:10.0237 0x0db8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:39:10.0237 0x0db8 Wanarpv6 - ok
14:39:10.0315 0x0db8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:39:10.0347 0x0db8 wbengine - ok
14:39:10.0362 0x0db8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:39:10.0362 0x0db8 WbioSrvc - ok
14:39:10.0393 0x0db8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:39:10.0393 0x0db8 wcncsvc - ok
14:39:10.0409 0x0db8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:39:10.0409 0x0db8 WcsPlugInService - ok
14:39:10.0440 0x0db8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:39:10.0440 0x0db8 Wd - ok
14:39:10.0518 0x0db8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:39:10.0534 0x0db8 Wdf01000 - ok
14:39:10.0565 0x0db8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:39:10.0565 0x0db8 WdiServiceHost - ok
14:39:10.0581 0x0db8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:39:10.0581 0x0db8 WdiSystemHost - ok
14:39:10.0627 0x0db8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:39:10.0643 0x0db8 WebClient - ok
14:39:10.0674 0x0db8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:39:10.0690 0x0db8 Wecsvc - ok
14:39:10.0705 0x0db8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:39:10.0705 0x0db8 wercplsupport - ok
14:39:10.0721 0x0db8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:39:10.0721 0x0db8 WerSvc - ok
14:39:10.0737 0x0db8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:39:10.0737 0x0db8 WfpLwf - ok
14:39:10.0752 0x0db8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:39:10.0768 0x0db8 WIMMount - ok
14:39:10.0783 0x0db8 WinDefend - ok
14:39:10.0799 0x0db8 WinHttpAutoProxySvc - ok
14:39:10.0861 0x0db8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:39:10.0861 0x0db8 Winmgmt - ok
14:39:10.0986 0x0db8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:39:11.0017 0x0db8 WinRM - ok
14:39:11.0080 0x0db8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:39:11.0080 0x0db8 WinUsb - ok
14:39:11.0127 0x0db8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:39:11.0142 0x0db8 Wlansvc - ok
14:39:11.0158 0x0db8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:39:11.0158 0x0db8 WmiAcpi - ok
14:39:11.0189 0x0db8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:39:11.0205 0x0db8 wmiApSrv - ok
14:39:11.0220 0x0db8 WMPNetworkSvc - ok
14:39:11.0251 0x0db8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:39:11.0251 0x0db8 WPCSvc - ok
14:39:11.0267 0x0db8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:39:11.0267 0x0db8 WPDBusEnum - ok
14:39:11.0298 0x0db8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:39:11.0298 0x0db8 ws2ifsl - ok
14:39:11.0329 0x0db8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:39:11.0329 0x0db8 wscsvc - ok
14:39:11.0329 0x0db8 WSearch - ok
14:39:11.0485 0x0db8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
14:39:11.0532 0x0db8 wuauserv - ok
14:39:11.0563 0x0db8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:39:11.0563 0x0db8 WudfPf - ok
14:39:11.0595 0x0db8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:39:11.0595 0x0db8 WUDFRd - ok
14:39:11.0626 0x0db8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:39:11.0626 0x0db8 wudfsvc - ok
14:39:11.0673 0x0db8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:39:11.0673 0x0db8 WwanSvc - ok
14:39:11.0673 0x0db8 ================ Scan global ===============================
14:39:11.0704 0x0db8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:39:11.0735 0x0db8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:39:11.0751 0x0db8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:39:11.0782 0x0db8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:39:11.0813 0x0db8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:39:11.0829 0x0db8 [ Global ] - ok
14:39:11.0829 0x0db8 ================ Scan MBR ==================================
14:39:11.0829 0x0db8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:39:12.0031 0x0db8 \Device\Harddisk0\DR0 - ok
14:39:12.0031 0x0db8 ================ Scan VBR ==================================
14:39:12.0047 0x0db8 [ F769AA0408A7FABB7A0BE02CC2B6057E ] \Device\Harddisk0\DR0\Partition1
14:39:12.0047 0x0db8 \Device\Harddisk0\DR0\Partition1 - ok
14:39:12.0047 0x0db8 [ 299D461E9AB116841197CF11FCB8C71C ] \Device\Harddisk0\DR0\Partition2
14:39:12.0047 0x0db8 \Device\Harddisk0\DR0\Partition2 - ok
14:39:12.0047 0x0db8 [ B387B3E85DD46C84BFFF0B66AE451F67 ] \Device\Harddisk0\DR0\Partition3
14:39:12.0047 0x0db8 \Device\Harddisk0\DR0\Partition3 - ok
14:39:12.0047 0x0db8 ================ Scan generic autorun ======================
14:39:12.0078 0x0db8 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
14:39:12.0078 0x0db8 IgfxTray - ok
14:39:12.0094 0x0db8 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
14:39:12.0156 0x0db8 HotKeysCmds - ok
14:39:12.0187 0x0db8 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
14:39:12.0219 0x0db8 Persistence - ok
14:39:12.0375 0x0db8 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
14:39:12.0531 0x0db8 CanonMyPrinter - ok
14:39:12.0593 0x0db8 [ C57096C601324DF1C5344BCD39093C0C, C2007D0585105F5AA72C6E1E9A3E69514C32F76BE3A664D4BDB6F9D256667689 ] C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\broadband.exe
14:39:12.0687 0x0db8 glitch_immunity - ok
14:39:12.0765 0x0db8 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
14:39:12.0843 0x0db8 FreePDF Assistant - ok
14:39:12.0921 0x0db8 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
14:39:12.0936 0x0db8 BCSSync - ok
14:39:13.0092 0x0db8 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
14:39:13.0186 0x0db8 CanonSolutionMenuEx - ok
14:39:13.0233 0x0db8 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
14:39:13.0264 0x0db8 IJNetworkScannerSelectorEX - ok
14:39:13.0389 0x0db8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:13.0451 0x0db8 Sidebar - ok
14:39:13.0482 0x0db8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:13.0482 0x0db8 mctadmin - ok
14:39:13.0545 0x0db8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:13.0560 0x0db8 Sidebar - ok
14:39:13.0576 0x0db8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:13.0576 0x0db8 mctadmin - ok
14:39:13.0623 0x0db8 [ 755DB0FABD639DE8D9FA6D446BA90D36, 144A3975545311270825E64FE564F16A8895573ABF0B4C0AD07A766D4E8D86DC ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
14:39:13.0701 0x0db8 Gadwin PrintScreen - ok
14:39:13.0825 0x0db8 airport-fixed - ok
14:39:13.0825 0x0db8 issue-finger - ok
14:39:13.0825 0x0db8 meat-ball - ok
14:39:13.0841 0x0db8 court-design - ok
14:39:14.0059 0x0db8 [ E6C60E153524E8C18E06C643B11D5AD3, 834FAEB4AE15C3F197816B0CEF7A45FE361FBDB9ED958C81584ED15751A9AE91 ] C:\Program Files\CCleaner\CCleaner64.exe
14:39:14.0293 0x0db8 ccleaner - ok
14:39:14.0309 0x0db8 airport-fixed - ok
14:39:14.0309 0x0db8 meat-ball - ok
14:39:14.0309 0x0db8 court-design - ok
14:39:14.0309 0x0db8 issue-finger - ok
14:39:14.0371 0x0db8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:39:14.0387 0x0db8 Sidebar - ok
14:39:14.0403 0x0db8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:39:14.0418 0x0db8 mctadmin - ok
14:39:14.0418 0x0db8 Waiting for KSN requests completion. In queue: 71
14:39:15.0432 0x0db8 Waiting for KSN requests completion. In queue: 71
14:39:16.0446 0x0db8 Waiting for KSN requests completion. In queue: 71
14:39:17.0523 0x0db8 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WSCSavNotifier.exe ( 12.1.1000.157 ), 0x70000 ( disabled : updated )
14:39:17.0601 0x0db8 Win FW state via NFP2: enabled ( trusted )
14:39:19.0987 0x0db8 ============================================================
14:39:19.0987 0x0db8 Scan finished
14:39:19.0987 0x0db8 ============================================================
14:39:20.0003 0x0db0 Detected object count: 0
14:39:20.0003 0x0db0 Actual detected object count: 0
14:39:26.0149 0x0d5c Deinitialize success
|
|
15.10.2015, 13:43
| #10 |
| | TDSSKiller Log2Code:
ATTFilter 14:29:42.0021 0x27e4 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
14:29:44.0627 0x27e4 ============================================================
14:29:44.0627 0x27e4 Current date / time: 2015/10/15 14:29:44.0627
14:29:44.0627 0x27e4 SystemInfo:
14:29:44.0627 0x27e4
14:29:44.0627 0x27e4 OS Version: 6.1.7601 ServicePack: 1.0
14:29:44.0627 0x27e4 Product type: Workstation
14:29:44.0627 0x27e4 ComputerName: ADD-INN-BUHA
14:29:44.0629 0x27e4 UserName: Tina
14:29:44.0629 0x27e4 Windows directory: C:\Windows
14:29:44.0629 0x27e4 System windows directory: C:\Windows
14:29:44.0629 0x27e4 Running under WOW64
14:29:44.0629 0x27e4 Processor architecture: Intel x64
14:29:44.0629 0x27e4 Number of processors: 2
14:29:44.0629 0x27e4 Page size: 0x1000
14:29:44.0629 0x27e4 Boot type: Normal boot
14:29:44.0629 0x27e4 ============================================================
14:29:45.0069 0x27e4 System UUID: {781AA5B7-1B30-C024-7160-9241876131D7}
14:29:45.0772 0x27e4 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:29:45.0777 0x27e4 ============================================================
14:29:45.0777 0x27e4 \Device\Harddisk0\DR0:
14:29:45.0777 0x27e4 MBR partitions:
14:29:45.0777 0x27e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x404000, BlocksNum 0x32000
14:29:45.0777 0x27e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x436000, BlocksNum 0xAF96000
14:29:45.0777 0x27e4 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xB3CC000, BlocksNum 0x11DF9000
14:29:45.0777 0x27e4 ============================================================
14:29:45.0818 0x27e4 C: <-> \Device\Harddisk0\DR0\Partition2
14:29:45.0848 0x27e4 D: <-> \Device\Harddisk0\DR0\Partition3
14:29:45.0849 0x27e4 ============================================================
14:29:45.0849 0x27e4 Initialize success
14:29:45.0849 0x27e4 ============================================================
14:30:59.0258 0x0dd8 ============================================================
14:30:59.0258 0x0dd8 Scan started
14:30:59.0258 0x0dd8 Mode: Manual;
14:30:59.0258 0x0dd8 ============================================================
14:30:59.0258 0x0dd8 KSN ping started
14:31:01.0668 0x0dd8 KSN ping finished: true
14:31:02.0532 0x0dd8 ================ Scan system memory ========================
14:31:02.0532 0x0dd8 System memory - ok
14:31:02.0534 0x0dd8 ================ Scan services =============================
14:31:02.0691 0x0dd8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:31:02.0696 0x0dd8 1394ohci - ok
14:31:02.0765 0x0dd8 [ 4F2C32C8BBF976D23302F1A9C4FA3C51, 4371C8A0B3C13F85EAD37D26F26003548AF617B56D0F15ABA764071ADCD0DE2D ] 30687968 C:\Windows\system32\drivers\97730321.sys
14:31:02.0830 0x0dd8 [ 4F2C32C8BBF976D23302F1A9C4FA3C51, 4371C8A0B3C13F85EAD37D26F26003548AF617B56D0F15ABA764071ADCD0DE2D ] 85850536 C:\Windows\system32\drivers\94316891.sys
14:31:02.0868 0x0dd8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:31:02.0875 0x0dd8 ACPI - ok
14:31:02.0891 0x0dd8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:31:02.0892 0x0dd8 AcpiPmi - ok
14:31:02.0996 0x0dd8 [ F6CEFEF46986DE02A3AE5D93AE32B5DC, 903EC5A7B40F4F6B2F3378EFFE8DF28667B88061CDF681C44F2E4FE39B62959E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:31:02.0998 0x0dd8 AdobeARMservice - ok
14:31:03.0056 0x0dd8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:31:03.0066 0x0dd8 adp94xx - ok
14:31:03.0098 0x0dd8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:31:03.0105 0x0dd8 adpahci - ok
14:31:03.0124 0x0dd8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:31:03.0128 0x0dd8 adpu320 - ok
14:31:03.0163 0x0dd8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:31:03.0165 0x0dd8 AeLookupSvc - ok
14:31:03.0226 0x0dd8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:31:03.0236 0x0dd8 AFD - ok
14:31:03.0274 0x0dd8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:31:03.0276 0x0dd8 agp440 - ok
14:31:03.0304 0x0dd8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:31:03.0306 0x0dd8 ALG - ok
14:31:03.0342 0x0dd8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:31:03.0343 0x0dd8 aliide - ok
14:31:03.0365 0x0dd8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:31:03.0366 0x0dd8 amdide - ok
14:31:03.0396 0x0dd8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:31:03.0398 0x0dd8 AmdK8 - ok
14:31:03.0413 0x0dd8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:31:03.0414 0x0dd8 AmdPPM - ok
14:31:03.0448 0x0dd8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:31:03.0450 0x0dd8 amdsata - ok
14:31:03.0477 0x0dd8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:31:03.0481 0x0dd8 amdsbs - ok
14:31:03.0503 0x0dd8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:31:03.0504 0x0dd8 amdxata - ok
14:31:03.0548 0x0dd8 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
14:31:03.0550 0x0dd8 AppID - ok
14:31:03.0583 0x0dd8 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:31:03.0584 0x0dd8 AppIDSvc - ok
14:31:03.0627 0x0dd8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:31:03.0629 0x0dd8 Appinfo - ok
14:31:03.0674 0x0dd8 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
14:31:03.0678 0x0dd8 AppMgmt - ok
14:31:03.0708 0x0dd8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
14:31:03.0711 0x0dd8 arc - ok
14:31:03.0734 0x0dd8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:31:03.0737 0x0dd8 arcsas - ok
14:31:03.0845 0x0dd8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:31:03.0847 0x0dd8 aspnet_state - ok
14:31:03.0880 0x0dd8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:31:03.0881 0x0dd8 AsyncMac - ok
14:31:03.0903 0x0dd8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:31:03.0904 0x0dd8 atapi - ok
14:31:03.0964 0x0dd8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:31:03.0978 0x0dd8 AudioEndpointBuilder - ok
14:31:04.0006 0x0dd8 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:31:04.0020 0x0dd8 AudioSrv - ok
14:31:04.0055 0x0dd8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:31:04.0058 0x0dd8 AxInstSV - ok
14:31:04.0104 0x0dd8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
14:31:04.0113 0x0dd8 b06bdrv - ok
14:31:04.0158 0x0dd8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:31:04.0163 0x0dd8 b57nd60a - ok
14:31:04.0206 0x0dd8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:31:04.0209 0x0dd8 BDESVC - ok
14:31:04.0226 0x0dd8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:31:04.0227 0x0dd8 Beep - ok
14:31:04.0280 0x0dd8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:31:04.0295 0x0dd8 BFE - ok
14:31:04.0463 0x0dd8 [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys
14:31:04.0495 0x0dd8 BHDrvx64 - ok
14:31:04.0557 0x0dd8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:31:04.0575 0x0dd8 BITS - ok
14:31:04.0603 0x0dd8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:31:04.0605 0x0dd8 blbdrive - ok
14:31:04.0631 0x0dd8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:31:04.0633 0x0dd8 bowser - ok
14:31:04.0663 0x0dd8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:31:04.0664 0x0dd8 BrFiltLo - ok
14:31:04.0682 0x0dd8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:31:04.0683 0x0dd8 BrFiltUp - ok
14:31:04.0701 0x0dd8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:31:04.0704 0x0dd8 Browser - ok
14:31:04.0745 0x0dd8 [ 63A00CDBEB300522C49EC7CA77324060, 99CB6D37C7D898982A192AAA8DE5CE255E6FA482E19FE9032BAA7069E652F6F5 ] BrSerIb C:\Windows\system32\DRIVERS\BrSerIb.sys
14:31:04.0747 0x0dd8 BrSerIb - ok
14:31:04.0772 0x0dd8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:31:04.0778 0x0dd8 Brserid - ok
14:31:04.0799 0x0dd8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:31:04.0801 0x0dd8 BrSerWdm - ok
14:31:04.0815 0x0dd8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:31:04.0816 0x0dd8 BrUsbMdm - ok
14:31:04.0825 0x0dd8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:31:04.0826 0x0dd8 BrUsbSer - ok
14:31:04.0845 0x0dd8 [ BBCFD6C6EF66449F55AF1BFDB08C9B12, D6D5D408FCFFF9ED69D095948E786C08EEECD5F55905A3D8FE2BB08944C5E1F2 ] BrUsbSIb C:\Windows\system32\DRIVERS\BrUsbSIb.sys
14:31:04.0847 0x0dd8 BrUsbSIb - ok
14:31:04.0867 0x0dd8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:31:04.0869 0x0dd8 BTHMODEM - ok
14:31:04.0903 0x0dd8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:31:04.0906 0x0dd8 bthserv - ok
14:31:04.0930 0x0dd8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:31:04.0932 0x0dd8 cdfs - ok
14:31:04.0961 0x0dd8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:31:04.0964 0x0dd8 cdrom - ok
14:31:04.0982 0x0dd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:31:04.0985 0x0dd8 CertPropSvc - ok
14:31:05.0087 0x0dd8 [ DEB2BF636F8C16BE3B66FD8F66306050, ED79B05E2ACA4B5E85D1133CB3CEF4A01D16CC4E161168A04AE56F4DDF22E0C8 ] charge_termination_method C:\Windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\laplace_transform.exe
14:31:05.0092 0x0dd8 charge_termination_method - ok
14:31:05.0122 0x0dd8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
14:31:05.0124 0x0dd8 circlass - ok
14:31:05.0166 0x0dd8 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
14:31:05.0173 0x0dd8 CLFS - ok
14:31:05.0241 0x0dd8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:31:05.0243 0x0dd8 clr_optimization_v2.0.50727_32 - ok
14:31:05.0294 0x0dd8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:31:05.0297 0x0dd8 clr_optimization_v2.0.50727_64 - ok
14:31:05.0368 0x0dd8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:31:05.0371 0x0dd8 clr_optimization_v4.0.30319_32 - ok
14:31:05.0395 0x0dd8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:31:05.0399 0x0dd8 clr_optimization_v4.0.30319_64 - ok
14:31:05.0421 0x0dd8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
14:31:05.0422 0x0dd8 CmBatt - ok
14:31:05.0448 0x0dd8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:31:05.0449 0x0dd8 cmdide - ok
14:31:05.0508 0x0dd8 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
14:31:05.0517 0x0dd8 CNG - ok
14:31:05.0550 0x0dd8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
14:31:05.0551 0x0dd8 Compbatt - ok
14:31:05.0570 0x0dd8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:31:05.0572 0x0dd8 CompositeBus - ok
14:31:05.0587 0x0dd8 COMSysApp - ok
14:31:05.0605 0x0dd8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:31:05.0606 0x0dd8 crcdisk - ok
14:31:05.0658 0x0dd8 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:31:05.0664 0x0dd8 CryptSvc - ok
14:31:05.0700 0x0dd8 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
14:31:05.0712 0x0dd8 CSC - ok
14:31:05.0741 0x0dd8 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
14:31:05.0755 0x0dd8 CscService - ok
14:31:05.0801 0x0dd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:31:05.0813 0x0dd8 DcomLaunch - ok
14:31:05.0840 0x0dd8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:31:05.0847 0x0dd8 defragsvc - ok
14:31:05.0874 0x0dd8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:31:05.0877 0x0dd8 DfsC - ok
14:31:05.0907 0x0dd8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:31:05.0914 0x0dd8 Dhcp - ok
14:31:05.0926 0x0dd8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:31:05.0928 0x0dd8 discache - ok
14:31:05.0952 0x0dd8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
14:31:05.0954 0x0dd8 Disk - ok
14:31:05.0982 0x0dd8 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
14:31:05.0984 0x0dd8 dmvsc - ok
14:31:06.0018 0x0dd8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:31:06.0022 0x0dd8 Dnscache - ok
14:31:06.0051 0x0dd8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:31:06.0056 0x0dd8 dot3svc - ok
14:31:06.0076 0x0dd8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:31:06.0080 0x0dd8 DPS - ok
14:31:06.0130 0x0dd8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:31:06.0131 0x0dd8 drmkaud - ok
14:31:06.0221 0x0dd8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:31:06.0241 0x0dd8 DXGKrnl - ok
14:31:06.0268 0x0dd8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:31:06.0272 0x0dd8 EapHost - ok
14:31:06.0415 0x0dd8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
14:31:06.0478 0x0dd8 ebdrv - ok
14:31:06.0639 0x0dd8 [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
14:31:06.0650 0x0dd8 eeCtrl - ok
14:31:06.0680 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] EFS C:\Windows\System32\lsass.exe
14:31:06.0682 0x0dd8 EFS - ok
14:31:06.0740 0x0dd8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:31:06.0753 0x0dd8 ehRecvr - ok
14:31:06.0772 0x0dd8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:31:06.0775 0x0dd8 ehSched - ok
14:31:06.0818 0x0dd8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:31:06.0829 0x0dd8 elxstor - ok
14:31:06.0865 0x0dd8 [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
14:31:06.0869 0x0dd8 EraserUtilRebootDrv - ok
14:31:06.0889 0x0dd8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:31:06.0889 0x0dd8 ErrDev - ok
14:31:06.0941 0x0dd8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:31:06.0950 0x0dd8 EventSystem - ok
14:31:06.0974 0x0dd8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:31:06.0979 0x0dd8 exfat - ok
14:31:07.0007 0x0dd8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:31:07.0011 0x0dd8 fastfat - ok
14:31:07.0057 0x0dd8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:31:07.0071 0x0dd8 Fax - ok
14:31:07.0097 0x0dd8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:31:07.0098 0x0dd8 fdc - ok
14:31:07.0127 0x0dd8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:31:07.0128 0x0dd8 fdPHost - ok
14:31:07.0137 0x0dd8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:31:07.0139 0x0dd8 FDResPub - ok
14:31:07.0156 0x0dd8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:31:07.0158 0x0dd8 FileInfo - ok
14:31:07.0169 0x0dd8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:31:07.0171 0x0dd8 Filetrace - ok
14:31:07.0190 0x0dd8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:31:07.0191 0x0dd8 flpydisk - ok
14:31:07.0224 0x0dd8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:31:07.0231 0x0dd8 FltMgr - ok
14:31:07.0298 0x0dd8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:31:07.0321 0x0dd8 FontCache - ok
14:31:07.0367 0x0dd8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:31:07.0368 0x0dd8 FontCache3.0.0.0 - ok
14:31:07.0379 0x0dd8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:31:07.0381 0x0dd8 FsDepends - ok
14:31:07.0406 0x0dd8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:31:07.0407 0x0dd8 Fs_Rec - ok
14:31:07.0455 0x0dd8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:31:07.0460 0x0dd8 fvevol - ok
14:31:07.0485 0x0dd8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:31:07.0487 0x0dd8 gagp30kx - ok
14:31:07.0556 0x0dd8 [ F184BF99066764F9B0507C26404DD271, 99721A2407BC86B88CA1D36949EFBFC9DE97204821A63F2E3F4CB27C9F59FD83 ] galvanic_isolation C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe
14:31:07.0560 0x0dd8 galvanic_isolation - ok
14:31:07.0609 0x0dd8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:31:07.0626 0x0dd8 gpsvc - ok
14:31:07.0648 0x0dd8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:31:07.0649 0x0dd8 hcw85cir - ok
14:31:07.0691 0x0dd8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:31:07.0698 0x0dd8 HdAudAddService - ok
14:31:07.0722 0x0dd8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:31:07.0725 0x0dd8 HDAudBus - ok
14:31:07.0743 0x0dd8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:31:07.0744 0x0dd8 HidBatt - ok
14:31:07.0766 0x0dd8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:31:07.0769 0x0dd8 HidBth - ok
14:31:07.0786 0x0dd8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
14:31:07.0787 0x0dd8 HidIr - ok
14:31:07.0809 0x0dd8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:31:07.0812 0x0dd8 hidserv - ok
14:31:07.0859 0x0dd8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
14:31:07.0861 0x0dd8 HidUsb - ok
14:31:07.0886 0x0dd8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:31:07.0889 0x0dd8 hkmsvc - ok
14:31:07.0907 0x0dd8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:31:07.0913 0x0dd8 HomeGroupListener - ok
14:31:07.0938 0x0dd8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:31:07.0944 0x0dd8 HomeGroupProvider - ok
14:31:07.0960 0x0dd8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:31:07.0962 0x0dd8 HpSAMD - ok
14:31:08.0016 0x0dd8 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:31:08.0030 0x0dd8 HTTP - ok
14:31:08.0054 0x0dd8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:31:08.0054 0x0dd8 hwpolicy - ok
14:31:08.0083 0x0dd8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:31:08.0085 0x0dd8 i8042prt - ok
14:31:08.0127 0x0dd8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:31:08.0136 0x0dd8 iaStorV - ok
14:31:08.0206 0x0dd8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:31:08.0223 0x0dd8 idsvc - ok
14:31:08.0298 0x0dd8 [ 4A2CAA578E0A829A15CD76CEC66A1E41, 4F01D251EC8EE2AC99C7540C8D4636EFF89B3F72EDE26412EE741E01EE3B8E02 ] IDSVia64 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151014.001\IDSvia64.sys
14:31:08.0311 0x0dd8 IDSVia64 - ok
14:31:08.0337 0x0dd8 IEEtwCollectorService - ok
14:31:08.0568 0x0dd8 [ 24CC43ECDEEFD4C19FBBEE4951B647F1, 416799965E6602F8F03E2A92E8BB42B1D5643C65EF09815FC5A56A2FA73E6773 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
14:31:08.0687 0x0dd8 igfx - ok
14:31:08.0724 0x0dd8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:31:08.0725 0x0dd8 iirsp - ok
14:31:08.0784 0x0dd8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:31:08.0802 0x0dd8 IKEEXT - ok
14:31:08.0830 0x0dd8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:31:08.0831 0x0dd8 intelide - ok
14:31:08.0851 0x0dd8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:31:08.0853 0x0dd8 intelppm - ok
14:31:08.0883 0x0dd8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:31:08.0886 0x0dd8 IPBusEnum - ok
14:31:08.0900 0x0dd8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:31:08.0902 0x0dd8 IpFilterDriver - ok
14:31:08.0939 0x0dd8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:31:08.0952 0x0dd8 iphlpsvc - ok
14:31:08.0975 0x0dd8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:31:08.0977 0x0dd8 IPMIDRV - ok
14:31:09.0012 0x0dd8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:31:09.0015 0x0dd8 IPNAT - ok
14:31:09.0043 0x0dd8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:31:09.0044 0x0dd8 IRENUM - ok
14:31:09.0060 0x0dd8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:31:09.0061 0x0dd8 isapnp - ok
14:31:09.0102 0x0dd8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:31:09.0107 0x0dd8 iScsiPrt - ok
14:31:09.0127 0x0dd8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:31:09.0128 0x0dd8 kbdclass - ok
14:31:09.0149 0x0dd8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
14:31:09.0150 0x0dd8 kbdhid - ok
14:31:09.0163 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] KeyIso C:\Windows\system32\lsass.exe
14:31:09.0165 0x0dd8 KeyIso - ok
14:31:09.0201 0x0dd8 [ 063C09DB965E3DFD6F4F08416F6DB8F5, 0BE015C59288397536B3941BA55EFE0CF06714BC43FF3A33A1D844B4E0F16097 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:31:09.0204 0x0dd8 KSecDD - ok
14:31:09.0216 0x0dd8 [ 1FA627E63195BF3BF636BFEF0D7190D4, 794456605303F4916E81BE899E0B05CB070094E719ADA8BE8072A761E35CA8E9 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:31:09.0219 0x0dd8 KSecPkg - ok
14:31:09.0245 0x0dd8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:31:09.0247 0x0dd8 ksthunk - ok
14:31:09.0283 0x0dd8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:31:09.0292 0x0dd8 KtmRm - ok
14:31:09.0350 0x0dd8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:31:09.0356 0x0dd8 LanmanServer - ok
14:31:09.0391 0x0dd8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:31:09.0396 0x0dd8 LanmanWorkstation - ok
14:31:09.0426 0x0dd8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:31:09.0428 0x0dd8 lltdio - ok
14:31:09.0454 0x0dd8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:31:09.0461 0x0dd8 lltdsvc - ok
14:31:09.0486 0x0dd8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:31:09.0488 0x0dd8 lmhosts - ok
14:31:09.0514 0x0dd8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:31:09.0517 0x0dd8 LSI_FC - ok
14:31:09.0542 0x0dd8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:31:09.0544 0x0dd8 LSI_SAS - ok
14:31:09.0567 0x0dd8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:31:09.0569 0x0dd8 LSI_SAS2 - ok
14:31:09.0588 0x0dd8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:31:09.0591 0x0dd8 LSI_SCSI - ok
14:31:09.0611 0x0dd8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:31:09.0614 0x0dd8 luafv - ok
14:31:09.0642 0x0dd8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:31:09.0645 0x0dd8 Mcx2Svc - ok
14:31:09.0660 0x0dd8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
14:31:09.0661 0x0dd8 megasas - ok
14:31:09.0680 0x0dd8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:31:09.0686 0x0dd8 MegaSR - ok
14:31:09.0756 0x0dd8 Microsoft SharePoint Workspace Audit Service - ok
14:31:09.0780 0x0dd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:31:09.0783 0x0dd8 MMCSS - ok
14:31:09.0799 0x0dd8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:31:09.0800 0x0dd8 Modem - ok
14:31:09.0833 0x0dd8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:31:09.0834 0x0dd8 monitor - ok
14:31:09.0852 0x0dd8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:31:09.0853 0x0dd8 mouclass - ok
14:31:09.0877 0x0dd8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:31:09.0878 0x0dd8 mouhid - ok
14:31:09.0920 0x0dd8 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:31:09.0923 0x0dd8 mountmgr - ok
14:31:09.0985 0x0dd8 [ 707E98CC15C2224C078C9E71FF1889BC, 958416FE081436FDBF7F2BEBBB2795C54CC4F3F349D6DF463296A7BBA3404F13 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:31:09.0988 0x0dd8 MozillaMaintenance - ok
14:31:10.0019 0x0dd8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:31:10.0023 0x0dd8 mpio - ok
14:31:10.0034 0x0dd8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:31:10.0036 0x0dd8 mpsdrv - ok
14:31:10.0085 0x0dd8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:31:10.0102 0x0dd8 MpsSvc - ok
14:31:10.0138 0x0dd8 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:31:10.0141 0x0dd8 MRxDAV - ok
14:31:10.0168 0x0dd8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:31:10.0171 0x0dd8 mrxsmb - ok
14:31:10.0193 0x0dd8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:31:10.0199 0x0dd8 mrxsmb10 - ok
14:31:10.0218 0x0dd8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:31:10.0221 0x0dd8 mrxsmb20 - ok
14:31:10.0247 0x0dd8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:31:10.0248 0x0dd8 msahci - ok
14:31:10.0277 0x0dd8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:31:10.0282 0x0dd8 msdsm - ok
14:31:10.0309 0x0dd8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:31:10.0314 0x0dd8 MSDTC - ok
14:31:10.0443 0x0dd8 [ 3DE4F1440DE21DC7DECEE9B1F1AC35D8, F4D75C1D84CF27DF421E144F2733EA20BD4F1415B43C379D6D73EBB3BA8CE037 ] MsDtsServer110 C:\Program Files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe
14:31:10.0448 0x0dd8 MsDtsServer110 - ok
14:31:10.0473 0x0dd8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:31:10.0474 0x0dd8 Msfs - ok
14:31:10.0498 0x0dd8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:31:10.0499 0x0dd8 mshidkmdf - ok
14:31:10.0509 0x0dd8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:31:10.0510 0x0dd8 msisadrv - ok
14:31:10.0538 0x0dd8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:31:10.0542 0x0dd8 MSiSCSI - ok
14:31:10.0548 0x0dd8 msiserver - ok
14:31:10.0570 0x0dd8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:31:10.0571 0x0dd8 MSKSSRV - ok
14:31:10.0579 0x0dd8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:31:10.0580 0x0dd8 MSPCLOCK - ok
14:31:10.0587 0x0dd8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:31:10.0587 0x0dd8 MSPQM - ok
14:31:10.0612 0x0dd8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:31:10.0619 0x0dd8 MsRPC - ok
14:31:10.0658 0x0dd8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:31:10.0659 0x0dd8 mssmbios - ok
14:31:10.0740 0x0dd8 [ F4991C8C070C86082E6F0597F73E02D0, C39F47D2D4525BB4950827F1EDB92CCF5067267AA1AAEF7137E45482C1436D97 ] MSSQLFDLauncher C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
14:31:10.0742 0x0dd8 MSSQLFDLauncher - ok
14:31:10.0788 0x0dd8 [ 64D793C35644E12FA72A679069F85668, 071E9A8863E7ADFD81678CC84AB9053B13D999920C4A8282C3E28A5A30D0123A ] MSSQLSERVER C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
14:31:10.0793 0x0dd8 MSSQLSERVER - ok
14:31:10.0863 0x0dd8 MSSQLServerOLAPService - ok
14:31:10.0890 0x0dd8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:31:10.0891 0x0dd8 MSTEE - ok
14:31:10.0912 0x0dd8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:31:10.0913 0x0dd8 MTConfig - ok
14:31:10.0926 0x0dd8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:31:10.0928 0x0dd8 Mup - ok
14:31:10.0966 0x0dd8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:31:10.0977 0x0dd8 napagent - ok
14:31:11.0010 0x0dd8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:31:11.0017 0x0dd8 NativeWifiP - ok
14:31:11.0098 0x0dd8 [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151014.054\ENG64.SYS
14:31:11.0101 0x0dd8 NAVENG - ok
14:31:11.0206 0x0dd8 [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15 C:\ProgramData\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\VirusDefs\20151014.054\EX64.SYS
14:31:11.0247 0x0dd8 NAVEX15 - ok
14:31:11.0324 0x0dd8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:31:11.0342 0x0dd8 NDIS - ok
14:31:11.0371 0x0dd8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:31:11.0372 0x0dd8 NdisCap - ok
14:31:11.0398 0x0dd8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:31:11.0400 0x0dd8 NdisTapi - ok
14:31:11.0418 0x0dd8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:31:11.0419 0x0dd8 Ndisuio - ok
14:31:11.0436 0x0dd8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:31:11.0440 0x0dd8 NdisWan - ok
14:31:11.0457 0x0dd8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:31:11.0458 0x0dd8 NDProxy - ok
14:31:11.0475 0x0dd8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:31:11.0477 0x0dd8 NetBIOS - ok
14:31:11.0493 0x0dd8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:31:11.0498 0x0dd8 NetBT - ok
14:31:11.0511 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] Netlogon C:\Windows\system32\lsass.exe
14:31:11.0513 0x0dd8 Netlogon - ok
14:31:11.0555 0x0dd8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:31:11.0563 0x0dd8 Netman - ok
14:31:11.0603 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:11.0607 0x0dd8 NetMsmqActivator - ok
14:31:11.0615 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:11.0618 0x0dd8 NetPipeActivator - ok
14:31:11.0652 0x0dd8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:31:11.0662 0x0dd8 netprofm - ok
14:31:11.0687 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:11.0690 0x0dd8 NetTcpActivator - ok
14:31:11.0703 0x0dd8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:31:11.0707 0x0dd8 NetTcpPortSharing - ok
14:31:11.0726 0x0dd8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:31:11.0727 0x0dd8 nfrd960 - ok
14:31:11.0768 0x0dd8 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
14:31:11.0775 0x0dd8 NlaSvc - ok
14:31:11.0792 0x0dd8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:31:11.0793 0x0dd8 Npfs - ok
14:31:11.0818 0x0dd8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:31:11.0820 0x0dd8 nsi - ok
14:31:11.0838 0x0dd8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:31:11.0839 0x0dd8 nsiproxy - ok
14:31:11.0940 0x0dd8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:31:11.0974 0x0dd8 Ntfs - ok
14:31:11.0995 0x0dd8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:31:11.0995 0x0dd8 Null - ok
14:31:12.0019 0x0dd8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:31:12.0022 0x0dd8 nvraid - ok
14:31:12.0041 0x0dd8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:31:12.0045 0x0dd8 nvstor - ok
14:31:12.0068 0x0dd8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:31:12.0071 0x0dd8 nv_agp - ok
14:31:12.0086 0x0dd8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:31:12.0088 0x0dd8 ohci1394 - ok
14:31:12.0172 0x0dd8 [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:31:12.0176 0x0dd8 ose - ok
14:31:12.0435 0x0dd8 [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
14:31:12.0537 0x0dd8 osppsvc - ok
14:31:12.0607 0x0dd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:31:12.0615 0x0dd8 p2pimsvc - ok
14:31:12.0659 0x0dd8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:31:12.0669 0x0dd8 p2psvc - ok
14:31:12.0694 0x0dd8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
14:31:12.0696 0x0dd8 Parport - ok
14:31:12.0723 0x0dd8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:31:12.0725 0x0dd8 partmgr - ok
14:31:12.0758 0x0dd8 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
14:31:12.0764 0x0dd8 PcaSvc - ok
14:31:12.0782 0x0dd8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:31:12.0786 0x0dd8 pci - ok
14:31:12.0811 0x0dd8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:31:12.0812 0x0dd8 pciide - ok
14:31:12.0832 0x0dd8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
14:31:12.0837 0x0dd8 pcmcia - ok
14:31:12.0856 0x0dd8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:31:12.0858 0x0dd8 pcw - ok
14:31:12.0912 0x0dd8 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:31:12.0925 0x0dd8 PEAUTH - ok
14:31:12.0993 0x0dd8 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
14:31:13.0021 0x0dd8 PeerDistSvc - ok
14:31:13.0083 0x0dd8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:31:13.0085 0x0dd8 PerfHost - ok
14:31:13.0163 0x0dd8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:31:13.0192 0x0dd8 pla - ok
14:31:13.0230 0x0dd8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:31:13.0241 0x0dd8 PlugPlay - ok
14:31:13.0254 0x0dd8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:31:13.0257 0x0dd8 PNRPAutoReg - ok
14:31:13.0281 0x0dd8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:31:13.0289 0x0dd8 PNRPsvc - ok
14:31:13.0331 0x0dd8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:31:13.0343 0x0dd8 PolicyAgent - ok
14:31:13.0382 0x0dd8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:31:13.0388 0x0dd8 Power - ok
14:31:13.0425 0x0dd8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:31:13.0428 0x0dd8 PptpMiniport - ok
14:31:13.0455 0x0dd8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
14:31:13.0457 0x0dd8 Processor - ok
14:31:13.0498 0x0dd8 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
14:31:13.0504 0x0dd8 ProfSvc - ok
14:31:13.0518 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:31:13.0520 0x0dd8 ProtectedStorage - ok
14:31:13.0539 0x0dd8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:31:13.0542 0x0dd8 Psched - ok
14:31:13.0611 0x0dd8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:31:13.0642 0x0dd8 ql2300 - ok
14:31:13.0675 0x0dd8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:31:13.0678 0x0dd8 ql40xx - ok
14:31:13.0711 0x0dd8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:31:13.0717 0x0dd8 QWAVE - ok
14:31:13.0735 0x0dd8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:31:13.0737 0x0dd8 QWAVEdrv - ok
14:31:13.0746 0x0dd8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:31:13.0747 0x0dd8 RasAcd - ok
14:31:13.0773 0x0dd8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:31:13.0774 0x0dd8 RasAgileVpn - ok
14:31:13.0791 0x0dd8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:31:13.0795 0x0dd8 RasAuto - ok
14:31:13.0808 0x0dd8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:31:13.0811 0x0dd8 Rasl2tp - ok
14:31:13.0829 0x0dd8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:31:13.0838 0x0dd8 RasMan - ok
14:31:13.0855 0x0dd8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:31:13.0857 0x0dd8 RasPppoe - ok
14:31:13.0877 0x0dd8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:31:13.0880 0x0dd8 RasSstp - ok
14:31:13.0916 0x0dd8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:31:13.0922 0x0dd8 rdbss - ok
14:31:13.0932 0x0dd8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:31:13.0933 0x0dd8 rdpbus - ok
14:31:13.0945 0x0dd8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:31:13.0946 0x0dd8 RDPCDD - ok
14:31:13.0973 0x0dd8 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
14:31:13.0977 0x0dd8 RDPDR - ok
14:31:13.0996 0x0dd8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:31:13.0996 0x0dd8 RDPENCDD - ok
14:31:14.0008 0x0dd8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:31:14.0009 0x0dd8 RDPREFMP - ok
14:31:14.0087 0x0dd8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:31:14.0088 0x0dd8 RdpVideoMiniport - ok
14:31:14.0130 0x0dd8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:31:14.0135 0x0dd8 RDPWD - ok
14:31:14.0174 0x0dd8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:31:14.0178 0x0dd8 rdyboost - ok
14:31:14.0209 0x0dd8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:31:14.0212 0x0dd8 RemoteAccess - ok
14:31:14.0243 0x0dd8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:31:14.0248 0x0dd8 RemoteRegistry - ok
14:31:14.0422 0x0dd8 [ 0D84CB080B36EECBC8201E046C6CE763, 195344E2E623B811349FD594880D45D7B992580A83FF82C3354B0ED4C50A999F ] ReportServer C:\Program Files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe
14:31:14.0470 0x0dd8 ReportServer - ok
14:31:14.0493 0x0dd8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:31:14.0497 0x0dd8 RpcEptMapper - ok
14:31:14.0519 0x0dd8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:31:14.0521 0x0dd8 RpcLocator - ok
14:31:14.0547 0x0dd8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:31:14.0558 0x0dd8 RpcSs - ok
14:31:14.0624 0x0dd8 [ 964E8376B0B3FE1354B19907E1A4A692, 7B955D071EC7E681DA11F1DBF530AEE03A120D2FBA184A2A203E59BA1121C3AB ] RsFx0201 C:\Windows\system32\DRIVERS\RsFx0201.sys
14:31:14.0631 0x0dd8 RsFx0201 - ok
14:31:14.0663 0x0dd8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:31:14.0665 0x0dd8 rspndr - ok
14:31:14.0695 0x0dd8 [ 68DD0457D18FCCEF7384AE84022F0C86, 82C02EDB30D4FA1145AB1818F9FCE0B73FEB1B94C138B5513794F25FAC85F2CC ] RTL8023x64 C:\Windows\system32\DRIVERS\Rtnic64.sys
14:31:14.0697 0x0dd8 RTL8023x64 - ok
14:31:14.0717 0x0dd8 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
14:31:14.0718 0x0dd8 s3cap - ok
14:31:14.0802 0x0dd8 [ 5D9932536F12E1E125DC9B48E2CDF784, B149E606E35FF1038BAAF41648AE7542D788F4101C6BB92506EF2D9D3AD325FC ] SageDeploymentService C:\Program Files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe
14:31:14.0811 0x0dd8 SageDeploymentService - ok
14:31:14.0854 0x0dd8 [ F6A730B70F4BB31133C2C0C45A369671, 68BD5CCCC4E6E1EFAC336BE1FBD4963F30169E29D7DDFF6FBDF2893DEAF85200 ] SageMultiUserService40 C:\Program Files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe
14:31:14.0859 0x0dd8 SageMultiUserService40 - ok
14:31:14.0876 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] SamSs C:\Windows\system32\lsass.exe
14:31:14.0878 0x0dd8 SamSs - ok
14:31:14.0907 0x0dd8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:31:14.0910 0x0dd8 sbp2port - ok
14:31:14.0937 0x0dd8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:31:14.0943 0x0dd8 SCardSvr - ok
14:31:14.0952 0x0dd8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:31:14.0953 0x0dd8 scfilter - ok
14:31:15.0009 0x0dd8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:31:15.0032 0x0dd8 Schedule - ok
14:31:15.0061 0x0dd8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:31:15.0064 0x0dd8 SCPolicySvc - ok
14:31:15.0089 0x0dd8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:31:15.0094 0x0dd8 SDRSVC - ok
14:31:15.0116 0x0dd8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:31:15.0117 0x0dd8 secdrv - ok
14:31:15.0133 0x0dd8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:31:15.0136 0x0dd8 seclogon - ok
14:31:15.0149 0x0dd8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:31:15.0153 0x0dd8 SENS - ok
14:31:15.0162 0x0dd8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:31:15.0165 0x0dd8 SensrSvc - ok
14:31:15.0233 0x0dd8 [ 74885BDFF62E537F268EBF8E8CEC24BB, D49949C3ED3CE748FD5EF0CA4ECEA5F30B9EEAE365EBA7072A0BE203A84D8227 ] SepMasterService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe
14:31:15.0237 0x0dd8 SepMasterService - ok
14:31:15.0266 0x0dd8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:31:15.0268 0x0dd8 Serenum - ok
14:31:15.0302 0x0dd8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:31:15.0305 0x0dd8 Serial - ok
14:31:15.0326 0x0dd8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:31:15.0327 0x0dd8 sermouse - ok
14:31:15.0362 0x0dd8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:31:15.0366 0x0dd8 SessionEnv - ok
14:31:15.0375 0x0dd8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:31:15.0376 0x0dd8 sffdisk - ok
14:31:15.0383 0x0dd8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:31:15.0384 0x0dd8 sffp_mmc - ok
14:31:15.0399 0x0dd8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:31:15.0400 0x0dd8 sffp_sd - ok
14:31:15.0413 0x0dd8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:31:15.0414 0x0dd8 sfloppy - ok
14:31:15.0448 0x0dd8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:31:15.0456 0x0dd8 SharedAccess - ok
14:31:15.0489 0x0dd8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:31:15.0499 0x0dd8 ShellHWDetection - ok
14:31:15.0514 0x0dd8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:31:15.0516 0x0dd8 SiSRaid2 - ok
14:31:15.0541 0x0dd8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:31:15.0543 0x0dd8 SiSRaid4 - ok
14:31:15.0563 0x0dd8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:31:15.0565 0x0dd8 Smb - ok
14:31:15.0706 0x0dd8 [ B8EF6F1FAFBE89E24E152907605E7A25, B1771BB419265EFBA3185DA884FD921C66A86492C3DF19AB06E26010372C9442 ] SmcService C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe
14:31:15.0757 0x0dd8 SmcService - ok
14:31:15.0798 0x0dd8 [ 89733DCC3817455FBC3AB4A3C19EE765, 0D550153860D9557BC5E8B7B03CEF677FA4E24DB0A8F51F536B87D1CD0100A1C ] SNAC C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\snac64.exe
14:31:15.0805 0x0dd8 SNAC - ok
14:31:15.0841 0x0dd8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:31:15.0844 0x0dd8 SNMPTRAP - ok
14:31:15.0873 0x0dd8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:31:15.0874 0x0dd8 spldr - ok
14:31:15.0922 0x0dd8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:31:15.0935 0x0dd8 Spooler - ok
14:31:16.0072 0x0dd8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:31:16.0144 0x0dd8 sppsvc - ok
14:31:16.0167 0x0dd8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:31:16.0171 0x0dd8 sppuinotify - ok
14:31:16.0270 0x0dd8 [ E9254892A2D74E537BAD3092F0F8EE40, BEB715404B799F3181C699E233F98B2A913BEB677E94ABE8E2872499FC755385 ] SQLBrowser C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
14:31:16.0276 0x0dd8 SQLBrowser - ok
14:31:16.0362 0x0dd8 [ F4A50C0B17A39B77B2DAB6A89C1A820F, 750CB6E862D45B28BF2822D5A053FB06D2D45EE45C8F28322BE892E81E48FB47 ] SQLSERVERAGENT C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE
14:31:16.0376 0x0dd8 SQLSERVERAGENT - ok
14:31:16.0454 0x0dd8 [ 055B0DE7BCDB14FB18279F09DCA07954, 94944F996F2F73233A96F8E766606EA5CCC7142EA2AF4BCEFD2603578F2B4A4A ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
14:31:16.0457 0x0dd8 SQLWriter - ok
14:31:16.0520 0x0dd8 [ 48FD53FED3C81726001E438A2201E9FF, 96CC81F74917960382101AD839D86DEA8B48BE7211A00BCC2AB400BA1E4CBCB1 ] SRTSP C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSP64.SYS
14:31:16.0534 0x0dd8 SRTSP - ok
14:31:16.0552 0x0dd8 [ 63199A936D9BDEA578DFB8F5E9A40095, B38593311A6ACCA1F3EE3F441A533DCB7639E6E6FCA4A83A5B11696A355CD533 ] SRTSPX C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SRTSPX64.SYS
14:31:16.0553 0x0dd8 SRTSPX - ok
14:31:16.0599 0x0dd8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:31:16.0608 0x0dd8 srv - ok
14:31:16.0649 0x0dd8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:31:16.0658 0x0dd8 srv2 - ok
14:31:16.0688 0x0dd8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:31:16.0691 0x0dd8 srvnet - ok
14:31:16.0730 0x0dd8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:31:16.0736 0x0dd8 SSDPSRV - ok
14:31:16.0754 0x0dd8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:31:16.0758 0x0dd8 SstpSvc - ok
14:31:16.0783 0x0dd8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:31:16.0785 0x0dd8 stexstor - ok
14:31:16.0829 0x0dd8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:31:16.0842 0x0dd8 stisvc - ok
14:31:16.0868 0x0dd8 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
14:31:16.0870 0x0dd8 storflt - ok
14:31:16.0893 0x0dd8 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
14:31:16.0896 0x0dd8 StorSvc - ok
14:31:16.0920 0x0dd8 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
14:31:16.0922 0x0dd8 storvsc - ok
14:31:16.0944 0x0dd8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:31:16.0945 0x0dd8 swenum - ok
14:31:16.0983 0x0dd8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:31:16.0995 0x0dd8 swprv - ok
14:31:17.0029 0x0dd8 [ F017987B177F7BBC989318D59309D091, 3ED316AC86FB1F871B36ABA65E5B164B22D255B7509574A2CA8FC878A1142266 ] SymDS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS
14:31:17.0037 0x0dd8 SymDS - ok
14:31:17.0079 0x0dd8 [ E7F25D768EE0CDF69D8B752398C262BB, D401B892EB4C7CFCEDBFB228EA8918513674A26516CA733F4777050F4F425D2A ] SymEFA C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS
14:31:17.0097 0x0dd8 SymEFA - ok
14:31:17.0146 0x0dd8 [ 36B77F5C9E21F88A8C8EC67AD5415819, 0ECB96799F614C1C17F2D705A3C17E83078225A2350F3048A11F5C3164F7894A ] SymEvent C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
14:31:17.0150 0x0dd8 SymEvent - ok
14:31:17.0168 0x0dd8 [ 1611FA7A95A48387DF22757FA81B46A9, B32C4D9FB9D35B5A37D9BF321F6BE2964EE536BADFFEB23C3D8693C08B35A795 ] SymIRON C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS
14:31:17.0171 0x0dd8 SymIRON - ok
14:31:17.0197 0x0dd8 [ D41557715C1C792D1391DB5AA81A00DF, D08013347ED5F3CD62BF48075A2A5C71E2EE5E95A7BDB43F2435D5F0F19880D8 ] SYMNETS C:\Windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS
14:31:17.0204 0x0dd8 SYMNETS - ok
14:31:17.0300 0x0dd8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:31:17.0336 0x0dd8 SysMain - ok
14:31:17.0352 0x0dd8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:31:17.0356 0x0dd8 TabletInputService - ok
14:31:17.0382 0x0dd8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:31:17.0390 0x0dd8 TapiSrv - ok
14:31:17.0408 0x0dd8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:31:17.0412 0x0dd8 TBS - ok
14:31:17.0498 0x0dd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:31:17.0538 0x0dd8 Tcpip - ok
14:31:17.0661 0x0dd8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:31:17.0697 0x0dd8 TCPIP6 - ok
14:31:17.0737 0x0dd8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:31:17.0738 0x0dd8 tcpipreg - ok
14:31:17.0769 0x0dd8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:31:17.0770 0x0dd8 TDPIPE - ok
14:31:17.0797 0x0dd8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:31:17.0798 0x0dd8 TDTCP - ok
14:31:17.0832 0x0dd8 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:31:17.0835 0x0dd8 tdx - ok
14:31:18.0093 0x0dd8 [ 2AA61246A5B813C1B12BCCFAA6F23DD8, 74EE3DB839A0F4BC781294803281DB2248D013B8808FF05F2EE9597C14C6FEED ] TeamViewer C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
14:31:18.0205 0x0dd8 TeamViewer - ok
14:31:18.0247 0x0dd8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:31:18.0249 0x0dd8 TermDD - ok
14:31:18.0294 0x0dd8 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
14:31:18.0309 0x0dd8 TermService - ok
14:31:18.0333 0x0dd8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:31:18.0337 0x0dd8 Themes - ok
14:31:18.0359 0x0dd8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:31:18.0362 0x0dd8 THREADORDER - ok
14:31:18.0381 0x0dd8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:31:18.0385 0x0dd8 TrkWks - ok
14:31:18.0434 0x0dd8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:31:18.0438 0x0dd8 TrustedInstaller - ok
14:31:18.0477 0x0dd8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:31:18.0479 0x0dd8 tssecsrv - ok
14:31:18.0519 0x0dd8 [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:31:18.0521 0x0dd8 TsUsbFlt - ok
14:31:18.0557 0x0dd8 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:31:18.0558 0x0dd8 TsUsbGD - ok
14:31:18.0597 0x0dd8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:31:18.0600 0x0dd8 tunnel - ok
14:31:18.0616 0x0dd8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:31:18.0618 0x0dd8 uagp35 - ok
14:31:18.0641 0x0dd8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:31:18.0648 0x0dd8 udfs - ok
14:31:18.0684 0x0dd8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:31:18.0687 0x0dd8 UI0Detect - ok
14:31:18.0724 0x0dd8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:31:18.0727 0x0dd8 uliagpkx - ok
14:31:18.0758 0x0dd8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:31:18.0759 0x0dd8 umbus - ok
14:31:18.0772 0x0dd8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
14:31:18.0773 0x0dd8 UmPass - ok
14:31:18.0802 0x0dd8 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
14:31:18.0808 0x0dd8 UmRdpService - ok
14:31:18.0835 0x0dd8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:31:18.0844 0x0dd8 upnphost - ok
14:31:18.0879 0x0dd8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:31:18.0882 0x0dd8 usbccgp - ok
14:31:18.0918 0x0dd8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:31:18.0920 0x0dd8 usbcir - ok
14:31:18.0954 0x0dd8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
14:31:18.0956 0x0dd8 usbehci - ok
14:31:19.0002 0x0dd8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:31:19.0009 0x0dd8 usbhub - ok
14:31:19.0024 0x0dd8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:31:19.0025 0x0dd8 usbohci - ok
14:31:19.0047 0x0dd8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:31:19.0048 0x0dd8 usbprint - ok
14:31:19.0083 0x0dd8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
14:31:19.0085 0x0dd8 usbscan - ok
14:31:19.0113 0x0dd8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:31:19.0116 0x0dd8 USBSTOR - ok
14:31:19.0154 0x0dd8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
14:31:19.0155 0x0dd8 usbuhci - ok
14:31:19.0177 0x0dd8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:31:19.0180 0x0dd8 UxSms - ok
14:31:19.0190 0x0dd8 [ CA4FC33FB22D92368A0B221092B46374, 2FB8C496216E5D11627F7832B3B8ABE486E71DF4EC28EABE33F89847BFC5E591 ] VaultSvc C:\Windows\system32\lsass.exe
14:31:19.0192 0x0dd8 VaultSvc - ok
14:31:19.0218 0x0dd8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:31:19.0220 0x0dd8 vdrvroot - ok
14:31:19.0249 0x0dd8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:31:19.0261 0x0dd8 vds - ok
14:31:19.0282 0x0dd8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:31:19.0284 0x0dd8 vga - ok
14:31:19.0296 0x0dd8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:31:19.0297 0x0dd8 VgaSave - ok
14:31:19.0319 0x0dd8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:31:19.0323 0x0dd8 vhdmp - ok
14:31:19.0354 0x0dd8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:31:19.0355 0x0dd8 viaide - ok
14:31:19.0391 0x0dd8 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
14:31:19.0395 0x0dd8 vmbus - ok
14:31:19.0411 0x0dd8 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
14:31:19.0412 0x0dd8 VMBusHID - ok
14:31:19.0441 0x0dd8 vmci - ok
14:31:19.0449 0x0dd8 VMnetAdapter - ok
14:31:19.0470 0x0dd8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:31:19.0472 0x0dd8 volmgr - ok
14:31:19.0493 0x0dd8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:31:19.0502 0x0dd8 volmgrx - ok
14:31:19.0529 0x0dd8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:31:19.0535 0x0dd8 volsnap - ok
14:31:19.0560 0x0dd8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:31:19.0564 0x0dd8 vsmraid - ok
14:31:19.0663 0x0dd8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:31:19.0696 0x0dd8 VSS - ok
14:31:19.0714 0x0dd8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:31:19.0715 0x0dd8 vwifibus - ok
14:31:19.0736 0x0dd8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:31:19.0746 0x0dd8 W32Time - ok
14:31:19.0772 0x0dd8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:31:19.0773 0x0dd8 WacomPen - ok
14:31:19.0804 0x0dd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:31:19.0806 0x0dd8 WANARP - ok
14:31:19.0821 0x0dd8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:31:19.0824 0x0dd8 Wanarpv6 - ok
14:31:19.0895 0x0dd8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:31:19.0926 0x0dd8 wbengine - ok
14:31:19.0951 0x0dd8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:31:19.0957 0x0dd8 WbioSrvc - ok
14:31:19.0984 0x0dd8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:31:19.0993 0x0dd8 wcncsvc - ok
14:31:20.0014 0x0dd8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:31:20.0018 0x0dd8 WcsPlugInService - ok
14:31:20.0040 0x0dd8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
14:31:20.0041 0x0dd8 Wd - ok
14:31:20.0096 0x0dd8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:31:20.0112 0x0dd8 Wdf01000 - ok
14:31:20.0151 0x0dd8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:31:20.0156 0x0dd8 WdiServiceHost - ok
14:31:20.0167 0x0dd8 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:31:20.0171 0x0dd8 WdiSystemHost - ok
14:31:20.0219 0x0dd8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:31:20.0226 0x0dd8 WebClient - ok
14:31:20.0256 0x0dd8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:31:20.0263 0x0dd8 Wecsvc - ok
14:31:20.0277 0x0dd8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:31:20.0281 0x0dd8 wercplsupport - ok
14:31:20.0315 0x0dd8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:31:20.0319 0x0dd8 WerSvc - ok
14:31:20.0336 0x0dd8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:31:20.0337 0x0dd8 WfpLwf - ok
14:31:20.0360 0x0dd8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:31:20.0361 0x0dd8 WIMMount - ok
14:31:20.0383 0x0dd8 WinDefend - ok
14:31:20.0401 0x0dd8 WinHttpAutoProxySvc - ok
14:31:20.0454 0x0dd8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:31:20.0460 0x0dd8 Winmgmt - ok
14:31:20.0570 0x0dd8 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
14:31:20.0610 0x0dd8 WinRM - ok
14:31:20.0660 0x0dd8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:31:20.0661 0x0dd8 WinUsb - ok
14:31:20.0707 0x0dd8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:31:20.0727 0x0dd8 Wlansvc - ok
14:31:20.0748 0x0dd8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:31:20.0749 0x0dd8 WmiAcpi - ok
14:31:20.0787 0x0dd8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:31:20.0792 0x0dd8 wmiApSrv - ok
14:31:20.0814 0x0dd8 WMPNetworkSvc - ok
14:31:20.0820 0x0dd8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:31:20.0823 0x0dd8 WPCSvc - ok
14:31:20.0843 0x0dd8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:31:20.0848 0x0dd8 WPDBusEnum - ok
14:31:20.0869 0x0dd8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:31:20.0870 0x0dd8 ws2ifsl - ok
14:31:20.0892 0x0dd8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:31:20.0896 0x0dd8 wscsvc - ok
14:31:20.0903 0x0dd8 WSearch - ok
14:31:21.0032 0x0dd8 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
14:31:21.0083 0x0dd8 wuauserv - ok
14:31:21.0112 0x0dd8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:31:21.0115 0x0dd8 WudfPf - ok
14:31:21.0143 0x0dd8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:31:21.0148 0x0dd8 WUDFRd - ok
14:31:21.0174 0x0dd8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:31:21.0179 0x0dd8 wudfsvc - ok
14:31:21.0225 0x0dd8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:31:21.0232 0x0dd8 WwanSvc - ok
14:31:21.0240 0x0dd8 ================ Scan global ===============================
14:31:21.0267 0x0dd8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:31:21.0305 0x0dd8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:31:21.0319 0x0dd8 [ EA32F4EA3AE06EDD122FBCD5A489E457, C6E464170121D1714A367CFC80C5EA15D42AD34909039FDB114EAD3B878A47F6 ] C:\Windows\system32\winsrv.dll
14:31:21.0357 0x0dd8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:31:21.0389 0x0dd8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:31:21.0397 0x0dd8 [ Global ] - ok
14:31:21.0398 0x0dd8 ================ Scan MBR ==================================
14:31:21.0413 0x0dd8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:31:21.0624 0x0dd8 \Device\Harddisk0\DR0 - ok
14:31:21.0625 0x0dd8 ================ Scan VBR ==================================
14:31:21.0629 0x0dd8 [ F769AA0408A7FABB7A0BE02CC2B6057E ] \Device\Harddisk0\DR0\Partition1
14:31:21.0630 0x0dd8 \Device\Harddisk0\DR0\Partition1 - ok
14:31:21.0635 0x0dd8 [ 299D461E9AB116841197CF11FCB8C71C ] \Device\Harddisk0\DR0\Partition2
14:31:21.0639 0x0dd8 \Device\Harddisk0\DR0\Partition2 - ok
14:31:21.0643 0x0dd8 [ B387B3E85DD46C84BFFF0B66AE451F67 ] \Device\Harddisk0\DR0\Partition3
14:31:21.0645 0x0dd8 \Device\Harddisk0\DR0\Partition3 - ok
14:31:21.0646 0x0dd8 ================ Scan generic autorun ======================
14:31:21.0665 0x0dd8 [ 92FDB0658CA16974B4AE80E248A5B118, 9E0CF6A9C845C5F9E4B80B9105DBECE15ACC27984FCBFD8774C00EBE20DB652F ] C:\Windows\system32\igfxtray.exe
14:31:21.0669 0x0dd8 IgfxTray - ok
14:31:21.0693 0x0dd8 [ 23A6AE66AA4BEF792649736385BB51BA, FC85E38B2F5F52E970EAE5DAFC3B738BCC8BF596AF3766F0EDA03040664E1F08 ] C:\Windows\system32\hkcmd.exe
14:31:21.0702 0x0dd8 HotKeysCmds - ok
14:31:21.0726 0x0dd8 [ F6FA1865978214FB7FCD80149BBF1C13, 3CA24827982B521986DBE1E5600316155800C3777BAF415B978C7FE9F3AA3DD2 ] C:\Windows\system32\igfxpers.exe
14:31:21.0734 0x0dd8 Persistence - ok
14:31:21.0883 0x0dd8 [ 912993864DE980DE79E2317B109298AE, CD01E488E6331D0F00092A6F5B4B62F3404C9C5F0736887849AD215730C072D2 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
14:31:21.0933 0x0dd8 CanonMyPrinter - ok
14:31:21.0993 0x0dd8 [ C57096C601324DF1C5344BCD39093C0C, C2007D0585105F5AA72C6E1E9A3E69514C32F76BE3A664D4BDB6F9D256667689 ] C:\Program Files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\broadband.exe
14:31:22.0030 0x0dd8 glitch_immunity - ok
14:31:22.0082 0x0dd8 [ 12E54BDE520DC85A611D7245DF44BCE5, 8F90F71AC97CE47D6A4F3491A48E3F857E8DEFD51E2DFDD528666AFC592E3B4E ] C:\Program Files (x86)\FreePDF_XP\fpassist.exe
14:31:22.0089 0x0dd8 FreePDF Assistant - ok
14:31:22.0165 0x0dd8 [ 187F4C75A89E3F412322C94526320074, D78FA7EF93C8C7B4326A5B6DB04A92ADD091DF00658FA8731D07C5D3BE29ED04 ] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe
14:31:22.0167 0x0dd8 BCSSync - ok
14:31:22.0344 0x0dd8 [ 7B59D1D1F458B322A722E95554BB591E, F184E22D37E013580AB7FD07172C1F662275D39E036CE22DFA62B2A43823E719 ] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
14:31:22.0373 0x0dd8 CanonSolutionMenuEx - ok
14:31:22.0433 0x0dd8 [ FB2693E1B53BCEDA1F054FF2C54881E6, 41E25F1EDE25F722F9B73527B2F8B05F38EC87964DBBDEA4F1306E207A78E894 ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
14:31:22.0441 0x0dd8 IJNetworkScannerSelectorEX - ok
14:31:22.0445 0x0dd8 {E3605A1E-BEA4-4AB8-8263-6DB9FAF456C8} - ok
14:31:22.0449 0x0dd8 {A5CE53A7-7DFE-4FA4-A245-366224269746} - ok
14:31:22.0525 0x0dd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:31:22.0546 0x0dd8 Sidebar - ok
14:31:22.0585 0x0dd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:31:22.0588 0x0dd8 mctadmin - ok
14:31:22.0649 0x0dd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:31:22.0670 0x0dd8 Sidebar - ok
14:31:22.0693 0x0dd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:31:22.0696 0x0dd8 mctadmin - ok
14:31:22.0754 0x0dd8 [ 755DB0FABD639DE8D9FA6D446BA90D36, 144A3975545311270825E64FE564F16A8895573ABF0B4C0AD07A766D4E8D86DC ] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe
14:31:22.0763 0x0dd8 Gadwin PrintScreen - ok
14:31:22.0890 0x0dd8 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
14:31:22.0890 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
14:31:22.0910 0x0dd8 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:25.0506 0x0dd8 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:25.0506 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
14:31:27.0926 0x0dd8 Object send P2P result: true
14:31:30.0293 0x0dd8 [ 1ADB5BE57BD7BEB004EB857C90434D9C, F0B5B952E462CA9F75B75F1C248DF5D15AC16D7C7DF0C7178E044D35A7E15DB7 ] C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe
14:31:30.0293 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe. md5: 1ADB5BE57BD7BEB004EB857C90434D9C, sha256: F0B5B952E462CA9F75B75F1C248DF5D15AC16D7C7DF0C7178E044D35A7E15DB7
14:31:30.0302 0x0dd8 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:32.0812 0x0dd8 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:32.0812 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe
14:31:35.0231 0x0dd8 Object send P2P result: true
14:31:37.0606 0x0dd8 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
14:31:37.0606 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
14:31:37.0614 0x0dd8 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:40.0119 0x0dd8 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:40.0119 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
14:31:42.0539 0x0dd8 Object send P2P result: true
14:31:44.0930 0x0dd8 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
14:31:44.0931 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
14:31:44.0939 0x0dd8 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:47.0446 0x0dd8 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:47.0447 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
14:31:49.0866 0x0dd8 Object send P2P result: true
14:31:52.0429 0x0dd8 [ E6C60E153524E8C18E06C643B11D5AD3, 834FAEB4AE15C3F197816B0CEF7A45FE361FBDB9ED958C81584ED15751A9AE91 ] C:\Program Files\CCleaner\CCleaner64.exe
14:31:52.0533 0x0dd8 ccleaner - ok
14:31:52.0567 0x0dd8 [ 7A1AF1B1EC0FDC1F4985B70A771CA107, 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694 ] C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
14:31:52.0568 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe. md5: 7A1AF1B1EC0FDC1F4985B70A771CA107, sha256: 79C0B4B86DCB4A4A960945D602C80E80786A101B03268A4A34C91A7FCC060694
14:31:52.0573 0x0dd8 airport-fixed - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:52.0574 0x0dd8 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:52.0574 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe
14:31:54.0994 0x0dd8 Object send P2P result: true
14:31:57.0363 0x0dd8 [ 02AB5776BFDFA9BF84ED635D42C18A13, A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569 ] C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
14:31:57.0364 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe. md5: 02AB5776BFDFA9BF84ED635D42C18A13, sha256: A440F6CC3E28DD9299C1DC5D32F6F9168AED506183E88A2B47BE3C44CA593569
14:31:57.0372 0x0dd8 meat-ball - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:31:57.0373 0x0dd8 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:31:57.0373 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe
14:31:59.0796 0x0dd8 Object send P2P result: true
14:32:02.0165 0x0dd8 [ DDFC04B3820873D0F97107D67FCEF3E8, B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B ] C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
14:32:02.0165 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe. md5: DDFC04B3820873D0F97107D67FCEF3E8, sha256: B32ACDC0D300FDEB66FA750927A91D45E7D42F271A7065D8E7A863A87DC5F66B
14:32:02.0171 0x0dd8 court-design - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:32:02.0171 0x0dd8 court-design ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:32:02.0171 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe
14:32:04.0600 0x0dd8 Object send P2P result: true
14:32:06.0968 0x0dd8 [ 1ADB5BE57BD7BEB004EB857C90434D9C, F0B5B952E462CA9F75B75F1C248DF5D15AC16D7C7DF0C7178E044D35A7E15DB7 ] C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe
14:32:06.0969 0x0dd8 Suspicious file ( NoAccess ): C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe. md5: 1ADB5BE57BD7BEB004EB857C90434D9C, sha256: F0B5B952E462CA9F75B75F1C248DF5D15AC16D7C7DF0C7178E044D35A7E15DB7
14:32:06.0978 0x0dd8 issue-finger - detected Trojan-Spy.Win32.ZBot.gen ( 0 )
14:32:06.0978 0x0dd8 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - infected
14:32:06.0978 0x0dd8 Force sending object to P2P due to detect: C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe
14:32:09.0400 0x0dd8 Object send P2P result: true
14:32:11.0803 0x0dd8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:32:11.0824 0x0dd8 Sidebar - ok
14:32:11.0847 0x0dd8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:32:11.0850 0x0dd8 mctadmin - ok
14:32:11.0872 0x0dd8 AV detected via SS2: Symantec Endpoint Protection, C:\Program Files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WSCSavNotifier.exe ( 12.1.1000.157 ), 0x71000 ( enabled : updated )
14:32:11.0877 0x0dd8 Win FW state via NFP2: enabled ( trusted )
14:32:14.0225 0x0dd8 ============================================================
14:32:14.0225 0x0dd8 Scan finished
14:32:14.0225 0x0dd8 ============================================================
14:32:14.0239 0x1fb0 Detected object count: 8
14:32:14.0239 0x1fb0 Actual detected object count: 8
14:33:12.0845 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe - copied to quarantine
14:33:12.0845 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\Run:airport-fixed - will be deleted on reboot
14:33:12.0846 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe - will be deleted on reboot
14:33:12.0846 0x1fb0 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:12.0868 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe - copied to quarantine
14:33:12.0869 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\Run:issue-finger - will be deleted on reboot
14:33:12.0870 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe - will be deleted on reboot
14:33:12.0870 0x1fb0 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:12.0892 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe - copied to quarantine
14:33:12.0893 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\Run:meat-ball - will be deleted on reboot
14:33:12.0894 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe - will be deleted on reboot
14:33:12.0894 0x1fb0 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:12.0920 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe - copied to quarantine
14:33:12.0921 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\Run:court-design - will be deleted on reboot
14:33:12.0924 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe - will be deleted on reboot
14:33:12.0924 0x1fb0 court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:12.0943 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe - copied to quarantine
14:33:12.0944 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\RunOnce:airport-fixed - will be deleted on reboot
14:33:12.0945 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Airport-soil\airport-service.exe - will be deleted on reboot
14:33:12.0945 0x1fb0 airport-fixed ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:12.0967 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe - copied to quarantine
14:33:12.0968 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\RunOnce:meat-ball - will be deleted on reboot
14:33:12.0969 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Meat-guarantee\meat_range.exe - will be deleted on reboot
14:33:12.0969 0x1fb0 meat-ball ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:13.0003 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe - copied to quarantine
14:33:13.0004 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\RunOnce:court-design - will be deleted on reboot
14:33:13.0007 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Courtzone\court_star.exe - will be deleted on reboot
14:33:13.0008 0x1fb0 court-design ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:13.0035 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe - copied to quarantine
14:33:13.0038 0x1fb0 HKU\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows\CurrentVersion\RunOnce:issue-finger - will be deleted on reboot
14:33:13.0038 0x1fb0 C:\Users\Tina\AppData\Local\Temp\Issue-channel\issue-steal.exe - will be deleted on reboot
14:33:13.0038 0x1fb0 issue-finger ( Trojan-Spy.Win32.ZBot.gen ) - User select action: Delete
14:33:13.0579 0x1fb0 KLMD registered as C:\Windows\system32\drivers\98089096.sys
14:33:16.0297 0x15dc Deinitialize success
|
|
16.10.2015, 18:34
| #11 |
| /// the machine /// TB-Ausbilder | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
19.10.2015, 08:30
| #12 |
| | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Guten Morgen Schrauber, also Combofix ist ausgeführt und bis auf das eine Meldung kam (PEV.exe funktioniert nicht mehr) lief er glatt durch. Hier der Combofix Log: Code:
ATTFilter ComboFix 15-10-15.01 - Tina 19.10.2015 8:54.1.2 - x64
Microsoft Windows 7 Professional 6.1.7601.1.1252.49.1031.18.4086.1775 [GMT 2:00]
ausgeführt von:: c:\users\Tina\Desktop\ComboFix.exe
AV: Symantec Endpoint Protection *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Symantec Endpoint Protection *Disabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\SOA182C.tmp
C:\SOA184C.tmp
C:\SOA187D.tmp
C:\SOA189D.tmp
C:\SOA249F.tmp
C:\SOA24CF.tmp
C:\SOA251E.tmp
C:\SOA254E.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-09-19 bis 2015-10-19 ))))))))))))))))))))))))))))))
.
.
2015-10-19 07:20 . 2015-10-19 07:20 -------- d-----w- c:\users\MSSQLFDLauncher\AppData\Local\temp
2015-10-19 07:20 . 2015-10-19 07:20 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-10-15 12:27 . 2015-10-15 12:33 -------- d-----w- C:\TDSSKiller_Quarantine
2015-10-14 10:41 . 2015-10-14 14:16 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-10-14 10:41 . 2015-10-14 10:41 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-10-14 10:40 . 2015-10-14 10:40 109272 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-10-12 11:59 . 2015-10-12 12:11 -------- d-----w- C:\FRST
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="c:\program files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe" [2011-05-03 487424]
"ccleaner"="c:\program files\CCleaner\CCleaner64.exe" [2012-12-19 5628848]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"FreePDF Assistant"="c:\program files (x86)\FreePDF_XP\fpassist.exe" [2011-02-23 371200]
"BCSSync"="c:\program files (x86)\Microsoft Office\Office14\BCSSync.exe" [2012-11-05 89184]
"CanonSolutionMenuEx"="c:\program files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE" [2011-08-04 1637496]
"IJNetworkScannerSelectorEX"="c:\program files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe" [2011-09-27 439440]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
VR-NetWorld Auftragsprüfung.lnk - c:\program files (x86)\VR-NetWorld\VRToolCheckOrder.exe /autostart [2013-8-8 1137664]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 base_station;automation;c:\windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\baseline.exe;c:\windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\baseline.exe [x]
R2 charge_termination_method;internal_temperature;c:\windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\laplace_transform.exe;c:\windows\assembly\GAC\VSLangProj\7.0.3300.0__b03f5f7f11d50a3a\linear_fan_control\laplace_transform.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 galvanic_isolation;bandwidth;c:\windows\AppCompat\Programs\monotonic\mechanical_filter.exe;c:\windows\AppCompat\Programs\monotonic\mechanical_filter.exe [x]
R2 MsDtsServer110;SQL Server Integration Services 11.0;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe;c:\program files\Microsoft SQL Server\110\DTS\Binn\MsDtsSrvr.exe [x]
R2 ReportServer;SQL Server Reporting Services (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe;c:\program files\Microsoft SQL Server\MSRS11.MSSQLSERVER\Reporting Services\ReportServer\bin\ReportingServicesService.exe [x]
R3 BrSerIb;Brother Serial Interface Driver(WDM);c:\windows\system32\DRIVERS\BrSerIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrSerIb.sys [x]
R3 BrUsbSIb;Brother Serial USB Driver(WDM);c:\windows\system32\DRIVERS\BrUsbSIb.sys;c:\windows\SYSNATIVE\DRIVERS\BrUsbSIb.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MSSQLFDLauncher;SQL Full-text Filter Daemon Launcher (MSSQLSERVER);c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe;c:\program files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R4 RsFx0201;RsFx0201 Driver;c:\windows\system32\DRIVERS\RsFx0201.sys;c:\windows\SYSNATIVE\DRIVERS\RsFx0201.sys [x]
S0 SymDS;Symantec Data Store;c:\windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0103E8\009D.105\x64\SYMDS64.SYS [x]
S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0103E8\009D.105\x64\SYMEFA64.SYS [x]
S1 BHDrvx64;BHDrvx64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\BASHDefs\20151005.011\BHDrvx64.sys [x]
S1 IDSVia64;IDSVia64;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151015.001\IDSvia64.sys;c:\programdata\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Data\Definitions\IPSDefs\20151015.001\IDSvia64.sys [x]
S1 SymIRON;Symantec Iron Driver;c:\windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0103E8\009D.105\x64\Ironx64.SYS [x]
S1 SYMNETS;Symantec Network Security WFP Driver;c:\windows\system32\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS;c:\windows\SYSNATIVE\Drivers\SEP\0C0103E8\009D.105\x64\SYMNETS.SYS [x]
S2 SageDeploymentService;Sage Verteilungsdienst;c:\program files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe;c:\program files (x86)\Common Files\Sage Software Shared\Deploymentservice.exe [x]
S2 SageMultiUserService40;Sage Mehrbenutzerdienst 4.0;c:\program files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe;c:\program files (x86)\Common Files\Sage Software Shared\MultiUserServiceServer.exe [x]
S2 SepMasterService;Symantec Endpoint Protection;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe;c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe [x]
S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys;c:\program files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [x]
S3 RTL8023x64;Realtek 10/100-Netzwerkkartenfamilie-NDIS-x64-Treiber;c:\windows\system32\DRIVERS\Rtnic64.sys;c:\windows\SYSNATIVE\DRIVERS\Rtnic64.sys [x]
.
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2009-09-23 165912]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2009-09-23 385560]
"Persistence"="c:\windows\system32\igfxpers.exe" [2009-09-23 363544]
"CanonMyPrinter"="c:\program files\Canon\MyPrinter\BJMyPrt.exe" [2011-07-19 2780776]
"glitch_immunity"="c:\program files\Common Files\Microsoft Shared\ink\bg-BG\min_los_sens\amp_hour.exe" [2015-09-15 238592]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = https://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~1\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.178.1
FF - ProfilePath -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Notify-SEP - c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\WinLogoutNotifier.dll
SafeBoot-30687968.sys
SafeBoot-85850536.sys
SafeBoot-98575237.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SepMasterService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\ccSvcHst.exe\" /s \"Symantec Endpoint Protection\" /m \"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin\sms.dll\" /prefetch:1"
--
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SmcService]
"ImagePath"="\"c:\program files (x86)\Symantec\Symantec Endpoint Protection\12.1.1000.157.105\Bin64\Smc.exe\" /prefetch:1"
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-1451804703-4159516416-4063369182-1011\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
@DACL=(02 0000)
"ExcludeProfileDirs"="AppData\\Local;AppData\\LocalLow;$Recycle.Bin"
"BuildNumber"=dword:00001db1
"FirstLogon"=dword:00000000
"ParseAutoexec"="1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_134_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_134.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Symantec\Symantec Endpoint Protection\CurrentVersion]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-10-19 09:27:26
ComboFix-quarantined-files.txt 2015-10-19 07:27
.
Vor Suchlauf: 10 Verzeichnis(se), 26.448.306.176 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 26.330.734.592 Bytes frei
.
- - End Of File - - 61275F42DF0BE081001C9A27366FA824
A36C5E4F47E84449FF07ED3517B43A31
|
|
19.10.2015, 20:00
| #13 |
| /// the machine /// TB-Ausbilder | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
22.10.2015, 08:33
| #14 |
| | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( Guten Morgen Schrauber, sorry das die Logs jetzt erst kommen, aber ich war krankheitsbedingt nicht im Büro! :-) Mbam.txt: Code:
ATTFilter <?xml version="1.0" encoding="UTF-16" ?>
<mbam-log>
<header>
<date>2015/10/22 08:29:48 +0200</date>
<logfile>mbam-log-2015-10-22 (08-29-31).xml</logfile>
<isadmin>yes</isadmin>
</header>
<engine>
<version>2.2.0.1024</version>
<malware-database>v2015.10.22.01</malware-database>
<rootkit-database>v2015.10.16.01</rootkit-database>
<license>free</license>
<file-protection>disabled</file-protection>
<web-protection>disabled</web-protection>
<self-protection>disabled</self-protection>
</engine>
<system>
<hostname>ADD-INN-BUHA</hostname>
<ip>192.168.178.22</ip>
<osversion>Windows 7 Service Pack 1</osversion>
<arch>x64</arch>
<username>Tina</username>
<filesys>NTFS</filesys>
</system>
<summary>
<type>threat</type>
<result>completed</result>
<objects>382964</objects>
<time>2398</time>
<processes>0</processes>
<modules>0</modules>
<keys>1</keys>
<values>0</values>
<datas>0</datas>
<folders>0</folders>
<files>1</files>
<sectors>0</sectors>
</summary>
<options>
<memory>enabled</memory>
<startup>enabled</startup>
<filesystem>enabled</filesystem>
<archives>enabled</archives>
<rootkits>disabled</rootkits>
<deeprootkit>disabled</deeprootkit>
<heuristics>enabled</heuristics>
<pup>enabled</pup>
<pum>enabled</pum>
</options>
<items>
<key><path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\galvanic_isolation</path><vendor>Trojan.Crypt</vendor><action>success</action><hash>cc2dd18872196ec84d76731c32cf60a0</hash></key>
<file><path>C:\Windows\AppCompat\Programs\monotonic\mechanical_filter.exe</path><vendor>Trojan.Crypt</vendor><action>success</action><hash>cc2dd18872196ec84d76731c32cf60a0</hash></file>
</items>
</mbam-log>
Code:
ATTFilter # AdwCleaner v5.014 - Bericht erstellt am 22/10/2015 um 09:21:36
# Aktualisiert am 18/10/2015 von Xplode
# Datenbank : 2015-10-18.5 [Server]
# Betriebssystem : Windows 7 Professional Service Pack 1 (x64)
# Benutzername : Tina - ADD-INN-BUHA
# Gestartet von : C:\Users\Tina\Desktop\AdwCleaner_5.014.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Geplante Tasks ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
*************************
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Internet Explorer Richtlinien gelöscht
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [822 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows 7 Professional x64
Ran by Tina on 22.10.2015 at 9:26:45,77
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer
~~~ Files
~~~ Folders
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.10.2015 at 9:30:00,09
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
23.10.2015, 07:30
| #15 |
| /// the machine /// TB-Ausbilder | Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-(ESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Mein Symantec bringt mir div. Trojaner u. Viren Warnungen, auch Optionen zum bereinigen, aber die dinger sind immer noch da :-( |
| bereinige, bereinigen, confused, dinger, frst.txt, gen, helft, hoffe, immer wieder, langsam, spring, springt, symantec, troja, trojaner, unendlich, viren, warnungen, weiterhelfen, woche |
Linear-Darstellung
