| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Bootsektorvirus BOO/TDss.oWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.10.2013, 19:16
| #1 |
| |  Bootsektorvirus BOO/TDss.o Hallo, ich habe folgendes Problem: Ich habe seit längerer Zeit den Bootsektorvirus BOO/TDss.o auf meinem System (Windows 8). Nun versuche ich seit ein paar Tagen verzweifelt, ihn loszuwerden: Ich habe zunächst den Pc von der Windows-CD aus gebootet und dort in der Konsole mittels "bootrec/fixmbr" den Master Boot Record neu geschrieben. Anschließend habe ich das System ohne es neu zu starten mittels der Windows-CD zunächst formatiert und dann Windows neu installiert. Nach der Installation zeigt Avira Antivir aber immer noch den Virus an. Was kann ich noch tun? bzw. was mache ich falsch? Kann es sein, dass die Windows-CD bereits vom Virus befallen ist? Hier der Scan-Log: Avira Free Antivirus Erstellungsdatum der Reportdatei: Freitag, 25. Oktober 2013 08:24 Das Programm läuft als uneingeschränkte Vollversion. Online-Dienste stehen zur Verfügung. Lizenznehmer : Avira Free Antivirus Seriennummer : 0000149996-ADJIE-0000001 Plattform : Windows 8 Pro Windowsversion : (plain) [6.2.9200] Boot Modus : Normal gebootet Benutzername : SYSTEM Computername : MARKUS Versionsinformationen: BUILD.DAT : 14.0.0.411 55393 Bytes 10.10.2013 19:14:00 AVSCAN.EXE : 14.0.0.383 968776 Bytes 10.10.2013 17:14:05 AVSCANRC.DLL : 14.0.0.225 62024 Bytes 10.10.2013 17:14:05 LUKE.DLL : 14.0.0.383 65096 Bytes 10.10.2013 17:14:07 AVSCPLR.DLL : 14.0.0.383 92232 Bytes 10.10.2013 17:14:05 AVREG.DLL : 14.0.0.383 250440 Bytes 10.10.2013 17:14:05 avlode.dll : 14.0.0.383 512584 Bytes 10.10.2013 17:14:05 avlode.rdf : 13.0.1.42 26846 Bytes 10.10.2013 17:14:05 VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 17:14:08 VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 17:14:08 VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 17:14:08 VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:14:08 VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 17:14:08 VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:14:08 VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 17:14:08 VBASE007.VDF : 7.11.103.231 2048 Bytes 24.09.2013 17:14:08 VBASE008.VDF : 7.11.103.232 2048 Bytes 24.09.2013 17:14:08 VBASE009.VDF : 7.11.103.233 2048 Bytes 24.09.2013 17:14:08 VBASE010.VDF : 7.11.103.234 2048 Bytes 24.09.2013 17:14:08 VBASE011.VDF : 7.11.103.235 2048 Bytes 24.09.2013 17:14:08 VBASE012.VDF : 7.11.103.236 2048 Bytes 24.09.2013 17:14:08 VBASE013.VDF : 7.11.103.237 2048 Bytes 24.09.2013 17:14:08 VBASE014.VDF : 7.11.104.123 282112 Bytes 26.09.2013 17:14:08 VBASE015.VDF : 7.11.104.237 359424 Bytes 28.09.2013 17:14:08 VBASE016.VDF : 7.11.105.103 195072 Bytes 02.10.2013 17:14:08 VBASE017.VDF : 7.11.105.243 571904 Bytes 07.10.2013 17:14:08 VBASE018.VDF : 7.11.106.91 185856 Bytes 08.10.2013 17:14:08 VBASE019.VDF : 7.11.106.167 183296 Bytes 09.10.2013 01:28:51 VBASE020.VDF : 7.11.107.5 236544 Bytes 11.10.2013 01:28:51 VBASE021.VDF : 7.11.107.85 178688 Bytes 13.10.2013 01:28:51 VBASE022.VDF : 7.11.107.163 276992 Bytes 15.10.2013 01:28:51 VBASE023.VDF : 7.11.108.15 308224 Bytes 17.10.2013 01:28:52 VBASE024.VDF : 7.11.108.79 190464 Bytes 18.10.2013 01:28:52 VBASE025.VDF : 7.11.108.159 245248 Bytes 20.10.2013 01:28:52 VBASE026.VDF : 7.11.109.41 454144 Bytes 23.10.2013 01:28:53 VBASE027.VDF : 7.11.109.42 2048 Bytes 23.10.2013 01:28:53 VBASE028.VDF : 7.11.109.43 2048 Bytes 23.10.2013 01:28:53 VBASE029.VDF : 7.11.109.44 2048 Bytes 23.10.2013 01:28:53 VBASE030.VDF : 7.11.109.45 2048 Bytes 23.10.2013 01:28:53 VBASE031.VDF : 7.11.109.82 154112 Bytes 24.10.2013 01:28:53 Engineversion : 8.2.12.134 AEVDF.DLL : 8.1.3.4 102774 Bytes 10.10.2013 17:14:02 AESCRIPT.DLL : 8.1.4.160 516478 Bytes 25.10.2013 01:28:57 AESCN.DLL : 8.1.10.4 131446 Bytes 10.10.2013 17:14:02 AESBX.DLL : 8.2.16.26 1245560 Bytes 10.10.2013 17:14:02 AERDL.DLL : 8.2.0.128 688504 Bytes 10.10.2013 17:14:02 AEPACK.DLL : 8.3.3.4 758136 Bytes 25.10.2013 01:28:56 AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10.10.2013 17:14:02 AEHEUR.DLL : 8.1.4.716 6209914 Bytes 25.10.2013 01:28:56 AEHELP.DLL : 8.1.27.6 266617 Bytes 10.10.2013 17:14:02 AEGEN.DLL : 8.1.7.14 446839 Bytes 10.10.2013 17:14:02 AEEXP.DLL : 8.4.1.84 344439 Bytes 25.10.2013 01:28:57 AEEMU.DLL : 8.1.3.2 393587 Bytes 10.10.2013 17:14:02 AECORE.DLL : 8.1.32.0 201081 Bytes 10.10.2013 17:14:02 AEBB.DLL : 8.1.1.4 53619 Bytes 10.10.2013 17:14:02 AVWINLL.DLL : 14.0.0.225 23624 Bytes 10.10.2013 17:14:05 AVPREF.DLL : 14.0.0.225 48712 Bytes 10.10.2013 17:14:05 AVREP.DLL : 14.0.0.225 175688 Bytes 10.10.2013 17:14:05 AVARKT.DLL : 14.0.0.225 257096 Bytes 10.10.2013 17:14:03 AVEVTLOG.DLL : 14.0.0.383 165960 Bytes 10.10.2013 17:14:03 SQLITE3.DLL : 3.7.0.1 394824 Bytes 10.10.2013 17:14:07 AVSMTP.DLL : 14.0.0.225 60488 Bytes 10.10.2013 17:14:05 NETNT.DLL : 14.0.0.225 13384 Bytes 10.10.2013 17:14:07 RCIMAGE.DLL : 14.0.0.225 4786760 Bytes 10.10.2013 17:14:07 RCTEXT.DLL : 14.0.0.225 67144 Bytes 10.10.2013 17:14:07 Konfiguration für den aktuellen Suchlauf: Job Name..............................: Vollständige Systemprüfung Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp Protokollierung.......................: standard Primäre Aktion........................: Interaktiv Sekundäre Aktion......................: Ignorieren Durchsuche Masterbootsektoren.........: ein Durchsuche Bootsektoren...............: ein Bootsektoren..........................: C:, Durchsuche aktive Programme...........: ein Laufende Programme erweitert..........: ein Durchsuche Registrierung..............: ein Suche nach Rootkits...................: ein Integritätsprüfung von Systemdateien..: aus Prüfe alle Dateien....................: Alle Dateien Durchsuche Archive....................: ein Rekursionstiefe einschränken..........: 20 Archiv Smart Extensions...............: ein Makrovirenheuristik...................: ein Dateiheuristik........................: erweitert Beginn des Suchlaufs: Freitag, 25. Oktober 2013 08:24 Der Suchlauf über die Bootsektoren wird begonnen: Bootsektor 'HDD0(C  '[FUND] Enthält Code des Bootsektorvirus BOO/TDss.O Der Suchlauf nach versteckten Objekten wird begonnen. Der Suchlauf über gestartete Prozesse wird begonnen: Durchsuche Prozess 'svchost.exe' - '40' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '195' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '109' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '72' Modul(e) wurden durchsucht Durchsuche Prozess 'spoolsv.exe' - '68' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '77' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '64' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchIndexer.exe' - '60' Modul(e) wurden durchsucht Durchsuche Prozess 'dashost.exe' - '53' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht Durchsuche Prozess 'DllHost.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'wmpnetwk.exe' - '76' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'avguard.exe' - '103' Modul(e) wurden durchsucht Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'sched.exe' - '55' Modul(e) wurden durchsucht Durchsuche Prozess 'avwebg7.exe' - '58' Modul(e) wurden durchsucht Durchsuche Prozess 'apnmcp.exe' - '42' Modul(e) wurden durchsucht Durchsuche Prozess 'dwm.exe' - '37' Modul(e) wurden durchsucht Durchsuche Prozess 'taskhostex.exe' - '38' Modul(e) wurden durchsucht Durchsuche Prozess 'Explorer.EXE' - '181' Modul(e) wurden durchsucht Durchsuche Prozess 'LiveComm.exe' - '81' Modul(e) wurden durchsucht Durchsuche Prozess 'firefox.exe' - '110' Modul(e) wurden durchsucht Durchsuche Prozess 'avgnt.exe' - '92' Modul(e) wurden durchsucht Durchsuche Prozess 'TBNotifier.exe' - '65' Modul(e) wurden durchsucht Durchsuche Prozess 'RuntimeBroker.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'avcenter.exe' - '93' Modul(e) wurden durchsucht Durchsuche Prozess 'avscan.exe' - '111' Modul(e) wurden durchsucht Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht Durchsuche Prozess 'SearchFilterHost.exe' - '24' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '52' Modul(e) wurden durchsucht Durchsuche Prozess 'wmiprvse.exe' - '27' Modul(e) wurden durchsucht Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '13' Modul(e) wurden durchsucht Durchsuche Prozess 'wininit.exe' - '17' Modul(e) wurden durchsucht Durchsuche Prozess 'services.exe' - '25' Modul(e) wurden durchsucht Durchsuche Prozess 'lsass.exe' - '61' Modul(e) wurden durchsucht Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht Durchsuche Prozess 'WinLogon.exe' - '24' Modul(e) wurden durchsucht Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen: Die Registry wurde durchsucht ( '1112' Dateien ). Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' <Acer> Ende des Suchlaufs: Freitag, 25. Oktober 2013 08:49 Benötigte Zeit: 24:26 Minute(n) Der Suchlauf wurde vollständig durchgeführt. 19017 Verzeichnisse wurden überprüft 121857 Dateien wurden geprüft 1 Viren bzw. unerwünschte Programme wurden gefunden 0 Dateien wurden als verdächtig eingestuft 0 Dateien wurden gelöscht 0 Viren bzw. unerwünschte Programme wurden repariert 0 Dateien wurden in die Quarantäne verschoben 0 Dateien wurden umbenannt 0 Dateien konnten nicht durchsucht werden 121857 Dateien ohne Befall 530 Archive wurden durchsucht 0 Warnungen 0 Hinweise 421682 Objekte wurden beim Rootkitscan durchsucht 0 Versteckte Objekte wurden gefunden |
|
25.10.2013, 19:23
| #2 | |
| /// TB-Ausbilder   | Bootsektorvirus BOO/TDss.o Hallo,
__________________Zitat:
Lass und das anschauen: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 2 Downloade dir ListParts (von Farbar) herunter und speichere es auf den Desktop.
Schritt 3 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
25.10.2013, 19:46
| #3 |
| | Bootsektorvirus BOO/TDss.o Vielen Dank!
__________________Hier das logfile von TDSS rootkit removing tool: Code:
ATTFilter 20:38:08.0328 0x0fc8 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
20:38:27.0215 0x0fc8 ============================================================
20:38:27.0215 0x0fc8 Current date / time: 2013/10/25 20:38:27.0215
20:38:27.0215 0x0fc8 SystemInfo:
20:38:27.0215 0x0fc8
20:38:27.0215 0x0fc8 OS Version: 6.2.9200 ServicePack: 0.0
20:38:27.0215 0x0fc8 Product type: Workstation
20:38:27.0215 0x0fc8 ComputerName: Markus
20:38:27.0215 0x0fc8 UserName: Markus
20:38:27.0215 0x0fc8 Windows directory: C:\Windows
20:38:27.0215 0x0fc8 System windows directory: C:\Windows
20:38:27.0215 0x0fc8 Running under WOW64
20:38:27.0215 0x0fc8 Processor architecture: Intel x64
20:38:27.0215 0x0fc8 Number of processors: 2
20:38:27.0215 0x0fc8 Page size: 0x1000
20:38:27.0215 0x0fc8 Boot type: Normal boot
20:38:27.0215 0x0fc8 ============================================================
20:38:29.0027 0x0fc8 System UUID: {58548BA2-E657-B406-5EE4-5F1A1E10BEA6}
20:38:29.0745 0x0fc8 !crdlk
20:38:29.0760 0x0fc8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
20:38:29.0807 0x0fc8 ============================================================
20:38:29.0807 0x0fc8 \Device\Harddisk0\DR0:
20:38:29.0807 0x0fc8 MBR partitions:
20:38:29.0807 0x0fc8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
20:38:29.0807 0x0fc8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
20:38:29.0807 0x0fc8 ============================================================
20:38:29.0870 0x0fc8 C: <-> \Device\Harddisk0\DR0\Partition2
20:38:29.0870 0x0fc8 ============================================================
20:38:29.0870 0x0fc8 Initialize success
20:38:29.0870 0x0fc8 ============================================================
20:39:38.0667 0x09f0 ============================================================
20:39:38.0667 0x09f0 Scan started
20:39:38.0667 0x09f0 Mode: Manual; SigCheck; TDLFS;
20:39:38.0667 0x09f0 ============================================================
20:39:38.0667 0x09f0 KSN ping started
20:39:41.0148 0x09f0 KSN ping finished: true
20:39:41.0866 0x09f0 ================ Scan system memory ========================
20:39:41.0866 0x09f0 System memory - ok
20:39:41.0866 0x09f0 ================ Scan services =============================
20:39:42.0401 0x09f0 [ 17495C8F96D57904C2E9630CF77F5B02, 426E1F92585D922EE40E63DD8FDF8213E3ABA3A2FD6FAF869ACE1AA01E281258 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
20:39:42.0533 0x09f0 1394ohci - ok
20:39:42.0627 0x09f0 [ 20EE62BA8318B249EE4C5A208A645E7E, 3868B926461B15226068E23BBC61BE9FAFDE5C4D043EA62CDC11C027762731E2 ] 3ware C:\Windows\system32\drivers\3ware.sys
20:39:42.0658 0x09f0 3ware - ok
20:39:42.0721 0x09f0 [ 5165287A849B6DEB83D5B1E167FD31A3, D6CFDA90F28A89E5B55B22D6AAD42C99927FE345A01CDFC168CDEA1058998B63 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:39:42.0783 0x09f0 ACPI - ok
20:39:42.0799 0x09f0 [ 64F237B2C6EF0111BB870C8B64861CAD, 164304BC71165AF7D1D7E157A00DD63AD4CD2219BBB042CB30E4FF9A9C5C1F4F ] acpiex C:\Windows\system32\Drivers\acpiex.sys
20:39:42.0830 0x09f0 acpiex - ok
20:39:42.0845 0x09f0 [ A11500807F1877BD2ADBA1023E42F784, F059143C84EF34054BCF7DFD3155C366B2A2BF866DCF1953C0F1F16490159841 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
20:39:42.0892 0x09f0 acpipagr - ok
20:39:42.0908 0x09f0 [ 13C3D41BE36FE2027FB3FFCE2CD2CCF0, D524FB36FC33528F43ECBB0607D239037A8A01E506F3E4A5711A766C45C83C6C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
20:39:42.0939 0x09f0 AcpiPmi - ok
20:39:42.0955 0x09f0 [ 3EE3093708B2DCA60323B0AA14DF359F, BD11A04AC1025CC941EF15A0517283C9234657DDC1D3BBD1794EF7266B6AA85A ] acpitime C:\Windows\System32\drivers\acpitime.sys
20:39:42.0986 0x09f0 acpitime - ok
20:39:43.0079 0x09f0 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:39:43.0095 0x09f0 AdobeARMservice - ok
20:39:43.0445 0x09f0 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:39:43.0476 0x09f0 AdobeFlashPlayerUpdateSvc - ok
20:39:43.0554 0x09f0 [ 764584A0AD1BD3FF198135AD2D7692B8, DFFF1AF774AFE5CFF55F5BF4F0BE6271ACB80D6685FBF77BE0A6288F8F99C2C4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:39:43.0616 0x09f0 adp94xx - ok
20:39:43.0663 0x09f0 [ 5C82D0A150CB633A54751A3111C06398, 64EA04F87F0A1CC0A72296C0E6C13A8407F0E0635A4674B412CD7DE591826C75 ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:39:43.0710 0x09f0 adpahci - ok
20:39:43.0748 0x09f0 [ DB4E3210CE6A79ECAAD1C09AE2922322, F8D96243DADB980620310BF272449900FF996F1D000F5D2FD5456CE7A7712F6C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:39:43.0784 0x09f0 adpu320 - ok
20:39:43.0831 0x09f0 [ 8889F910936A68EEB448177DA135656F, 8281DFBBEFC111C708B7716CED7523D7DBC00CDDAB0C5A5E633C1D9BDA7B7984 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:39:43.0894 0x09f0 AeLookupSvc - ok
20:39:43.0972 0x09f0 [ D3C1DE857B2CC4DCC9805AA460E95375, 5432BE91B8D0B24E756A3228946D4C036F343D631B8B137EE701206E872F27A1 ] AFD C:\Windows\system32\drivers\afd.sys
20:39:44.0066 0x09f0 AFD - ok
20:39:44.0128 0x09f0 [ EE103CB9714AF259CE02E05B802443AE, 36B1BF40266CA6BA51F620E156455EB8AB4C4BD204AD604CF02195CEE354B7BC ] agp440 C:\Windows\system32\drivers\agp440.sys
20:39:44.0159 0x09f0 agp440 - ok
20:39:44.0206 0x09f0 [ 22A49960013C51651E5C6C0D896819FE, B6A1ECE260719F88291BB245CE667A524C75AA3C8B22ACB52920E7B1FD8E5775 ] ALG C:\Windows\System32\alg.exe
20:39:44.0269 0x09f0 ALG - ok
20:39:44.0300 0x09f0 [ 0210340186C19D133BCE3F31914BE63D, 57DCAC6D13B1BA389DA96AC9BDA350672E103CFDA0030343FE5645A6ABE7B3CE ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
20:39:44.0347 0x09f0 AllUserInstallAgent - ok
20:39:44.0393 0x09f0 [ 9AC4C8659A13D9CACBB9387A92DF4299, FFB8D82E59204AA7A4C071CC2D51862482B3A296D97E75D5CC72AAD1380C81FE ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
20:39:44.0456 0x09f0 AmdK8 - ok
20:39:44.0471 0x09f0 [ 9E2B8A93C6BAC8AD6B62853FE134E666, 66360C2DD0D2B8CB35B9605A51B60E4F719DA98967308C1914A0A7C61B851EA3 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
20:39:44.0534 0x09f0 AmdPPM - ok
20:39:44.0549 0x09f0 [ 87C7DAC076B22EE0817AA6393573770D, 22A85C5D859615236C3552794968852AE98B78811829C24C8611A314018FC846 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:39:44.0581 0x09f0 amdsata - ok
20:39:44.0612 0x09f0 [ 6BDD088E9002743EB7721998876239F4, 9D741B9B9D2A9D01C75AB244346DAFAA2F9038BA762014DF561257C7AB3E40D3 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:39:44.0659 0x09f0 amdsbs - ok
20:39:44.0690 0x09f0 [ 2EFF0617F34D7B61DDF80980EEF01D24, CE78CE21D34A185F0F798E2C4F675A866ADE9F540331CD2DEA153AECC3EC048A ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:39:44.0721 0x09f0 amdxata - ok
20:39:44.0924 0x09f0 [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:39:44.0971 0x09f0 AntiVirSchedulerService - ok
20:39:45.0033 0x09f0 [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:39:45.0064 0x09f0 AntiVirService - ok
20:39:45.0127 0x09f0 [ 59A16E5DEA0EDBEF76EA40C4E6FE597D, 4777D703E79B79673FBA9EDD44BC01D39B77E91E2336A604156DD6F5F495C257 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:39:45.0220 0x09f0 AntiVirWebService - ok
20:39:45.0267 0x09f0 [ 97BCBD4C0257A469D8E55A41C2DF29C7, 4D8980370729E731E302E7F272F7C472BEBA2115AB2DBEC5AFA790919535B724 ] AppID C:\Windows\system32\drivers\appid.sys
20:39:45.0329 0x09f0 AppID - ok
20:39:45.0376 0x09f0 [ 45E046FA37ADF4B738B9C8AEC97C81D9, FB35AEED64A82F277396AD159F36D1E025EAC76578B831B157237F5C394A3BB1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:39:45.0439 0x09f0 AppIDSvc - ok
20:39:45.0454 0x09f0 [ F8EC4211BED681F86848EC2D516BADEC, 654B81C62DFB596D08696FCF52CABCF0F670D0D45EE99189F1FBB7601A2F78CC ] Appinfo C:\Windows\System32\appinfo.dll
20:39:45.0501 0x09f0 Appinfo - ok
20:39:45.0517 0x09f0 [ 7A575C64548A630B6BF06D014D774750, 5C4F79AF927EC71F9F46FE6D6032E594344B54F822F0A30F4996C7F7B441FA9C ] AppMgmt C:\Windows\System32\appmgmts.dll
20:39:45.0579 0x09f0 AppMgmt - ok
20:39:45.0610 0x09f0 [ 3242E9F093CEC59A891AF84B664D728C, 51A21D425D4746B910101E80781F8811B14DE9EAD26F7CFBB1E4C67C750F78E4 ] arc C:\Windows\system32\drivers\arc.sys
20:39:45.0641 0x09f0 arc - ok
20:39:45.0673 0x09f0 [ 1DF0B7A719F4A29F51C22E58D4383629, BE68C5A47B465AE0E30857287E0BD17D18158F37DD408E857FA4641EE500A702 ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:39:45.0704 0x09f0 arcsas - ok
20:39:45.0735 0x09f0 [ 9D20D357E10498AA3DA5DFAAC7E4A598, C1FC676CFF0CA998A3C14B67ABD034C1B64D71961DAC35D0E8FB75853B5C5196 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:39:45.0797 0x09f0 AsyncMac - ok
20:39:45.0813 0x09f0 [ 04E65143EE20BAD768389C61718F116A, 98C2549DB1BC8772E99CB9C895A0A71BB27C4529D33F26B9CB0322AC8718E511 ] atapi C:\Windows\system32\drivers\atapi.sys
20:39:45.0844 0x09f0 atapi - ok
20:39:45.0907 0x09f0 [ 70A96EB82AE095554D7A2928FD0FB099, 412F46B64A90B541CD6A9BAF2DB6FC4F05E1CA5FEA9632C25899C871AA2AC861 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
20:39:45.0953 0x09f0 AudioEndpointBuilder - ok
20:39:45.0988 0x09f0 [ A3499B83F027D7EF549190D6FCF283F1, F82AB55EDAC14BC9FF8E62DDE084FA0012D163072A7951E80AD4A8A4A2686710 ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:39:46.0113 0x09f0 Audiosrv - ok
20:39:46.0160 0x09f0 [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:39:46.0207 0x09f0 avgntflt - ok
20:39:46.0238 0x09f0 [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:39:46.0269 0x09f0 avipbb - ok
20:39:46.0285 0x09f0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:39:46.0300 0x09f0 avkmgr - ok
20:39:46.0332 0x09f0 [ D1D40E04F258917863F8F6AE3D49DC33, D620C721686F7A5161781119E94B5B21B757384A40B1115F68CD97475638FCED ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
20:39:46.0363 0x09f0 avnetflt - ok
20:39:46.0394 0x09f0 [ CF4E5D4F4CA70859A9B8C2FC2E231AD7, F6B2FEBA3808BDFCB9D084EB73F3B9FFA24D24D7F5273B6E31215ECBFA4B6B42 ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:39:46.0456 0x09f0 AxInstSV - ok
20:39:46.0519 0x09f0 [ EABCCC87C98C4A87C792E8D7E0E2A4DA, 3B54971FBFB6AC90CEB2E9A9A8B08BBFD26FEB870A3D767192A310EB1292DC80 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:39:46.0581 0x09f0 b06bdrv - ok
20:39:46.0612 0x09f0 [ 70C6C26CD374699D6DBB6D681B8A972E, 808AD40C5E239D657024A208FCB63BF76309F5A3921D07B6353F2DE4B5DE5D18 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
20:39:46.0659 0x09f0 BasicDisplay - ok
20:39:46.0690 0x09f0 [ 9FC9F32E41B9BACBF721A6BE64B45A21, A7E58F27110B37A493383817B28B305CE1C9CEC61146ADE9A7EDDB9026DE41C3 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
20:39:46.0706 0x09f0 BasicRender - ok
20:39:46.0971 0x09f0 [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys
20:39:47.0408 0x09f0 BCM43XX - ok
20:39:47.0517 0x09f0 [ 1A61CBA65EAD2EEB3E54C4346BF19BBB, 4F1CF764E487623F7E650CC152EE3ABCA8C9B73C2BD16195DA8D386F3D6C8F57 ] BDESVC C:\Windows\System32\bdesvc.dll
20:39:47.0580 0x09f0 BDESVC - ok
20:39:47.0611 0x09f0 [ 9CA7506575641FA017C69649A6CA0EFF, D0DADD656B3EB40AC2E30C65ED7F65BF653EEA543F37FB251BE897E7A698379D ] Beep C:\Windows\system32\drivers\Beep.sys
20:39:47.0642 0x09f0 Beep - ok
20:39:47.0704 0x09f0 [ 0C85BC19619931FBDEFF48830F95D5AE, BC30F4F2709FAB7040D06CB3CB130001684D59D57B451E9350DC0A6E83C8DFCB ] BFE C:\Windows\System32\bfe.dll
20:39:47.0814 0x09f0 BFE - ok
20:39:47.0892 0x09f0 [ B94800B76A324834796BC68246DD3E31, 3D3BA07324605D5B01FB45D8F7A160130ACD7FAA5E181F163A78AD128B6DB987 ] BITS C:\Windows\System32\qmgr.dll
20:39:48.0001 0x09f0 BITS - ok
20:39:48.0048 0x09f0 [ 199FCFF2B289F66111B7770D8CAF341C, 03B5B0EA168BA336354EE032CD0EFA7C8A1CC4A87954B913B1BCBA022C5F20A2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:39:48.0126 0x09f0 bowser - ok
20:39:48.0172 0x09f0 [ F79B65F8B44DA6735CF0FE6DD5D50BB2, 4867B9BE4ABCDCE237FBC05322E5E1CA5708FBC98D0037CA63FDC75ECAE7D6A8 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
20:39:48.0204 0x09f0 BrokerInfrastructure - ok
20:39:48.0240 0x09f0 [ 44C16C5F3CD2E85E341B4758E391A6B3, B8CE78813BE06D18B753970E19EF3078B3E659D14C424B2505592E1FB4F14FF3 ] Browser C:\Windows\System32\browser.dll
20:39:48.0302 0x09f0 Browser - ok
20:39:48.0334 0x09f0 [ F92BBA7BBF29C991CBEB9C79F8456BED, 717E4F75F83F7DECEE627BDE04583F6F9AECBEF49602B8783CA7D0CB973E6C31 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
20:39:48.0380 0x09f0 BthAvrcpTg - ok
20:39:48.0412 0x09f0 [ 8DA65E6D5C2BBEC9F1DF8E46995540BD, D73208F756F762D4DE9990B18A0227EC9420496E244073FB6DCD853FA5422C15 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
20:39:48.0474 0x09f0 BthHFEnum - ok
20:39:48.0505 0x09f0 [ 0375B8756A92CA4F53C8058C6BD75082, 3480500D449165A779347D08482354377470E9B10FC2D16393D7420B55BB2CF4 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
20:39:48.0568 0x09f0 bthhfhid - ok
20:39:48.0583 0x09f0 [ 4373A04575405AAE159AFB2EA857D586, F6A72BD8BF6E0CBA6BE608B0E0338B346AB576715D985EDB0306E1F1669847BA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
20:39:48.0661 0x09f0 BTHMODEM - ok
20:39:48.0708 0x09f0 [ 097E028F506D68D198A86E8EA342A297, 19B58C6D7955320EEA96C392EA7034BFD813FC58F4815D1F41B72B0118A79CFF ] bthserv C:\Windows\system32\bthserv.dll
20:39:48.0755 0x09f0 bthserv - ok
20:39:48.0802 0x09f0 [ 9FDF55B0486D9A59C979645FBC3F132B, 696668AE62F2BD2CB3ABA226D517E80504CD982AB770DF865A6EE396D648B2CD ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:39:48.0848 0x09f0 cdfs - ok
20:39:48.0864 0x09f0 [ 40B7C9B1593614385B9C2F3B8D89CE8D, B3ED39281AE6FCFCD8B421B934BDA5B433FA4DC174A820AE2C3573F6610C56EA ] cdrom C:\Windows\System32\drivers\cdrom.sys
20:39:48.0911 0x09f0 cdrom - ok
20:39:48.0942 0x09f0 [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] CertPropSvc C:\Windows\System32\certprop.dll
20:39:49.0036 0x09f0 CertPropSvc - ok
20:39:49.0051 0x09f0 [ 60B681FF66540A7E9F00D2073030BF29, A92F041420FAD05F9CE1B29F33ECC6AC7C38934111FAC1B221E756F90EB8FE1A ] circlass C:\Windows\System32\drivers\circlass.sys
20:39:49.0114 0x09f0 circlass - ok
20:39:49.0160 0x09f0 [ 705B02F6B765BDEF2EF8BB37D5D371EC, E5CDA3854E38F1AA5C7CF51336F8C4F3961AB3B8EFC852FB4C46108BDDE44E1F ] CLFS C:\Windows\system32\drivers\CLFS.sys
20:39:49.0223 0x09f0 CLFS - ok
20:39:49.0254 0x09f0 [ D8993E1CEB237DB41A18F14D2D873B6F, 772D50D538214B2F0B2F5FAFD264C29BC05BDCCB1D51439E18FF7CCD18660091 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
20:39:49.0285 0x09f0 CmBatt - ok
20:39:49.0332 0x09f0 [ C0BF8F5D780CFE07A9690E5B6F5FCB32, 8D9154D0C7E7487B594E9E2262E998C98D278AAFB957028127EFC86EDFEB609C ] CNG C:\Windows\system32\Drivers\cng.sys
20:39:49.0394 0x09f0 CNG - ok
20:39:49.0426 0x09f0 [ C850B672E78BB45A4F980FFA2197EEFB, FC8ACE717D7872E5269071808CBD2D77CE129027604A1339E8958FC37AFB8A5F ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
20:39:49.0488 0x09f0 CompositeBus - ok
20:39:49.0504 0x09f0 COMSysApp - ok
20:39:49.0519 0x09f0 [ 587F4752B4892ECCB1FF14F478BE7396, 9598738EC0C8C4B3E94029EE0ED0875721450A25A0C37DDB014F32F37AEC286A ] condrv C:\Windows\system32\drivers\condrv.sys
20:39:49.0550 0x09f0 condrv - ok
20:39:49.0597 0x09f0 [ F25BBEFB14A75AA154417991BAD98967, 3447AA3F44028A836529F494483CDAEAB5BEEFA48240E8E07512409A6EF31264 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:39:49.0644 0x09f0 CryptSvc - ok
20:39:49.0691 0x09f0 [ 0F67E05737A49D43B0A50A6482F57B1A, 2A12C10121A01FB1337A88E12791BE4782AD42778AAC83986E9BACD11967208D ] CSC C:\Windows\system32\drivers\csc.sys
20:39:49.0800 0x09f0 CSC - ok
20:39:49.0878 0x09f0 [ 09DEA2ADC74E46CA5CC66AC26F13A7AF, 04F133B880848429F9B0896F84796680974EED07F2249A19EEDD97EBD63FBC17 ] CscService C:\Windows\System32\cscsvc.dll
20:39:49.0987 0x09f0 CscService - ok
20:39:50.0018 0x09f0 [ 7B08F79034E4EEF9E10BB77939D2C72F, 0FABEA070805052798788C45C563BAF139D7E348B02C00C99E214BA0075A6161 ] dam C:\Windows\system32\drivers\dam.sys
20:39:50.0050 0x09f0 dam - ok
20:39:50.0112 0x09f0 [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:39:50.0190 0x09f0 DcomLaunch - ok
20:39:50.0268 0x09f0 [ FA7AC7454EBBA1AD402E32B399BC9CE5, C7C12728E80DADFAF3187B829FCE71D4098BB491EC4DEF6E5992BD73922419EC ] defragsvc C:\Windows\System32\defragsvc.dll
20:39:50.0346 0x09f0 defragsvc - ok
20:39:50.0377 0x09f0 [ 565B3ABEF0B54B0731BEFA4DEF9EE845, F379ADCB5B6DF257883B0908A4B780A706A8955E30D1745E91048BBA47109949 ] DeviceAssociationService C:\Windows\system32\das.dll
20:39:50.0455 0x09f0 DeviceAssociationService - ok
20:39:50.0518 0x09f0 [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
20:39:50.0564 0x09f0 DeviceInstall - ok
20:39:50.0611 0x09f0 [ 91E1FD9887DF6CAD9AAB3796AFB0D87C, 819014D6C15D354D25EF08C553C3D40E77E0A0DFEAFD3FE9DB3E99BF2593D874 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
20:39:50.0658 0x09f0 Dfsc - ok
20:39:50.0705 0x09f0 [ E628016CC8982BEE0D7190DEBC4A34F4, DDE032D514C2237836F645BFC963EE91A47DA2CB780B9115B6C2679EE5F3A41F ] Dhcp C:\Windows\system32\dhcpcore.dll
20:39:50.0767 0x09f0 Dhcp - ok
20:39:50.0783 0x09f0 [ 9B6F6E3153D1C05CFF3D2A6EBA8B371C, 3907B9D879973738B520F46C27E56257F4A8BF7CA72E91CEACD5B2F4F70D4F60 ] discache C:\Windows\system32\drivers\discache.sys
20:39:50.0845 0x09f0 discache - ok
20:39:50.0861 0x09f0 [ 387792EA19C374A785ADBC385EDE3D4E, 2987941D8C437C2B81C4870C0D725464E5FC6DF0190EF2B3404C180BE2A1BF16 ] disk C:\Windows\system32\drivers\disk.sys
20:39:50.0908 0x09f0 disk - ok
20:39:50.0923 0x09f0 [ 666B3B00C02B0D1D7D186EDBE0815092, A9DB43170472A13473AB9EF0E3FB6583485276C5EA0CD9372C2382B4AD3D503E ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
20:39:50.0970 0x09f0 dmvsc - ok
20:39:51.0017 0x09f0 [ E627748CC6DF1A0E32CF62125701972F, 71191820754C2C64036B393175E5A2067CE42B981D6092CEF17B0E716A5A162B ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:39:51.0088 0x09f0 Dnscache - ok
20:39:51.0120 0x09f0 [ A7C7A276FA35BC09723F754756616363, D777587A6919A944AAE2C5DF8EC8B39ECE53CD549D9848FE94A035B1F199E82C ] dot3svc C:\Windows\System32\dot3svc.dll
20:39:51.0166 0x09f0 dot3svc - ok
20:39:51.0198 0x09f0 [ 58BECDD07D2C142B5B885CFCE2417E37, B40985E4DEA06F96B1B00E951209FB50BAE35BDDE4D5CA5C0C1AC7C772C1B64E ] DPS C:\Windows\system32\dps.dll
20:39:51.0260 0x09f0 DPS - ok
20:39:51.0322 0x09f0 [ 66E92FA5752E142145E4713129B839A0, 267BEA7B69C8A92031762474534967588305658A747BEB0D1308C976417D5886 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:39:51.0372 0x09f0 drmkaud - ok
20:39:51.0419 0x09f0 [ 95B29527993D6CF37A793F3A021A27C3, 5502765548AC728E2FB043BA3AF8182675597F8EAE8F5AEC1F0978A0C3398685 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
20:39:51.0497 0x09f0 DsmSvc - ok
20:39:51.0591 0x09f0 [ 87CB29AC7973AEFEF9A3C8F8A37E68A4, EF2F34976D0D62C48CDBC5DDB48C2AE6C982D5661DDD905017558CB0809D6BA4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:39:51.0747 0x09f0 DXGKrnl - ok
20:39:51.0809 0x09f0 [ 2DA79F8979B3B4915C061B7940072411, 207065F040FCD49A50F8978D8DA9AE9E670AC2C8CC8B8B3760E3319CD29D261B ] Eaphost C:\Windows\System32\eapsvc.dll
20:39:51.0871 0x09f0 Eaphost - ok
20:39:52.0059 0x09f0 [ 06265D21ACA4359D6F950BB0B5D77A8A, 81B5DE840DC6FE6D86BC2FAAB065812C9C699AE40A543BE933DFF6361DB832F8 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:39:52.0402 0x09f0 ebdrv - ok
20:39:52.0480 0x09f0 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] EFS C:\Windows\System32\lsass.exe
20:39:52.0527 0x09f0 EFS - ok
20:39:52.0573 0x09f0 [ 3F654C1AD8AE56F5C8D2B10AE6367FB4, 930BF850BC10A3143EBEB133099044F1C2C3A0A11213C9B8B833EACD0CB185C4 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
20:39:52.0605 0x09f0 EhStorClass - ok
20:39:52.0620 0x09f0 [ 589EB959679725E43F36843E56100240, 612515D8DE32FA16763C9BA815141877212B84A06F396C04C9FB26CF44FB7C09 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
20:39:52.0667 0x09f0 EhStorTcgDrv - ok
20:39:52.0683 0x09f0 [ 194D8325063BB5EA1DD93F7C014E85B4, B64CCC4D786ADDC433595327E8F9B24236D96C8BA34760643380E965692CB8F3 ] ErrDev C:\Windows\System32\drivers\errdev.sys
20:39:52.0714 0x09f0 ErrDev - ok
20:39:52.0792 0x09f0 [ A6EC6E7D226DDF8A9B7179AA67E21BB9, 1B45B908E6BE479CDCD5831EAB4E4E853D81FF8EB668277A673E2C66BB6F1F29 ] EventSystem C:\Windows\system32\es.dll
20:39:52.0854 0x09f0 EventSystem - ok
20:39:52.0901 0x09f0 [ 09BE68D402EFABB9EA1C41391A1980C9, C55659AAEBC51A6025521C814A4CE46D9A9245FBE8A7E20CCE56A82B1B44CBC1 ] exfat C:\Windows\system32\drivers\exfat.sys
20:39:52.0963 0x09f0 exfat - ok
20:39:52.0979 0x09f0 [ F9EFFB914427E904FE9A34055C8343BE, 4028620B55F1E22AA02FF9309024AA8EA9C45CD8C11972F9500F19E34C53B62D ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:39:53.0017 0x09f0 fastfat - ok
20:39:53.0081 0x09f0 [ 00CF8E60010A9941EB6CE04E65953589, C09D08BAB67DC358A09CEB00EA2E92569BF387B4DE6016B63DC5EF62E259E4D4 ] Fax C:\Windows\system32\fxssvc.exe
20:39:53.0221 0x09f0 Fax - ok
20:39:53.0268 0x09f0 [ E7887664718A3EBE0B2C5CB530DD66E8, 13622929175390F6E061B5429019B10D5C96304E698331BEEE194AB1F0E53F91 ] fdc C:\Windows\System32\drivers\fdc.sys
20:39:53.0299 0x09f0 fdc - ok
20:39:53.0330 0x09f0 [ 1F8564FA6576322F4F4CE3193D62AEC2, 302676FAF062269A2D255324D55C00A5AF730D1E64F9D0310208C78EDECA1DE6 ] fdPHost C:\Windows\system32\fdPHost.dll
20:39:53.0393 0x09f0 fdPHost - ok
20:39:53.0408 0x09f0 [ B4130625D12F80C116CE41E1854C8B2D, 9FA3F8C4FAD7A6F209C5B07F0E79AC6D351B03091E12693DF3F8E2DE968D857C ] FDResPub C:\Windows\system32\fdrespub.dll
20:39:53.0455 0x09f0 FDResPub - ok
20:39:53.0471 0x09f0 [ 2CFA5D87BC7062D82F188915B1C0906E, 6C3613350EE6E2AFB9318D4D2C32C850AB9B61FE573109277D67EC01D65859BC ] fhsvc C:\Windows\system32\fhsvc.dll
20:39:53.0533 0x09f0 fhsvc - ok
20:39:53.0580 0x09f0 [ 8C857A0D3923AC7781C9B46960A58C1E, AA976D74BF27E7B87FBA6586127204FCA2F7004258A6F1F7208618F8C2D395EE ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:39:53.0611 0x09f0 FileInfo - ok
20:39:53.0627 0x09f0 [ 7F209B1C0E011FD01EDC4B73D045B39A, 61FECACB1ECEB8D5866ADBAAB98A360F9E403372D10F6E79F82C686999B124AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:39:53.0658 0x09f0 Filetrace - ok
20:39:53.0690 0x09f0 [ BDC556E08AC280E4FDD493653DB636E5, 52E2DE40B80E046D84533AC5B6DD76047DE8CCE4C1A3477AD7112B2D63203491 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
20:39:53.0721 0x09f0 flpydisk - ok
20:39:53.0754 0x09f0 [ EE84ACFE47C3B47D3F6B2B037F09BDB9, B74964DE47E93432F5C489BD10674C6F6DA691B7F9B48EC9643968C06B03080A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:39:53.0817 0x09f0 FltMgr - ok
20:39:53.0910 0x09f0 [ 9405DC324331FA918F0F6B4ECE22B16A, 73C537B95A7E8A5D0EE26C6409C86EBA9DBCD5DB03127B1770ACFFF8B8DD42E1 ] FontCache C:\Windows\system32\FntCache.dll
20:39:54.0129 0x09f0 FontCache - ok
20:39:54.0175 0x09f0 [ C44DF89B95173F08E392CB16697AB736, 7E8AB7BBFA29D5615D369BED615EE3C1C43A68BAA0936121F2430380DA5C371B ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:39:54.0222 0x09f0 FsDepends - ok
20:39:54.0238 0x09f0 [ AE804E1B405A79197F27FEAF73E1B1D9, 247235B2C70F1EF57EBD1D63D045E9AE8F2E41730066E1BB03C0BCDFB0EA72C5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:39:54.0269 0x09f0 Fs_Rec - ok
20:39:54.0331 0x09f0 [ CFCA5826E2B8430848FF9D28A4B103F6, A3D1AFA3CE3FC03998A984F53A876BDC4440F10DF4DE74365F59699EDC6D91D8 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:39:54.0378 0x09f0 fvevol - ok
20:39:54.0425 0x09f0 [ E8FC085A40148801EA66745D1247C379, 37C74FABF1E5D78517F03FD5A6810ACCF484D03A79F6BC4B31BAAD888DB58478 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
20:39:54.0456 0x09f0 FxPPM - ok
20:39:54.0472 0x09f0 [ F3A74355FE0F38D599DC30A31E6F47DD, 8B8E97714682C7C1034FBEB2DCEFB7AFDE4FE4990EEC4EFD0C90E15E95CD3856 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:39:54.0503 0x09f0 gagp30kx - ok
20:39:54.0534 0x09f0 [ E818CF36D8FCB46AF9726490B9285683, 3770E186752C87E7799C48033CB0457152AA3064E8CE9E9AEEDEAE7BE37DBBB1 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
20:39:54.0581 0x09f0 gencounter - ok
20:39:54.0612 0x09f0 [ 80756BE0B7DB1880CAB1D8169F500521, B136980DE9A0CF6D7114FD4D36730D1E5953190893103AE56152C1B977E679AB ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
20:39:54.0643 0x09f0 GPIOClx0101 - ok
20:39:54.0737 0x09f0 [ BAE87B5D00CF637430E0DC64752BC890, 0E9C015F956C7FA8B47AA307BB0C5B8217A56C46B851ED6D1BE589F3902A9BD7 ] gpsvc C:\Windows\System32\gpsvc.dll
20:39:54.0909 0x09f0 gpsvc - ok
20:39:54.0987 0x09f0 [ D954548CA876D33FA87992EAC3A907E9, 7A182533F24C5B35D8B421D0FA07C151879D9B53FCC9FB9A71086F30979D3902 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:39:55.0096 0x09f0 HdAudAddService - ok
20:39:55.0143 0x09f0 [ 5EEBB5F5F86DF444B144D8FC0586164E, 433000F4CCD2468B371E62ACE5E4022E2EEFFF64ABA9C52B66807F22AA07278A ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
20:39:55.0189 0x09f0 HDAudBus - ok
20:39:55.0221 0x09f0 [ 90229C967C2D75DA5A0825E1473875F6, DE3762BA83EC2210B5251C8C6E6B3B1E80C2B9AD9F75AB32F9CE4231561400C2 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
20:39:55.0267 0x09f0 HidBatt - ok
20:39:55.0283 0x09f0 [ B70CD61C1B2F282463A32E0C41481148, 8CBEA39C5B4CEF6746997B1E1E4C538888A28F9B5D4ED17A7F457748A1094716 ] HidBth C:\Windows\System32\drivers\hidbth.sys
20:39:55.0345 0x09f0 HidBth - ok
20:39:55.0361 0x09f0 [ 33609592291468A3C494B44DEE1FCF79, 79AC4E2A7DC07124FDBAC2B7CBF5BAA7C38790BF094AA4E2C51B8638DF46AF20 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
20:39:55.0423 0x09f0 hidi2c - ok
20:39:55.0439 0x09f0 [ D6850FA3EE1ECD7457F8E53726250CD1, 0FEF80F2C1BF0B8C89C0574C4183E8977D8C7631C49F7646BF08C1879D0B8500 ] HidIr C:\Windows\System32\drivers\hidir.sys
20:39:55.0517 0x09f0 HidIr - ok
20:39:55.0548 0x09f0 [ A52EF1D6B8F4B9ED040B909009349DCE, 27CA5D923F2C05E82F0522420F50A7884C6A4E7E6DF2B13E00D793A7823EB90E ] hidserv C:\Windows\system32\hidserv.dll
20:39:55.0595 0x09f0 hidserv - ok
20:39:55.0626 0x09f0 [ 8FADE4B0D0AAFFE4187E2D940A694D1F, B54441365E606925902A4A088DD8E52A3E1156143BF698C995C09FB3E376FA4D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
20:39:55.0673 0x09f0 HidUsb - ok
20:39:55.0704 0x09f0 [ 9BD84DF296F61203EA4B90A4C38C966E, BC33075557A5961ADE2DD4C624C21997E46AF135B49517CE9AE90A5681BC2205 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:39:55.0767 0x09f0 hkmsvc - ok
20:39:55.0813 0x09f0 [ 9A63274C72E567B06F0674ED51AF6430, B5ABAB89B7C35C97098B02DD6AA741836D4254DD5C3073B56E6E7F3D9C069F8E ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:39:55.0876 0x09f0 HomeGroupListener - ok
20:39:55.0923 0x09f0 [ C42B7A6216465AEDACE06E71DAB01E00, 02EA72B87D9D49624C8293082A6CEF34BDABADFAD9A2BC45F13F4A0FE62E88E9 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:39:56.0001 0x09f0 HomeGroupProvider - ok
20:39:56.0032 0x09f0 [ AE3BF8D78963AAAB2F8E5B1D4DB48DB6, F655723A914EFD8F276F3ACB0B0E6873BDC7C86720B54F7C0C436BC5EE09CA5D ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:39:56.0079 0x09f0 HpSAMD - ok
20:39:56.0141 0x09f0 [ 5FBC36B5A11DDED4BA7CA0F373E089F7, 97511B98CDECC7AA4CC6BB1E4236715CEE22FFEE07B765968915200AD465DAFE ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:39:56.0250 0x09f0 HTTP - ok
20:39:56.0297 0x09f0 [ 8EBD3CDD8BEBA39CAF6F83D7EBAB950D, 5450E3D1674BF453AC74E3FD2E480C0B9A0981F3FC1188479BA5954874BBB773 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:39:56.0313 0x09f0 hwpolicy - ok
20:39:56.0328 0x09f0 [ B4D8CFAA814300E7604C634F5C5B25DB, EC60DE2E23569BAE162714A2560DD9D7903094D0176A38B3E7D2811094E6A2A4 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
20:39:56.0359 0x09f0 hyperkbd - ok
20:39:56.0375 0x09f0 [ CD657365669B52CCA07B20F07E53CA4B, CF20832504B266EBB477EB125A76EC1CE4425BC57A8113897442BA8F8752A35C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
20:39:56.0406 0x09f0 HyperVideo - ok
20:39:56.0422 0x09f0 [ 7F2D02F109F427BB79B09026BFD4497C, 2F37E0C63AD3BFE2478DB7689C6349683C1B3452486E2374AAAAB83FFD8F444F ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
20:39:56.0469 0x09f0 i8042prt - ok
20:39:56.0531 0x09f0 [ 6B031913FA9387744A70099E8CACB568, DADB1C38636F14AF7BD7F6B7FB104E7B8CD3D1F395A870AAD9FDB1DB75DFE646 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:39:56.0625 0x09f0 iaStorV - ok
20:39:56.0656 0x09f0 [ D789021B5ED044A82242895017F40E94, 13BAA853E5D04C0C417BB876B359DA8396B77130931DF2979A7CD4F65A754948 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:39:56.0687 0x09f0 iirsp - ok
20:39:56.0749 0x09f0 [ 634C6D286178700BDE9122C55175F654, A67B44C93AD26219C41C80FEAC8107FCA10AC02CAF7E626DA2A5D174562F9C4C ] IKEEXT C:\Windows\System32\ikeext.dll
20:39:56.0874 0x09f0 IKEEXT - ok
20:39:56.0921 0x09f0 [ BFE2E1129284CEB8A4C1771AE6A6595B, BDA34DF3A378B75E70E2FDD3A2D2BC67E3939CE56919D256A34B3B8358613841 ] intelide C:\Windows\system32\drivers\intelide.sys
20:39:56.0937 0x09f0 intelide - ok
20:39:56.0968 0x09f0 [ 40C0816BF04741CCD3D0DE04172FB2A9, CA062A1FF9963168EB782C37870F32620402461C4F423F894A1EE655921FCE9C ] intelppm C:\Windows\System32\drivers\intelppm.sys
20:39:57.0015 0x09f0 intelppm - ok
20:39:57.0030 0x09f0 [ F9C5A1592AC4F5432ED09C1D26041A57, E54B3F06479701E83C8ADF91ADD5B68238AB876DAFEFF738E292AACBAE12E101 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:39:57.0077 0x09f0 IpFilterDriver - ok
20:39:57.0155 0x09f0 [ D40C8D59F2BDB7CF6D4A0CE08042640E, 4D378CE22E2A3C089D4A333B6DC00B19465759438C4E0D5CDC5B2EB91DFAC49B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:39:57.0280 0x09f0 iphlpsvc - ok
20:39:57.0327 0x09f0 [ 46F807A9C6EE8C4CA477BC037F37D154, 70E8B9FB0675212DE8C57599975DC0D28110206DCD37879B9523053845351919 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
20:39:57.0374 0x09f0 IPMIDRV - ok
20:39:57.0389 0x09f0 [ CECF7E60DEF1A500673BF299A8B99E25, EEB10A4B137DE48C160D1191A390E047BA36B12C4B22145F16A3273BD2ED3328 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:39:57.0452 0x09f0 IPNAT - ok
20:39:57.0467 0x09f0 [ B5F2900361C7747E6F831824759482A2, B6D1DDE654202563C2A24461F3D03733E80D1F9D4D224B3CAD8BE837D8EF11C6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:39:57.0514 0x09f0 IRENUM - ok
20:39:57.0530 0x09f0 [ 023C558E997F09BAB91B736A1714095F, 241D280F62248FC270BCE8EF8DDCE240813858A5A8AEE8A97855045657876388 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:39:57.0561 0x09f0 isapnp - ok
20:39:57.0592 0x09f0 [ 1CB65E4C55B135FDCFB41B53C03C0E86, 57FF4D6E6F1E05EDF2A1885937F88F20960E4BC7BA229D23FB8F68D07BE0A174 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
20:39:57.0654 0x09f0 iScsiPrt - ok
20:39:57.0670 0x09f0 [ 2C8AB975DEA711046AF8D7B6FEF790F2, A65AE55265A0E15D063AA311AC44D5768D7FA253901FCCBF328FD5AF4C95C74A ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
20:39:57.0701 0x09f0 kbdclass - ok
20:39:57.0717 0x09f0 [ 8A0FBD022B316E7CDB8072E33C4A348A, CFC5E705874ACA4F75601B56A5EE34903F7360184D4F814451EF1C5F1A108B54 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
20:39:57.0764 0x09f0 kbdhid - ok
20:39:57.0779 0x09f0 [ 7108512F89511DB5B4AA4B4988C48984, 11BA6D744FD0FFF2EBA3DC90BFE82ED6EECB312D56CCFF70063F166F236DCF93 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
20:39:57.0810 0x09f0 kdnic - ok
20:39:57.0842 0x09f0 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] KeyIso C:\Windows\system32\lsass.exe
20:39:57.0873 0x09f0 KeyIso - ok
20:39:57.0888 0x09f0 [ D154BEE5E0A8E8576DFB243632B08D4C, 004366D5DA831D9B08A943BC9B9EAE51D4A4F233FBDBDD7466C522A38D5299D1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:39:57.0935 0x09f0 KSecDD - ok
20:39:57.0966 0x09f0 [ 77080A55782B0FB515969E28CA7A3E17, 983B9AC21809C34680F62BF0995FEE874A4977F0F94A1E6CA5968B7D8F3A301F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:39:57.0998 0x09f0 KSecPkg - ok
20:39:58.0013 0x09f0 [ E2BDD62776D1EA24FF2CB9EE995BA05F, 8328142485F1F5104FE62CA9B51A4145CC788A1D31CD402A6E5BB76D63804518 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:39:58.0044 0x09f0 ksthunk - ok
20:39:58.0091 0x09f0 [ 959BB9C502B0EB11F10E60AC83E302DC, D2275C54271B77ADF3EE71E066C33B2272EF03BDC926FC828C3D5106F16B61B2 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:39:58.0169 0x09f0 KtmRm - ok
20:39:58.0216 0x09f0 [ 8412D334F6B18F655BFF430E9DB1ABC6, 1F38AA06B3F0437393884479DC4B63109672C557FC118AF0D005BB188DEF2636 ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
20:39:58.0263 0x09f0 L1C - ok
20:39:58.0294 0x09f0 [ B98C14ADDAB35C842A6E6C7569319BD8, D5EAC5B7537D876B10F3024AF56A775BD7DADC55134EF498F16C5BE998B0E7D5 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:39:58.0372 0x09f0 LanmanServer - ok
20:39:58.0403 0x09f0 [ 1485CF3F698BA2B09BEDBAEF13EBD45F, D34C642E2E4C9E8CC3A63B630A7EB9E53F9D40D295D4F435B05C6E9C97CBC8A3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:39:58.0450 0x09f0 LanmanWorkstation - ok
20:39:58.0481 0x09f0 [ FAC973039530C50FECCAF7E72FFA3524, CDE0837E37D3ADE152FC7077C16758A0BEAD0B7CA3B89E81C1EAF2091996C063 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:39:58.0528 0x09f0 lltdio - ok
20:39:58.0575 0x09f0 [ EB320128404659367A50774094B72210, D331E970FCF4E37C31CE591BD59D0D2B27F85F42435DCFE8F5D85C4ED58C6971 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:39:58.0637 0x09f0 lltdsvc - ok
20:39:58.0684 0x09f0 [ 04FB978A11E7BBBAB90909B222675337, B5865689B9CAC15EB724C5E097527CDDB148D49A5DA9E4BC6D428D06A265BB13 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:39:58.0715 0x09f0 lmhosts - ok
20:39:58.0746 0x09f0 [ 8FDBE4BA532047F678E39F6770941ED2, FD6FD8B718E44A2D023B1A4554FB56D6F56AD01CAD652CE9660CC4E8CDFC8327 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:39:58.0778 0x09f0 LSI_SAS - ok
20:39:58.0809 0x09f0 [ C06811E17E37F5EEC06D90535801424A, 77F11ED1BAD6FC1B53B1A9C1D4DE6D83E1D01040DB88C8F6691AB0C16D72DC55 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:39:58.0840 0x09f0 LSI_SAS2 - ok
20:39:58.0871 0x09f0 [ 6F2C426DF48334BB2F0B74C76985FE2A, F26C0C08302B95D4CA9D328B9717EBF1AB7E07DF0901107BB60365BE61F1372E ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:39:58.0902 0x09f0 LSI_SCSI - ok
20:39:58.0934 0x09f0 [ D01AE7845DE31EA30887FAEC6E8DCB65, 854C500B707E874BC6D7683E0A6135F3A702CCCC0FD1305A07A036615CA46E01 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
20:39:58.0965 0x09f0 LSI_SSS - ok
20:39:59.0012 0x09f0 [ B7809CBCF86839FE5C2DADD412666787, EE16B035B9874E5C0D072413DC85F9DCC660168B0DCB475C5256CCB5436B7402 ] LSM C:\Windows\System32\lsm.dll
20:39:59.0074 0x09f0 LSM - ok
20:39:59.0121 0x09f0 [ 588AB727594A6778FB1FBEC4280C62C6, 5ADB8841D321C9FC9AFC3F39E31F2C5842627628BA1A56193A078CD6700139F7 ] luafv C:\Windows\system32\drivers\luafv.sys
20:39:59.0183 0x09f0 luafv - ok
20:39:59.0214 0x09f0 [ 7E052CF6115C9CD8FBDDE37569C0426C, 467F112AAC27CA1DA56A304C2A08A2745C2B5B008C7981049745301348A1CDBA ] megasas C:\Windows\system32\drivers\megasas.sys
20:39:59.0246 0x09f0 megasas - ok
20:39:59.0308 0x09f0 [ 6D808A6597FB161729E2EF050A9D76E4, 12159A0AF27120A037A073454DDD58A2628D8543A245EB8107E30A68ADE45496 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:39:59.0386 0x09f0 MegaSR - ok
20:39:59.0417 0x09f0 [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] MMCSS C:\Windows\system32\mmcss.dll
20:39:59.0464 0x09f0 MMCSS - ok
20:39:59.0495 0x09f0 [ 1D9717FA1195CB9F8A7B92F4BF2FDCDB, 868798DDE2D55D1E2F95436B13F671C4EA46419EEBBBBA9CEDA8B31838C1D242 ] Modem C:\Windows\system32\drivers\modem.sys
20:39:59.0558 0x09f0 Modem - ok
20:39:59.0589 0x09f0 [ 7E237CA07779A30EDFC7B2AD21172019, 8FBA4DFC0A9A67F81E119816D75023AAF0DAEF3863B33233B4AE7A0A240B5DE4 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:39:59.0620 0x09f0 monitor - ok
20:39:59.0620 0x09f0 [ 9F029A7247126ACE95BF3BFB2305DBB6, 54C5F36D6E1806ECAF50604950FBFDDF964167A3D132000523D43AFC926F4839 ] mouclass C:\Windows\System32\drivers\mouclass.sys
20:39:59.0651 0x09f0 mouclass - ok
20:39:59.0667 0x09f0 [ 7F557A4CDF0838B1251A35304B1FD4BD, 0DBB52F0A2360175D0521DA306D93722E391E468F6AEE503F725F7AEE2A893D1 ] mouhid C:\Windows\System32\drivers\mouhid.sys
20:39:59.0714 0x09f0 mouhid - ok
20:39:59.0729 0x09f0 [ BFBB08994C56B5FACDDE64858FA766CD, 982E31528770DE1D7BE556BA045C2124C84863685544E27B911CB174662CF35B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:39:59.0760 0x09f0 mountmgr - ok
20:39:59.0854 0x09f0 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
20:39:59.0885 0x09f0 MozillaMaintenance - ok
20:39:59.0932 0x09f0 [ B15DC7D5DBFDC0C7E49877EA51E7B6D3, 7AFD66E6447771344C0A20E4E4C708673D8651C8B88714B1A709A0F978CDDF25 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:40:00.0010 0x09f0 mpsdrv - ok
20:40:00.0104 0x09f0 [ 94B5D3B01A4A6E6BDD59ED001D650A6C, C602819159C11083444A7C9A4C2010546D2D519D498DA515EEC980145E33B134 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:40:00.0275 0x09f0 MpsSvc - ok
20:40:00.0338 0x09f0 [ 0154E2CF4E6C13189150081D26BBADCF, 0BE62D6E8DC459CDA08767E1915A94EA2F8143161768670318CC88B398DD0261 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:40:00.0400 0x09f0 MRxDAV - ok
20:40:00.0447 0x09f0 [ BD43E075C75A0DA06E16BEAB997919E1, 85F7185CCD59E5851F6D5D593CDE6B95FC8CFF66790A12123D6CB0D98E4D063E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:40:00.0494 0x09f0 mrxsmb - ok
20:40:00.0525 0x09f0 [ E2E3BB261B69B41EB8FCB4BA9B08CDA5, F414C6AB4115917339F6609027F5B025D7B4798A9088DAF6C184F9AB60E2FFD2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:40:00.0587 0x09f0 mrxsmb10 - ok
20:40:00.0618 0x09f0 [ 15C9E57A7D3347F985486F9A09E67538, 2E4B133C2D7DE02E5BD760512E3EDB2424A0A413517062D1A33FFE1853C2051A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:40:00.0665 0x09f0 mrxsmb20 - ok
20:40:00.0696 0x09f0 [ 5D95E6DD5E8AE8F1D1BBF9B15AC1C29B, 4874B0FF974AD8C598891E2974BA1E75268EDF8C1D26F512BBF2FDED651343FE ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
20:40:00.0743 0x09f0 MsBridge - ok
20:40:00.0774 0x09f0 [ 0C13FCA740312536BF89AF4214E02803, EDCC63607789DC9F26C977D19D6546EF1F07D7031879DB4AEEA38466982FC269 ] MSDTC C:\Windows\System32\msdtc.exe
20:40:00.0821 0x09f0 MSDTC - ok
20:40:00.0868 0x09f0 [ 6196FF7C20AEA729A8E0A344D04CEE48, C96126E6F0FE67A8283E9EF4CDB8EB14EB8729B67E6784E00CBA0C332F7FD467 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:40:00.0915 0x09f0 Msfs - ok
20:40:00.0930 0x09f0 [ 3E60AB00CB326348AA75165F428B4453, BBEFE2A5E897F46B089C5B7CFF4C6B48533BB6EA49FF626D5DF5DB209936CEAB ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
20:40:00.0962 0x09f0 msgpiowin32 - ok
20:40:00.0977 0x09f0 [ A12249F2C8A15A34239625E8CA857CF2, E6DC4A1FA4D9D182196E3D7522EA8A199025AB78AD0C708B564B2AC6AD4AAEAB ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:40:01.0008 0x09f0 mshidkmdf - ok
20:40:01.0024 0x09f0 [ D516EE4A6B5DDED62673C4A49A808CF9, E8D99F76D4686F82204A16C311CFF142A9F396CB3F6FD35BADBDF2CE9EA9E849 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
20:40:01.0055 0x09f0 mshidumdf - ok
20:40:01.0071 0x09f0 [ C8FC57640D9AE3856AEFBB48F9C246E3, C6FE1C477CDBC8169B14564D960225C2F48333E2D01E4A5FF858529EC371C839 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:40:01.0102 0x09f0 msisadrv - ok
20:40:01.0149 0x09f0 [ 8A1589AD1F0D4BB5417BA4E0A143DFCC, 1748AE142C48A5524321E1F0BC248E570AAC39E1A433FCDB3C1FDC45865C20F7 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:40:01.0196 0x09f0 MSiSCSI - ok
20:40:01.0211 0x09f0 msiserver - ok
20:40:01.0227 0x09f0 [ 81FD1141F6843053D045099EF1E9FFF4, 9E7091C38F81ED920D2E40E0687DC378CC8323367E4E490BA0E7E866FF275472 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:40:01.0258 0x09f0 MSKSSRV - ok
20:40:01.0289 0x09f0 [ 56D27E5B5D5FCF993058426B73701C26, 7711FFD113EE4A6304A40E2C69805A12B127791489FBD7EB88C4FB1E24A40C3C ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
20:40:01.0352 0x09f0 MsLldp - ok
20:40:01.0383 0x09f0 [ 05E5204D25C6EB88D870D82E73DFA6A6, 153E3ABFD19DACE8F80F08925AFCC2F8ED9067EE308C837226129F092B2E38CA ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:40:01.0398 0x09f0 MSPCLOCK - ok
20:40:01.0414 0x09f0 [ 59789052F097F995C53C4F1A751961BA, 26BDF9D09F7FC2A35F8CA72ADDFE1774FC6A25CF92FDFDFECC5DBF3D43D43F93 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:40:01.0462 0x09f0 MSPQM - ok
20:40:01.0525 0x09f0 [ 573528C6A0753B72F86B765D5B607E0E, CD6343DF6F044ABC65058379E3E41040B3DFDEAA8A44E1B3C3487B1345AE71AB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:40:01.0572 0x09f0 MsRPC - ok
20:40:01.0618 0x09f0 [ 417AFCB41E395182A911431B039DEBB9, 9482B98110D9DF3A83544DAF3D582B5AF37BBBF7AB491BEA2728F45F2976C283 ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
20:40:01.0634 0x09f0 mssmbios - ok
20:40:01.0665 0x09f0 [ 0AAA0930A7FDFA71B5808E5DCC313C17, 7F6ECF8BC7545BC3642C2F04012AA41944A846BA754B52C9BC4E0CBC1E18B6E2 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:40:01.0696 0x09f0 MSTEE - ok
20:40:01.0712 0x09f0 [ C8C114A691B4B5EA4093064E2C942DCD, 7B78C0DB7CA08897B58246F77B87FBDDEEA0EECE203A5E4F3773D27FA2C6F6BF ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
20:40:01.0743 0x09f0 MTConfig - ok
20:40:01.0759 0x09f0 [ 6F9A0DC60178D403AFF77370FC046B7E, 9310B420C02192AFC271D6DC42AE55AA20382D19610EB2171CE03AC0208CBE7F ] Mup C:\Windows\system32\Drivers\mup.sys
20:40:01.0790 0x09f0 Mup - ok
20:40:01.0806 0x09f0 [ 3094B508C7C40544A60D9EF5C62A9D5F, 934B859749844CC8EE7244393783EA35DB466E3C1A4816A42D8C9765171BE4DE ] mvumis C:\Windows\system32\drivers\mvumis.sys
20:40:01.0837 0x09f0 mvumis - ok
20:40:01.0884 0x09f0 [ 7FC8E15AAB7FF630EACCFB977195452D, CCF4846D62BA619DDEE3C3612139A14C8C6F9C4D11C2D82E653799BDFDA791BA ] napagent C:\Windows\system32\qagentRT.dll
20:40:01.0946 0x09f0 napagent - ok
20:40:01.0993 0x09f0 [ 153B849C9692E6BAE7666A6361B8B65C, 65D315A4E6C950C9C70AA6DE8E486D32871EDA267B2AAEDD628532132D187178 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:40:02.0055 0x09f0 NativeWifiP - ok
20:40:02.0086 0x09f0 [ E5001E5C5C766B095971F6EF07C93DE3, 38AB58AE4391317BC1661A17809146AB481B2BFA8A2772A116EE10834332E924 ] NcaSvc C:\Windows\System32\ncasvc.dll
20:40:02.0133 0x09f0 NcaSvc - ok
20:40:02.0164 0x09f0 [ 392B0E0CB50218037CEDE5588FFAD1AB, E7CBAEB55AF64D2F087BAE7FC0BEE3CCECB12B6FA120586E10B75EF33100898E ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
20:40:02.0227 0x09f0 NcdAutoSetup - ok
20:40:02.0305 0x09f0 [ BB639DE49430EE053F6FCD61B57041C2, 79369DE6068D19AE575C4DA1B1ACDA5A2EE5DE8AD7CF08B6572E2DFCC8BA4AE6 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:40:02.0383 0x09f0 NDIS - ok
20:40:02.0461 0x09f0 [ D461CFB366F933840C8B37C4E39A9B4D, 95EAA8F222BBF8146CE836B7BE04DB95289A2A4A323FE123824C24BA9F79F334 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:40:02.0508 0x09f0 NdisCap - ok
20:40:02.0539 0x09f0 [ EE813CA43B87655DFF7C2D5406CC0379, B6A5DE024AF7F1097E22B51046E86CE84529F4DD5D4DD4891427A00A36DBC864 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
20:40:02.0602 0x09f0 NdisImPlatform - ok
20:40:02.0602 0x09f0 [ 097107F94AFFCF749A051B6443C130A7, 07C43E2C15E087F707634D8564C6562390DD6AD53E4FCCAAF452E32A377E9686 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:40:02.0649 0x09f0 NdisTapi - ok
20:40:02.0680 0x09f0 [ 048DCECEB6EF091D92947CF96ADB1CAF, 1FE96D6E8662526578BA328CE231FC4F589DCF47A716508715F4F2462BB06546 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:40:02.0727 0x09f0 Ndisuio - ok
20:40:02.0758 0x09f0 [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:02.0821 0x09f0 NdisWan - ok
20:40:02.0836 0x09f0 [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
20:40:02.0867 0x09f0 NDISWANLEGACY - ok
20:40:02.0883 0x09f0 [ 670C782064DE46493E468C1606A9ABE7, 09791767D210C422C75617B488BADFC20E27AED6F2EB52A9A173ADA3CE7FD800 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:40:02.0945 0x09f0 NDProxy - ok
20:40:02.0977 0x09f0 [ CC8B7A1AFEBE219F5BB2A2A172B385FF, 8B5DFBCA1DC89CEFF0EC01C6C0D7DB0FAD44AC61D9FADE569C59CDC9DD4AE857 ] Ndu C:\Windows\system32\drivers\Ndu.sys
20:40:03.0039 0x09f0 Ndu - ok
20:40:03.0055 0x09f0 [ 35FFEC755452F8DFE59538815FA95136, D455BBA416315F1ACAEA4CE6CEA207E2650A6069E5AA4DD71C782BCBEC86A5EF ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:40:03.0101 0x09f0 NetBIOS - ok
20:40:03.0155 0x09f0 [ 70CA93D2D94F5EDD2B634F5A39E5713C, BDDA39C4A99D2BA7490AB538B569A0DA949E18D55E63A65739C636F1ADE4C6F1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:40:03.0217 0x09f0 NetBT - ok
20:40:03.0248 0x09f0 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] Netlogon C:\Windows\system32\lsass.exe
20:40:03.0264 0x09f0 Netlogon - ok
20:40:03.0326 0x09f0 [ 43EA14A7DC7AF57E5C12F1974C43E467, 36B2E0C1667CBDD92423649F92271DF05A271C6C5CB0E3FB74D5905D1DA2912A ] Netman C:\Windows\System32\netman.dll
20:40:03.0373 0x09f0 Netman - ok
20:40:03.0420 0x09f0 [ 60AD109DD43E1F86A9BFCF2B6E8B885F, B4597EC4CF20ABAF571C15E2E1D828C35715283F7CD7C4FE036C401D59CA365B ] netprofm C:\Windows\System32\netprofmsvc.dll
20:40:03.0514 0x09f0 netprofm - ok
20:40:03.0670 0x09f0 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:40:03.0732 0x09f0 NetTcpPortSharing - ok
20:40:03.0763 0x09f0 [ 021B9AB328E5757520A88AA3D8379C3A, 1E1195FA28BF8E1CE2AF8EED2395600A51B45179FE7C82274627AD8553FD7016 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:40:03.0794 0x09f0 nfrd960 - ok
20:40:03.0841 0x09f0 [ 95C3BEB611D0F63AD26C31F0D23123DF, D30F13D571A60D8E4F27812CB48957EF77FEA703EE1C611DBC691D5674F82314 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:40:03.0919 0x09f0 NlaSvc - ok
20:40:03.0935 0x09f0 [ 41ED6F90DF31F85F9682EA715402D085, 55AFBF779DCAD0F1B54DA2320CEDBFEA90125F729AF07F469DEA4603D1964FBD ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:40:03.0982 0x09f0 Npfs - ok
20:40:03.0997 0x09f0 [ 41BF79B2371A3821F41A4C060E067961, 0A7AA24CD65AA5D0689D3B800FE639FD1B050A3742835ED8379EBFCCA67383E0 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
20:40:04.0028 0x09f0 npsvctrig - ok
20:40:04.0044 0x09f0 [ FE4741AC4331724ACE78EA1D95B86705, 28DF7AD69BA78D53EA6A6E33FE11C91BF503EF87EF2BC71AD136AB9C21B00079 ] nsi C:\Windows\system32\nsisvc.dll
20:40:04.0106 0x09f0 nsi - ok
20:40:04.0122 0x09f0 [ 71343C73520814808B8F11A77DBAB939, 8B153F5D90F90557B385B3CF973AC95ED80A3C1906C1957175FECC3B67619923 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:40:04.0153 0x09f0 nsiproxy - ok
20:40:04.0278 0x09f0 [ C0B3937287DB54B104F209A0B8322E04, F8E8387574EA4C6BDFAEFB4F73CF035E3F670ADA37E5A8FC110C837388E458B9 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:40:04.0496 0x09f0 Ntfs - ok
20:40:04.0574 0x09f0 [ 29B1334BD9E24648F54C373DC99E7D70, 1CC13AE6250DBD4F9647C473071C02B05C38910F534BE6EFD887F2A803BBD9F7 ] Null C:\Windows\system32\drivers\Null.sys
20:40:04.0606 0x09f0 Null - ok
20:40:05.0245 0x09f0 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:40:06.0368 0x09f0 nvlddmkm - ok
20:40:06.0556 0x09f0 [ 0D63F22609BAB3886F0230B941391805, D1A85903B574D182AB623A8AE017D54A03F971FACF40FFF6648B9E07C822B1CA ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:40:06.0602 0x09f0 nvraid - ok
20:40:06.0618 0x09f0 [ F55FAE2A40129EFD3D0A1BE46AF8989E, 3157F349ACA0E1F2AB6AF4D7643973C2B2C9562E78CE8809D02CB632A1F66DDD ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:40:06.0665 0x09f0 nvstor - ok
20:40:06.0696 0x09f0 [ 268326902900187FFF45C30111FB6597, 11D447F9E9DE1D8FA5EB97F8D43B47DED526A168DE39C5DA779CBC072D0BA4FF ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:40:06.0727 0x09f0 nv_agp - ok
20:40:06.0774 0x09f0 [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:40:06.0836 0x09f0 p2pimsvc - ok
20:40:06.0883 0x09f0 [ C6B277E5590ED43C097D9B34A70EBC96, 104532EAD79B103AE3D000EA04E32EBC165E493A0C814E98BA98D9F6AB2621A3 ] p2psvc C:\Windows\system32\p2psvc.dll
20:40:06.0961 0x09f0 p2psvc - ok
20:40:06.0992 0x09f0 [ 7952733956DEDC283BB670CC8507B82F, 9D416D506C25C4B80EF86665246C032A169E71406E2888C7A41A1BE4D4B7CF76 ] Parport C:\Windows\System32\drivers\parport.sys
20:40:07.0055 0x09f0 Parport - ok
20:40:07.0086 0x09f0 [ 7B07B33ACAA1EFF76B234CF5AD290B60, F259EBDEC14ED953D500A891248532A75526BB97A5C1CB4CDAFD87F9C2E778BB ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:40:07.0117 0x09f0 partmgr - ok
20:40:07.0164 0x09f0 [ 4120E1D48D03CEE451C57E3F7E4BF98E, D15CDF0E6E55A9EDBB005165F0047A6CB054FA498F5E06CC85B98ABA7123CA1E ] PcaSvc C:\Windows\System32\pcasvc.dll
20:40:07.0226 0x09f0 PcaSvc - ok
20:40:07.0273 0x09f0 [ 448054F3715D27C57A5F9D0AEEB75B4F, 84268A713B2C3585F90D74F21BCB5E7BAF4693DF122E0CC0A81885BBD47E2E6C ] pci C:\Windows\system32\drivers\pci.sys
20:40:07.0320 0x09f0 pci - ok
20:40:07.0351 0x09f0 [ 33575A8402F4F99853E6C82E36D896BB, 24AFF39052FCBDE35DD16E7737BE35769A134570971E6FDA4E89392F3C14E768 ] pciide C:\Windows\system32\drivers\pciide.sys
20:40:07.0367 0x09f0 pciide - ok
20:40:07.0414 0x09f0 [ BB66139986C93CEBAC93B93753F554A1, 3DEB701A962497C133C560DA3CA73AD6535E1ACA67CC8255F43CAB496A769940 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:40:07.0460 0x09f0 pcmcia - ok
20:40:07.0492 0x09f0 [ C4DD119D342C2257B18235AB845780F9, E0A5C0712F68F846ECC2FACDFEB34DA4A18AE2428F7AC97E056246FFE3623E34 ] pcw C:\Windows\system32\drivers\pcw.sys
20:40:07.0523 0x09f0 pcw - ok
20:40:07.0538 0x09f0 [ 7460CEEC923A65870400ED44C9B64B35, 164D3430C1B836D01D2B51574FE593FA0801C80E68CB82507EF852697D2A50BC ] pdc C:\Windows\system32\drivers\pdc.sys
20:40:07.0570 0x09f0 pdc - ok
20:40:07.0632 0x09f0 [ AC865A94D9E72EBE57D1857FEF153B7E, 726A4F0C482837EF4B9A2C43971798B43EBC4C2CD27605962B28BCE9C9DBD659 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:40:07.0757 0x09f0 PEAUTH - ok
20:40:07.0913 0x09f0 [ 9FFDA8D2F8B53F1CB3B2F5767CE93D36, 1BE581A49B92107FD57E1B151E03BBA26C02BC51AF60430EE2D32BB636802FF1 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:40:08.0168 0x09f0 PeerDistSvc - ok
20:40:08.0465 0x09f0 [ D05073358971569CE89D3207826C3AF6, A78060F5157C3ECC7D70FBC225F891A31BE300D74FF850436FF29F2EA71C451C ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:40:08.0512 0x09f0 PerfHost - ok
20:40:08.0621 0x09f0 [ 7D901118FFE2798DB7EBD2C3D58464F5, F72C3E444F9E302224B6419ED456CE70E72A8178E82310F16062EE28A58D3E34 ] pla C:\Windows\system32\pla.dll
20:40:08.0839 0x09f0 pla - ok
20:40:08.0870 0x09f0 [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:40:08.0917 0x09f0 PlugPlay - ok
20:40:08.0948 0x09f0 [ 792ED24914C5950602631EE5A2CF27DE, 6BC03D5A05C17E6E7264929DFF918DB3F2C67E596FDBC5D4C881A4A514007C54 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:40:08.0980 0x09f0 PNRPAutoReg - ok
20:40:09.0011 0x09f0 [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:40:09.0058 0x09f0 PNRPsvc - ok
20:40:09.0136 0x09f0 [ 210022F2576232F658F4E51B94E0C007, 4B7A03EE44347520AC4493B652EE7831D1818822B3EB08C19F591B507C01EEF9 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:40:09.0260 0x09f0 PolicyAgent - ok
20:40:09.0323 0x09f0 [ EE13ADD1EC56499137DA684A62F862DB, B84551B1100D6243B1B6472C25572594F0CCA81B8B3D7A2AE74A5548C196C0BF ] Power C:\Windows\system32\umpo.dll
20:40:09.0370 0x09f0 Power - ok
20:40:09.0432 0x09f0 [ 2EFA11495641A7699DB0994C59F83F49, 147874AD73ABD547BC33BF09307B6E46A5D34EE846A9F2C623A3EA0EFAC11769 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:40:09.0479 0x09f0 PptpMiniport - ok
20:40:09.0666 0x09f0 [ 3453D93F6E1615A95A1E07B21E93C975, B2E9B05C6135D39E83C252EDE419699202FC2940EBB3C4E2D724DAED8C1717EC ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
20:40:10.0072 0x09f0 PrintNotify - ok
20:40:10.0134 0x09f0 [ 4A80590E3BBA28BD74DC44AD6CFC048C, 0B0B879C3A017779E0A14FFA149C8A66A9DA43369C97FA863A88C30D39BFECF7 ] Processor C:\Windows\System32\drivers\processr.sys
20:40:10.0181 0x09f0 Processor - ok
20:40:10.0212 0x09f0 [ 07CBE151F9071CFCB13758E13C15DD3F, B6E4D51938859EC86DA53D88FF9FEDD46F3F253C151F4229104BF4D945B8AD89 ] ProfSvc C:\Windows\system32\profsvc.dll
20:40:10.0259 0x09f0 ProfSvc - ok
20:40:10.0306 0x09f0 [ DE85A3DDF540AB318789B55537D14975, BB7C87C750E3370CE85F26FF69FD6C23034A034F5D93A3648019C65E28F82759 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:40:10.0337 0x09f0 Psched - ok
20:40:10.0368 0x09f0 [ D1BC31AFF3071E8E2088011846A0B7C3, 7AD87D0CA8F7952652A24876695C09C1587B7AB4A880310DF375BE20640D2FDA ] QWAVE C:\Windows\system32\qwave.dll
20:40:10.0446 0x09f0 QWAVE - ok
20:40:10.0477 0x09f0 [ A65A4F0072C2CD763D5B053DFF164597, 1E3D7B3E8AA117E0D106D68726F5E56A2E906995E235087CB8EBA1FB614DDF75 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:40:10.0508 0x09f0 QWAVEdrv - ok
20:40:10.0524 0x09f0 [ A4E18A22432A27142EF3F6CC388F77E6, B02771E0075BD1778F3D1D3FE91189E436CCBD9EF3EB081D8CA3D899EDFA1CA3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:40:10.0555 0x09f0 RasAcd - ok
20:40:10.0586 0x09f0 [ 929B76FA637DCC5214ABB2B80345AE5B, C6D469161BE64541236E228494094275B03033ACFC786D8BA71C716EB0592664 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:40:10.0633 0x09f0 RasAgileVpn - ok
20:40:10.0649 0x09f0 [ 51FF61A349DC465B1671885039D1BDD6, E9E7F7924CDDBB826955C4028209192EF31E7128C3D1FE980BFE16BF54D587EA ] RasAuto C:\Windows\System32\rasauto.dll
20:40:10.0696 0x09f0 RasAuto - ok
20:40:10.0789 0x09f0 [ 5C1A0389769C8C15BB7DA0A0F3C7FF6F, F7CC42E9A56DE3C99EFA4F2A253B6CE8C59F03588CF081D4B8AF1372847E4551 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:40:10.0836 0x09f0 Rasl2tp - ok
20:40:10.0898 0x09f0 [ 2D6D75A0CEF355094F0291E4779B8EEA, CD43F75368C06EFB404E8CE8F9424CBAA54B126A1E31E2A6C348BE3AF070F301 ] RasMan C:\Windows\System32\rasmans.dll
20:40:10.0976 0x09f0 RasMan - ok
20:40:11.0008 0x09f0 [ C0FCBE1C9EC14B076C43721AD87B0217, 3D6962B411BD8FB89D001B88692E656A0A78C59AD101B8337B79A5622E0420BE ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:40:11.0054 0x09f0 RasPppoe - ok
20:40:11.0070 0x09f0 [ 29B17662D3130B0040B4666CBB5B15BF, 853425B37065172137AD13A7A8A61B962336D5BB2C853452417BA55332FB57E8 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:40:11.0117 0x09f0 RasSstp - ok
20:40:11.0164 0x09f0 [ 84A2C0A8429AC708C567483F2253C47B, B6B1618E4DDE04027EADFF9CD55FC02C7A82E253D868C9567B32668F7128C63D ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:40:11.0257 0x09f0 rdbss - ok
20:40:11.0273 0x09f0 [ 1CA9376CA1C0D2E55CE50C755F6DC483, EB3C52662201C9C0E7BA416C2D90E88F57C220772136098585E757BBF8C197E6 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
20:40:11.0304 0x09f0 rdpbus - ok
20:40:11.0351 0x09f0 [ 09C2F1E1AACEB431C645F8C708E7DD02, 00E3A151DB8EEFE3518E5A30C6F61564F67512855BD91AB41C4C64F8517F26C6 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:40:11.0398 0x09f0 RDPDR - ok
20:40:11.0413 0x09f0 [ 666C31466EC8E91A8BBB623F7F32A93E, FFF243455835343A84C1977822A5223ECD2E5C7869EFC69F5D04DE0390B8F3ED ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:40:11.0444 0x09f0 RdpVideoMiniport - ok
20:40:11.0491 0x09f0 [ 5AC07890A77E42729B674366E508F569, 04161C573BA24F470CA4A5CE66EF619AE2775E3254AD6AC2582595214134D7E3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:40:11.0538 0x09f0 RDPWD - ok
20:40:11.0569 0x09f0 [ DD9EB082A1839271AC6D251CEE6DF765, 1B213F27419A367217A99B51C0709736205E7EEB35EFD25F8002242DD13984A6 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:40:11.0616 0x09f0 rdyboost - ok
20:40:11.0663 0x09f0 [ 671C1F8FEFD5C3C9A2BF472EC566822E, 7654DEBAD8E5DE130AE764AADF7D8E7B6F5DE8393EE82B65D6CB8A773126650D ] RemoteAccess C:\Windows\System32\mprdim.dll
20:40:11.0710 0x09f0 RemoteAccess - ok
20:40:11.0741 0x09f0 [ 44B42C98A2A51717EECF8F58F2275B34, 162B2C4CA7C6D5B234A99D38360A9C248AC051C6720EFD2AE7CBA5897D2D36A7 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:40:11.0803 0x09f0 RemoteRegistry - ok
20:40:11.0834 0x09f0 [ 1C6B8B9452A03BF2C046F534E5D7309B, CDBB5BF186E19883B353212D16AB78199BC5B6B72946623E23377B2534DA4C57 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:40:11.0866 0x09f0 RpcEptMapper - ok
20:40:11.0912 0x09f0 [ 7D3DFAC8C2A12A2B155701856423D988, F96F285DAF068ECECE25F3695C57E5310CAA62226B85FA85AC2F13D8ED4F3D34 ] RpcLocator C:\Windows\system32\locator.exe
20:40:11.0944 0x09f0 RpcLocator - ok
20:40:11.0990 0x09f0 [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] RpcSs C:\Windows\system32\rpcss.dll
20:40:12.0053 0x09f0 RpcSs - ok
20:40:12.0084 0x09f0 [ E0431BEBB118507797C66114616E760B, DEBC75F9A2AB366A43FDD9B558815AE7AC73458D51A9CD7FE3163FF63710D9E5 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:40:12.0131 0x09f0 rspndr - ok
20:40:12.0162 0x09f0 [ 868E3F54FA9B213545548CE3DD317C2B, 02C9260FDEA53C5F1607D3573F87759ADA2AD087613E7511DB25F0F32F8EC42D ] s3cap C:\Windows\System32\drivers\vms3cap.sys
20:40:12.0224 0x09f0 s3cap - ok
20:40:12.0240 0x09f0 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] SamSs C:\Windows\system32\lsass.exe
20:40:12.0271 0x09f0 SamSs - ok
20:40:12.0302 0x09f0 [ 65B271C79076149F4330F6E1EC5FEA89, 8F4ED4826C8273C10009AB7A7A9A6C3A49A93A27A56EBA2394EC8C7266EB1FB6 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:40:12.0334 0x09f0 sbp2port - ok
20:40:12.0380 0x09f0 [ F226ADCCDF951B5E6C6AEC4C5BF6E5AD, B6E5C63160D8B7D482FDA35706DC8B15E196289CB4FFCCE6396626E9F4178425 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:40:12.0443 0x09f0 SCardSvr - ok
20:40:12.0468 0x09f0 [ A02331E45B378E2E2E8B3F9054F91B28, 3C32B2B7A74A853BF0F3D851B55BA9737AA7B4CD431B7264F6347373A1E766AB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:40:12.0500 0x09f0 scfilter - ok
20:40:12.0593 0x09f0 [ BBB5F9F353106E1FFD6636EF52F9B21A, D0EFA2183A18ECACB95BDCFD99BC2C1B017327E500E247E6C07A0BBDA866F4BF ] Schedule C:\Windows\system32\schedsvc.dll
20:40:12.0796 0x09f0 Schedule - ok
20:40:12.0858 0x09f0 [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] SCPolicySvc C:\Windows\System32\certprop.dll
20:40:12.0890 0x09f0 SCPolicySvc - ok
20:40:12.0936 0x09f0 [ A6426111F4AC173F98D9615C3A384EE0, FCD66C13584FE5A66743EB8E0571358A29CA009DC6D39C4E1FD15AF64279F2E3 ] sdbus C:\Windows\System32\drivers\sdbus.sys
20:40:12.0983 0x09f0 sdbus - ok
20:40:13.0030 0x09f0 [ C56B0F3E2F27E1A43F9CD9F46586D1AF, 3559AF03656038A45931F2B534EB56F5AFC504EAA502776916A8DBCCBA1C1419 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:40:13.0092 0x09f0 SDRSVC - ok
20:40:13.0139 0x09f0 [ 6E4C20D038664B4D19D866919BA740C2, 05EEE9AAACDD79E4A523E4D03696368E26FD49980827A11C63CECC709230E814 ] sdstor C:\Windows\System32\drivers\sdstor.sys
20:40:13.0170 0x09f0 sdstor - ok
20:40:13.0186 0x09f0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:40:13.0217 0x09f0 secdrv - ok
20:40:13.0264 0x09f0 [ 7DFA8291BE7FB33DECE217307A75D2FD, 0A7C22F8606A9185851A336117FA65811D1499F89F8D3D23F74B26F200EA4656 ] seclogon C:\Windows\system32\seclogon.dll
20:40:13.0295 0x09f0 seclogon - ok
20:40:13.0326 0x09f0 [ 27B770C28CFBD80E60516DA112E0C8F3, E125DC9C93D657094E440C809C0CC4CB2C5113246B7FA0CF8DEE4F5707C0212B ] SENS C:\Windows\System32\sens.dll
20:40:13.0373 0x09f0 SENS - ok
20:40:13.0404 0x09f0 [ F8CDB64F6DA38D8812DE211362B98A12, FFF7EEC31E2C623F63C84F096EBB241D50BBAF7D1BCDE31DDF6314C1468B6367 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:40:13.0451 0x09f0 SensrSvc - ok
20:40:13.0467 0x09f0 [ 000BD3414CFFF5B38F8374D620C8F43E, 997E512B3DE024E35059DDBD6552567417E480CEDF3F2B954FA3F45A3C76295E ] SerCx C:\Windows\system32\drivers\SerCx.sys
20:40:13.0514 0x09f0 SerCx - ok
20:40:13.0545 0x09f0 [ B79AA351309FB7AF95B2E1634F4C0F89, 55BCB89BC03721FFB7B5A03E954117399F80CC490CA1A7D41362516A602A326C ] Serenum C:\Windows\System32\drivers\serenum.sys
20:40:13.0576 0x09f0 Serenum - ok
20:40:13.0592 0x09f0 [ E0DAA18F4694579C7D66D0FFD42C3B4B, 1B3728BB621B91DB0C448C22C582B5CF14424F2995DC8057235FF04F7F456A0B ] Serial C:\Windows\System32\drivers\serial.sys
20:40:13.0638 0x09f0 Serial - ok
20:40:13.0654 0x09f0 [ 96FE02C72242D4AD5EFC610DC37DA107, 42EAF2DE69332462EDD76B4506D35954C3E97CE8A90356AD59B30F46598C38A2 ] sermouse C:\Windows\System32\drivers\sermouse.sys
20:40:13.0701 0x09f0 sermouse - ok
20:40:13.0763 0x09f0 [ 63CC3E3F5CEF3D3BD22ACB670B1D9154, 0FAA9C2B7899127385C14B246EA3E777AE6C9DC0259CEECBF1272004CE3396A3 ] SessionEnv C:\Windows\system32\sessenv.dll
20:40:13.0841 0x09f0 SessionEnv - ok
20:40:13.0872 0x09f0 [ 18F2EEA5A661E1B808D84EA7D2CB3E5E, FA544AFE3DE4B8838462399C0658F649D38AF99D73A399E70F9EE707C48E5BC7 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
20:40:13.0904 0x09f0 sfloppy - ok
20:40:13.0997 0x09f0 [ 05CA53E25BBD45CE0022AD966638A19B, EDD24EA163F53743BC1813C393E05EF3181EDA512BCFED069DA2C80676E4BF79 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:40:14.0106 0x09f0 SharedAccess - ok
20:40:14.0169 0x09f0 [ FA431599A1631AD4D110D0ADDE9D333C, D1725648FFA9E6C4E65FB784986598A0B07367EA7B1762456B1D1CD6D9611FFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:40:14.0262 0x09f0 ShellHWDetection - ok
20:40:14.0309 0x09f0 [ EE13C9F22485DADEB864F3D93DB30F29, 9F7CF8031AE387BF24CBC51554A51A9E665D7382EEB6388B867DAC23E41D955F ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:40:14.0340 0x09f0 SiSRaid2 - ok
20:40:14.0356 0x09f0 [ 456FD58EE194BC7F289B8D9F2A2BC000, 9835F2A50A88A134B0E7D4CBDA9C70B797F32E5D4C39D324EB6BD29DC98F0C03 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:40:14.0387 0x09f0 SiSRaid4 - ok
20:40:14.0434 0x09f0 [ 2D0CC4CDC4E5805800A9615A4AE2E826, 32AC81A21135B1F2C9460C4A3C10DA0791DAE3EDC707EFFB49B4EA372295D702 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:40:14.0465 0x09f0 SNMPTRAP - ok
20:40:14.0496 0x09f0 [ 0312EE5B88383F9C8C69C4B3611BBCDF, 27A8A4938233B047EDDC1A61C3577278A940A01E949B44904340EAC1386908CB ] spaceport C:\Windows\system32\drivers\spaceport.sys
20:40:14.0543 0x09f0 spaceport - ok
20:40:14.0559 0x09f0 [ AE81DC8F9EC833A2578DD5F195B091BA, ABD2135462148B26BF40E2240D048499BC899EE13E3F01F91A39C15FF61C20F0 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
20:40:14.0606 0x09f0 SpbCx - ok
20:40:14.0652 0x09f0 [ C65FEFCD539B1ACAE87FB8DA7014C320, 064E6112CB02E71AB7BF508352D4CB3931716C662BE236209CACE20284ADD342 ] Spooler C:\Windows\System32\spoolsv.exe
20:40:14.0762 0x09f0 Spooler - ok
20:40:15.0012 0x09f0 [ CE5998B0CE281A8EB15CC6B4BACB50CB, C271C240DD1865B3EC4D291800AAF22D5FE1DA4346A42FB9836C8D0BA1FD74B0 ] sppsvc C:\Windows\system32\sppsvc.exe
20:40:15.0512 0x09f0 sppsvc - ok
20:40:15.0621 0x09f0 [ 5848941CEEAFB81EA975465CA7F95980, 955C593A46E7FDAB2E0E0C3B01A10DD17315881CEEF11E1A3FF09951DAC45373 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:40:15.0683 0x09f0 srv - ok
20:40:15.0730 0x09f0 [ A83F32595367896B32523A3124A652C3, BD2AA5B19DFDE1EA08972A47FB1B3E9E85D6C3D0D86EBF3B50C5F90409324EC2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:40:15.0808 0x09f0 srv2 - ok
20:40:15.0870 0x09f0 [ EC101EB41762E038CAE4D630998C9351, 921A930B6FA5F1CE218B745C5797FB78829621A5E9F627D8EA3C7DBFA97738F2 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:40:15.0917 0x09f0 srvnet - ok
20:40:15.0964 0x09f0 [ 82F694259060F222CA079FC2BA7A8A47, E717D83D48B370A2B20FDFCF887228AE17B6F70B0AC52D848208F1E244D255EC ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:40:16.0026 0x09f0 SSDPSRV - ok
20:40:16.0042 0x09f0 [ 21D742D8259AA4FD94411F5738841DFD, 50B2075AA79DD01C8B69C94439EA299B5B2399CBC7EA934D1F5BAD2C345A02FF ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:40:16.0089 0x09f0 SstpSvc - ok
20:40:16.0120 0x09f0 [ C0A03E9D1DF7671B0CAED016EEB67074, 5795129A70B9A702B0332EAA9A2F56E4CEFF5EB839CB7605504292BABAF2AF2D ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:40:16.0151 0x09f0 stexstor - ok
20:40:16.0206 0x09f0 [ 4D400620DCD449E1E22639C7585B8E3C, F68CC58C4D0BA85BFBBD4AF5DE6B3952B9467652E552AF8F447F45CE24AC6C38 ] stisvc C:\Windows\System32\wiaservc.dll
20:40:16.0299 0x09f0 stisvc - ok
20:40:16.0331 0x09f0 [ 383821D628B9843D8BA7501FD8C6D4D3, E0AD4FA5AF8DB20CD42C45FCF162BA812AA8A5132428CA78512CF00F372C1D18 ] storahci C:\Windows\system32\drivers\storahci.sys
20:40:16.0346 0x09f0 storahci - ok
20:40:16.0377 0x09f0 [ 844F73085E49A0B46ECCDD16CAFC1C1E, 7AD84AF4DC2BA8D84EA962AE4EB903D13123FBAEBA881674620383B6FC57BA74 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:40:16.0424 0x09f0 storflt - ok
20:40:16.0455 0x09f0 [ 29AD38D45DB2161CE60812E99402CFF6, 2ED09732186E8A754D900324B0E1EA5854CDDE1764B08E04C253E8B885585A7C ] StorSvc C:\Windows\system32\storsvc.dll
20:40:16.0502 0x09f0 StorSvc - ok
20:40:16.0518 0x09f0 [ 799E1DD1D72CC320E2CC0B9202F2A899, 1A5AD40ED5ED597FC52177444AF073F35D8D66030B94906123BE94BB81421FCB ] storvsc C:\Windows\system32\drivers\storvsc.sys
20:40:16.0549 0x09f0 storvsc - ok
20:40:16.0580 0x09f0 [ 3AF3BC53DCF91DC3D1D2A6A30AD051CF, 3495FF296378714B922D8C624AA527B78D850A17D7D94CE5D3259F3C5AEB44FE ] storvsp C:\Windows\System32\drivers\storvsp.sys
20:40:16.0627 0x09f0 storvsp - ok
20:40:16.0658 0x09f0 [ B25224A4EDF64737F4300968BC45AB9C, 63ACC8AD3E5C861EDA4144D63760286D7C190F494CBC1E09B6AFEAA82819281F ] svsvc C:\Windows\system32\svsvc.dll
20:40:16.0721 0x09f0 svsvc - ok
20:40:16.0752 0x09f0 [ 53C4A8832F1A0C01ED2A47998CA68070, E36E1BC361C4E468508D1536D63FFCB9FF9FB7ED5DE3CA4CA73C0BE6BA812BCA ] swenum C:\Windows\System32\drivers\swenum.sys
20:40:16.0767 0x09f0 swenum - ok
20:40:16.0814 0x09f0 [ 3DA2D680BC7CFB4F832DD8C402045DDE, 6ED5E646FF59E185F3BF1234C14166828064A12CDDB4018C12C601F9515EC7C9 ] swprv C:\Windows\System32\swprv.dll
20:40:16.0908 0x09f0 swprv - ok
20:40:16.0989 0x09f0 [ B63ADA5B8CA26A7D56B782B7ECE495CF, 31C89C69CF27EE1FDA907501A77882D24F278782CB117740BCD17C71E3F061DB ] SysMain C:\Windows\system32\sysmain.dll
20:40:17.0129 0x09f0 SysMain - ok
20:40:17.0176 0x09f0 [ AA1C13A4153AB9D839ECF3F626CA0FDA, FA41DD96A2927A69E942FBFE01370E73E0655A688DE8487E2B0CA7250E700884 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
20:40:17.0238 0x09f0 SystemEventsBroker - ok
20:40:17.0269 0x09f0 [ A1878EF21CC43AB0C20E9E226C61CF8F, F92EAA45340F3A1CBF98C745D9C67EBE50EF03865AC2863922F6AD44833A50A9 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:40:17.0301 0x09f0 TabletInputService - ok
20:40:17.0332 0x09f0 [ 23D9550BCFB35E2EAFEA65EACB4E447D, 4446E0A29C4C085D743743050FAD3BADBAAEFB3F7CEE7BC03A7DFF04AD33B3D2 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:40:17.0394 0x09f0 TapiSrv - ok
20:40:17.0519 0x09f0 [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:40:17.0755 0x09f0 Tcpip - ok
20:40:17.0978 0x09f0 [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:40:18.0134 0x09f0 TCPIP6 - ok
20:40:18.0196 0x09f0 [ AA231BA5CD8A6769099FA1E01D5CF8F4, 30E20C1B3EEDACD866352C6B06D38023FAB111909396E1D32BFA61B94B694E5A ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:40:18.0243 0x09f0 tcpipreg - ok
20:40:18.0259 0x09f0 [ 82944280D22410A0A5CA7133EC81AA92, 039F30E39C39E6312654C442D22601DFD9216707BB78FD1F381F2205FE707DF0 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:40:18.0305 0x09f0 tdx - ok
20:40:18.0352 0x09f0 [ FD64257C5F21CD800AFBC98443ED2410, 9B32D7662B7735E74609A87BC9088816C7CE9C15068B4494BC5416A740DD67E7 ] terminpt C:\Windows\System32\drivers\terminpt.sys
20:40:18.0383 0x09f0 terminpt - ok
20:40:18.0461 0x09f0 [ 771564E254793B33E51D62303480BE97, 83D4B5E987B4B75027C8984FF5C244C7FA3C2FD8261B1C7D085A3F96F170E371 ] TermService C:\Windows\System32\termsrv.dll
20:40:18.0586 0x09f0 TermService - ok
20:40:18.0633 0x09f0 [ 99CD7A3F21958E4386B853AE7CDF1149, 44FAFA81AEA271AED3EDE82A408B0ED045524A30640E7A934E82292404F7C0D8 ] Themes C:\Windows\system32\themeservice.dll
20:40:18.0680 0x09f0 Themes - ok
20:40:18.0711 0x09f0 [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] THREADORDER C:\Windows\system32\mmcss.dll
20:40:18.0742 0x09f0 THREADORDER - ok
20:40:18.0773 0x09f0 [ 969E681262181C4D3786C1F038594FF0, 5868FDE6F5E407B49A6AA356345C1D173FF5DB4B9705A7B425A1E8623EBE5BDD ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
20:40:18.0820 0x09f0 TimeBroker - ok
20:40:18.0851 0x09f0 [ C595E59E47AE16286A84EFDE9B8E394B, 1587019150D9C44318ACE6398425401948D7DBD05AA583578CBB2209A3D225FB ] TPM C:\Windows\system32\drivers\tpm.sys
20:40:18.0883 0x09f0 TPM - ok
20:40:18.0929 0x09f0 [ D1D9A607FBCD1493F3E48F7EF4274DA7, D33D869BD2C0317AE1ED779A2AEDEA2965F5DD92A056875A6163D25F1482C770 ] TrkWks C:\Windows\System32\trkwks.dll
20:40:18.0976 0x09f0 TrkWks - ok
20:40:19.0023 0x09f0 [ 9FE0BE086B89218187E02435FC3356B7, 6C2F02B948513460568BCB21DD18ADAE8ABFB2E5F7B992B0CDC7A341DEF12BAD ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:40:19.0054 0x09f0 TrustedInstaller - ok
20:40:19.0101 0x09f0 [ C1B8409E6A4BA28CFB3C874AAB60A2EC, 8BE9B5B9DCBEBE677CABE09101725D898F4CB3DEFBC00002F0CBF75B9193EFE2 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:40:19.0148 0x09f0 TsUsbFlt - ok
20:40:19.0179 0x09f0 [ 403C610E2EDD0523803951BC648B74C3, 9579819505D8D546B845BE02923890D1870C1B9683E9897C46F364E0D87B0431 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
20:40:19.0210 0x09f0 TsUsbGD - ok
20:40:19.0226 0x09f0 [ 880F87B7A75F39E6A41508DA43C966A8, 1B7954BC814DF8847EDD6A86AF9BBC9981385020A830AD3BE00E8DA5280D6F00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:40:19.0288 0x09f0 tunnel - ok
20:40:19.0304 0x09f0 [ 6300E896D59730C8E30998B0C546E189, 5B3F8FA1A7C57BF8AC467285B446394480E30D4CC7AD5ECF88A952CC76753B42 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:40:19.0335 0x09f0 uagp35 - ok
20:40:19.0351 0x09f0 [ BD1EE7A81DBD00797F22CA8785F53C26, A118F1B72CF3AC6A98E876B1D7946C8025149EDEFD31749667135E2E7DD96897 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
20:40:19.0397 0x09f0 UASPStor - ok
20:40:19.0429 0x09f0 [ C56348B01CF40F04BC0A37DC3ABAFD33, 7D1F5E8A2286FF73BE0489823317BCCA3FB2AE59D0682B41ED148D082870E697 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
20:40:19.0475 0x09f0 UCX01000 - ok
20:40:19.0491 0x09f0 [ F9E7170D13E0222F74435614D06669C4, E86449EDAF30CE975227F26920936593834E5EF87AF01A938AEBA0099CAEF38C ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:40:19.0569 0x09f0 udfs - ok
20:40:19.0616 0x09f0 [ DC38F7BDA9CB58A3974DE16E5B92B373, C79FC7AAF603F3996FE036F4DC464B09F402F3C2F33F24F3342D5B903EA46D89 ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:40:19.0678 0x09f0 UI0Detect - ok
20:40:19.0709 0x09f0 [ FF40F051E4587B23D42324BB41E6AC3D, 6A0AD3C53434CA0009D1CAEE60B50EF992A371339B4A594CE18A0EB2505C0F58 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:40:19.0741 0x09f0 uliagpkx - ok
20:40:19.0756 0x09f0 [ E50E55AFADD4BA807EFAE884820F631C, 3DE18E6A89E77783077F445198DD842A0C1FCAB9E554ADFD91E5C31C354E6E1D ] umbus C:\Windows\System32\drivers\umbus.sys
20:40:19.0803 0x09f0 umbus - ok
20:40:19.0819 0x09f0 [ C8B523CFCC5AA060CC019ED9E54E1D1A, 0035BAF0F7A935440F4CC0578D495269D474EE58A4A0B342AE06F35312B1B1F9 ] UmPass C:\Windows\System32\drivers\umpass.sys
20:40:19.0865 0x09f0 UmPass - ok
20:40:19.0928 0x09f0 [ E7E4E3F0EF460D07E4A3642CF220893C, 60B869451C0E13D1DF47C6D819226DE6E7855198BD1316044DB3A9FED94E093F ] UmRdpService C:\Windows\System32\umrdp.dll
20:40:19.0990 0x09f0 UmRdpService - ok
20:40:20.0037 0x09f0 [ F04BE595430D590F2788966890B54DAD, 372F49E3DACA44A4113C13B9416A4669BFA18B4EBBB23E9C28062C32AAF54B07 ] upnphost C:\Windows\System32\upnphost.dll
20:40:20.0099 0x09f0 upnphost - ok
20:40:20.0131 0x09f0 [ 72EA2F0611459449E30014EBFB0548BE, A88FE762B207D7FE96495C9976C8C31E8977D3D6E47792C09001CF2F6DBFD787 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
20:40:20.0177 0x09f0 usbccgp - ok
20:40:20.0224 0x09f0 [ A11C6D32F0942D3301EF159AF73ABC1D, 14F891D873BB5BA56708F80EB4CAE2E20BAE3ACB95092AFD56BBDC34C619683A ] usbcir C:\Windows\System32\drivers\usbcir.sys
20:40:20.0287 0x09f0 usbcir - ok
20:40:20.0302 0x09f0 [ A35CA67BD41E5F5D4DCB7BFCCC3490B0, 6176768493E2D36F52B9DE7644681E8FB91B9B5D32921236B20031FBED73281C ] usbehci C:\Windows\System32\drivers\usbehci.sys
20:40:20.0333 0x09f0 usbehci - ok
20:40:20.0365 0x09f0 [ E5789E9E8D771CF55D90E897487C06F0, 0AA71E05A003AB0C32AF24CD0B9FC0F20779CCE22DF3FCC40C9115FD200D2049 ] usbhub C:\Windows\System32\drivers\usbhub.sys
20:40:20.0443 0x09f0 usbhub - ok
20:40:20.0474 0x09f0 [ 68F582D743424837C082A46AAD7F5C2A, A292EB81D612C092559F737DCDF42D50F805E074752F9492FAF43481410C9B71 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
20:40:20.0536 0x09f0 USBHUB3 - ok
20:40:20.0552 0x09f0 [ 0F04142FF6103B898F8BAA04EC626FC4, 8925F76E8249BD809B0B53F954C1CB4A087F0E04358118FF8698F23E40BB074E ] usbohci C:\Windows\System32\drivers\usbohci.sys
20:40:20.0583 0x09f0 usbohci - ok
20:40:20.0599 0x09f0 [ F3CDD4A88125BD7B91D6847170E06B96, 60C1D8E5E6C2DF6D7412A6B20C5B5CB6AEFEB72A79538A1FCB75AC75ED6CFF1E ] usbprint C:\Windows\System32\drivers\usbprint.sys
20:40:20.0630 0x09f0 usbprint - ok
20:40:20.0645 0x09f0 [ D68B7268CA888C06447FB8ADC8E0ACF7, 67580E237B7D7D9862A537EE11EBE3BB9AB029E522EAB94EC9A41642A8466019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
20:40:20.0677 0x09f0 USBSTOR - ok
20:40:20.0692 0x09f0 [ B1FC6C75482078C324A2470CBA5CD737, E687204FF0FE22CAAAFD05285FA07229668B737DABEC2A63697D0A48B0BCF9FE ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
20:40:20.0739 0x09f0 usbuhci - ok
20:40:20.0786 0x09f0 [ 99F8D02C629F6EA68AC057647A7A4A5E, 2A76EB8A58D94DA1B4CD93894671F9E9505BEAF23CA3C0A5B07872A3FF7C2486 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:40:20.0879 0x09f0 usbvideo - ok
20:40:20.0926 0x09f0 [ FCCCCFE107E17D834B9B132DAE965B25, F6F80EEF47FC3C975C9E68135372E16CF913DC40DF111F0C6E72D11CACCD0065 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
20:40:20.0989 0x09f0 USBXHCI - ok
20:40:21.0004 0x09f0 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] VaultSvc C:\Windows\system32\lsass.exe
20:40:21.0035 0x09f0 VaultSvc - ok
20:40:21.0051 0x09f0 [ CC402B1ED2921B39BB972913422219BB, 3037CCC6EB07CCFBD72D7C772486FB4DCC8560CF577EB65C65BC06C0BA532437 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:40:21.0082 0x09f0 vdrvroot - ok
20:40:21.0160 0x09f0 [ 5A57E3FBB73FF8B503FFDBBBE06C7F73, 7346212BFAC8AE404B231DC1E6D4B5934ED2EBC12511E19931FF137F0FA6B0B3 ] vds C:\Windows\System32\vds.exe
20:40:21.0269 0x09f0 vds - ok
20:40:21.0285 0x09f0 [ 5BD4FBB9E65CDC70C029612D1DE26356, E4E79FA2ED32AC3EC8240C007ABD9255EBCFD7E9B5C7B5408AC6990E070B68F3 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
20:40:21.0332 0x09f0 VerifierExt - ok
20:40:21.0394 0x09f0 [ 5FE0329F82B1AD8F95A155231E2AAE37, BFFBF7D4AE3C33985A225206491C25E0F8B6438AC2B7069E0E258DAE86EB1708 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
20:40:21.0488 0x09f0 vhdmp - ok
20:40:21.0535 0x09f0 [ 51A2636F86F50484FB35E14AB2AA764C, 6273D9E68F5E7401817D95B53999A5B71D3870BFAA97C2733551DCB8AFC4AA2F ] viaide C:\Windows\system32\drivers\viaide.sys
20:40:21.0566 0x09f0 viaide - ok
20:40:21.0581 0x09f0 [ 684A0454B2C377DCBE138159F5F1E102, 55E93778D92C1E7452179C847679030AC7F0672C4F8750931B64FA1F8A2B4C50 ] Vid C:\Windows\System32\drivers\Vid.sys
20:40:21.0644 0x09f0 Vid - ok
20:40:21.0675 0x09f0 [ 1E5B68D3A799EFC803942801D14EB1D9, 0B8548C589C0EE4A4BB08C4D1B88B9B58A623B55FBC6DBF23C16C4DFCF82D66D ] vmbus C:\Windows\system32\drivers\vmbus.sys
20:40:21.0706 0x09f0 vmbus - ok
20:40:21.0737 0x09f0 [ 2B69692D7A89A55A91657D070B265C51, 2F85D625E53A5393E7C19EF247864BC0619EFBD13365F9F76C5EF53F3C01D582 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
20:40:21.0769 0x09f0 VMBusHID - ok
20:40:21.0784 0x09f0 [ 273477B3331983A356E132700288FF2D, 883450DED09363F5614699B702773B2100B9EED269F4E43116C6578D6B6938D8 ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
20:40:21.0815 0x09f0 vmbusr - ok
20:40:21.0878 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
20:40:21.0940 0x09f0 vmicheartbeat - ok
20:40:21.0971 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
20:40:22.0003 0x09f0 vmickvpexchange - ok
20:40:22.0049 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicrdv C:\Windows\System32\ICSvc.dll
20:40:22.0143 0x09f0 vmicrdv - ok
20:40:22.0268 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicshutdown C:\Windows\System32\ICSvc.dll
20:40:22.0408 0x09f0 vmicshutdown - ok
20:40:22.0502 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmictimesync C:\Windows\System32\ICSvc.dll
20:40:22.0689 0x09f0 vmictimesync - ok
20:40:22.0845 0x09f0 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicvss C:\Windows\System32\ICSvc.dll
20:40:22.0923 0x09f0 vmicvss - ok
20:40:22.0954 0x09f0 [ A6FD547C67E16300F880CFC29EB1180B, B6C4EDBC00A145C93184E63C8B5FB5A1647D93B12EB2A3259A72C6281678EB46 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:40:22.0985 0x09f0 volmgr - ok
20:40:23.0017 0x09f0 [ 4EC94AFA246E256460811D8CEBBC914A, FCF4C445B964F1BB26DE173737CE1C1E6CAED11E9E05CB67C32244C8090C5A28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:40:23.0063 0x09f0 volmgrx - ok
20:40:23.0095 0x09f0 [ ED7880AB1743BEB09A8549B6E88E7FF5, 4938FC4FE246FC756CDF58262C092A439F00699172CC09B992EDA3AE9D76067D ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:40:23.0141 0x09f0 volsnap - ok
20:40:23.0157 0x09f0 [ 569755E8A09406F074764A9C72361969, 6E3E64390DD3CB0459BDD9AFFDFDE95493CA10D49CAE186CA4EE601BB12327C4 ] vpci C:\Windows\System32\drivers\vpci.sys
20:40:23.0188 0x09f0 vpci - ok
20:40:23.0204 0x09f0 [ BD272A755B8D028CC558E3CD0330E286, 725A4900CD4981EB922B94CD3462322669BA46AC175C132B4C2EC16C7BCE1401 ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
20:40:23.0251 0x09f0 vpcivsp - ok
20:40:23.0282 0x09f0 [ 9EE2C503B3960AE8E43DDB85523428CA, CBC0A1FAF9861FACF3805CBEC24F40F9E4B8164A7CF01BF2A16F766EF18AD03A ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:40:23.0329 0x09f0 vsmraid - ok
20:40:23.0438 0x09f0 [ 9BD38DF6B2C7D020B2F29C0573B557C8, 621AE44A7E01F6294F4D690D6D6C1E11FB56C96BBEE241D34B4155252B620798 ] VSS C:\Windows\system32\vssvc.exe
20:40:23.0609 0x09f0 VSS - ok
20:40:23.0705 0x09f0 [ 4ACE469E3FD59CB605D680124938DD06, D7C0BC0DEFD75C30F94FDC840FEF53D48DA44D28B101DA0ED8EA4DE5A11FA091 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
20:40:23.0799 0x09f0 VSTXRAID - ok
20:40:23.0814 0x09f0 [ 3C84A039E2796EECA1997902F5D635E7, A503051F5820E61EE15221AF1BA7A7C04CDB3760487D287743D0FAA0A167B59C ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:40:23.0861 0x09f0 vwifibus - ok
20:40:23.0892 0x09f0 [ C6BB1AD6603A83B0B00C344DE2BA652D, 869EFD4EBC4F19C7C82DBC12CF59CAB71946F242401B59D23AE8BF6C91DCA499 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:40:23.0955 0x09f0 vwififlt - ok
20:40:23.0970 0x09f0 [ C78819ED0FF21EFFA23465267E507441, E9FBA09783DC516FB66465960CC793BF0BE348665E28A21C79534DC3D856BC0D ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:40:24.0017 0x09f0 vwifimp - ok
20:40:24.0080 0x09f0 [ 9192AECDDAB77DB096AF1557EF58EF07, 56B6B14B6873522270F257BCA382773DE2B33D89DBE53EC012F67A6551A86855 ] W32Time C:\Windows\system32\w32time.dll
20:40:24.0158 0x09f0 W32Time - ok
20:40:24.0173 0x09f0 [ 142617854B09099C9F32FB4A3B96CB83, 3A90636E00D01EAFF559F2C9BB0EE7C803E381EB738D825D7D68F1245BEFE146 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
20:40:24.0204 0x09f0 WacomPen - ok
20:40:24.0236 0x09f0 [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
20:40:24.0282 0x09f0 Wanarp - ok
20:40:24.0298 0x09f0 [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:40:24.0329 0x09f0 Wanarpv6 - ok
20:40:24.0414 0x09f0 [ 1B7B06CF9206E129D03BE3011E35C6E5, 653545F4C709ABE8292C7CBD948E5300F7CFE91003D236280138A9C116E5006A ] wbengine C:\Windows\system32\wbengine.exe
20:40:24.0616 0x09f0 wbengine - ok
20:40:24.0694 0x09f0 [ 06212EE0E6FFE33E40CB519EFA2E055D, 4381248FE810284114FAE659A160CE1FA612A8B2F70B3F98E3FD97753D4D2815 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:40:24.0741 0x09f0 WbioSrvc - ok
20:40:24.0772 0x09f0 [ DC45A1C14D36A4FB1E581D69602306A5, E33EC9182A1525E59C039E5060C65C6930768A739FC6B8E410B83F790A359968 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
20:40:24.0835 0x09f0 Wcmsvc - ok
20:40:24.0866 0x09f0 [ 7C86BF53418BAE01483853E129B1FCB7, DEE1568020702F10F72EEE35E3195922478E1AA19948EC5A12A9DE6578576637 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:40:24.0960 0x09f0 wcncsvc - ok
20:40:24.0991 0x09f0 [ B6B3F1A5BCEC66B1E08A8A96B67161E1, 2E4269DC1820DDB22A7C4FC866746F0057F3E3DBDDFDEBAAFAB5EE00502E5654 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:40:25.0022 0x09f0 WcsPlugInService - ok
20:40:25.0069 0x09f0 [ 80915B11341BD6A0653A2E2DC73A1A87, 6F45B16662F7606CA7AAC43A31E8392BC3BC7CDF925B11478ABD7CBC4B2D4F24 ] Wd C:\Windows\system32\drivers\wd.sys
20:40:25.0084 0x09f0 Wd - ok
20:40:25.0116 0x09f0 [ 664BDB2F6B12FE9B07538B5BF443F403, BAAE3A784D5FBB5E68BD5FFE9F3984E71362DFFFADDFC8D1CC618A23672ECEA4 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
20:40:25.0147 0x09f0 WdBoot - ok
20:40:25.0201 0x09f0 [ 7F2978DE8DDF0145DEF9EA8FB1E3D019, 7C4129C045CE82440FFA0582F184647B67A8E197AE206CF23B70627640E31540 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:40:25.0326 0x09f0 Wdf01000 - ok
20:40:25.0357 0x09f0 [ C22973DD5DA19664C51583D30E5DE3B3, C535A32DB10600510F2682BC049FD182B40AD3E4B2B5340619D80469CACABEE0 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
20:40:25.0482 0x09f0 WdFilter - ok
20:40:25.0545 0x09f0 [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:40:25.0591 0x09f0 WdiServiceHost - ok
20:40:25.0607 0x09f0 [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:40:25.0654 0x09f0 WdiSystemHost - ok
20:40:25.0701 0x09f0 [ 950D8382A389844DED765834A796EEDC, B1E1AF2D9F0048C51A5E32DA0B273021F26AD88037209371255411367594643D ] WebClient C:\Windows\System32\webclnt.dll
20:40:25.0763 0x09f0 WebClient - ok
20:40:25.0794 0x09f0 [ 02D478D6142E0FF303C53D9FB8D34A53, 657A34E9A23DA4317D53447AAEFA1904DA46BA974C9F39AC94CB8BF07A8A8249 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:40:25.0841 0x09f0 Wecsvc - ok
20:40:25.0872 0x09f0 [ F2F427F3C188877E0754C4D0D9D7321D, FBC6ED0EE41D13D170B36476297211EDA200621EDD0F7341012C3D4D667761BF ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:40:25.0935 0x09f0 wercplsupport - ok
20:40:25.0950 0x09f0 [ 158AB68C9761845EB6B240CD273D667F, 11D0291F04632DDF6EAD266214011125405B32326CB48C50BCD97024C8BDE893 ] WerSvc C:\Windows\System32\WerSvc.dll
20:40:26.0013 0x09f0 WerSvc - ok
20:40:26.0059 0x09f0 [ 01353FA4F412E1CFEBD049B604208A90, 860F06EE231771E2021B400B7D6931A9601562CA8EBEE52F79865F8B8EEB9250 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
20:40:26.0091 0x09f0 WFPLWFS - ok
20:40:26.0122 0x09f0 [ D16E5C1F2E4680C7263784B45916EE52, 156BE46EF6B61A732CFB112E18099F70D72F32C841FBCF87F2DA4B827FD89A6D ] WiaRpc C:\Windows\System32\wiarpc.dll
20:40:26.0153 0x09f0 WiaRpc - ok
20:40:26.0184 0x09f0 [ 1B6DA2B0F0ED2FCF77BC64E33513A329, 25854A6E7D3384123E62BF954FEED9596D1BB28A8EB134C5FFF63F0D51B56683 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:40:26.0215 0x09f0 WIMMount - ok
20:40:26.0247 0x09f0 WinDefend - ok
20:40:26.0309 0x09f0 [ E9A19812C75CC074B20088C714AEB690, 47546E381D72AE9D2F5330B982582199E2E6D2DE66ADE3C5DEE6FAC831631D72 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
20:40:26.0371 0x09f0 WinHttpAutoProxySvc - ok
20:40:26.0574 0x09f0 [ 4C5FD622294D2F81F6F06F741E895F70, 258E56A01B2CD29A754D6CDF7FCF103883AB7088B4E262DB46DAA93F885747BD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:40:26.0621 0x09f0 Winmgmt - ok
20:40:26.0793 0x09f0 [ 4083852CC0E31D32B3B16AC9E18F0B3F, 055A2C9340CEDBFE2F9D6617A2D75A05AB03B0F6714E982AD41C4260359115CE ] WinRM C:\Windows\system32\WsmSvc.dll
20:40:27.0120 0x09f0 WinRM - ok
20:40:27.0276 0x09f0 [ AE5D57594A2F1A6A6C34DD47066201E8, 69773BEB53F43255613472886C27A2FAE9387127821A7361A34CE3848993809D ] WlanSvc C:\Windows\System32\wlansvc.dll
20:40:27.0448 0x09f0 WlanSvc - ok
20:40:27.0588 0x09f0 [ C347251ACD04EA68E62BCE707B42E756, 603C408792541B441A3FB27C51EE0FED598CE97832205F596BE093510F339A73 ] wlidsvc C:\Windows\system32\wlidsvc.dll
20:40:27.0791 0x09f0 wlidsvc - ok
20:40:27.0947 0x09f0 [ F274B2E40D94B41098AB82F2EEE07898, C55B80FCAAE218C375169DA821EDD5BD36DCCC6105AD8BCECCD890FE99C61C23 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
20:40:27.0978 0x09f0 WmiAcpi - ok
20:40:28.0041 0x09f0 [ F8FD8BF814C83FEAAA3110477D49C57E, 82FE4325EF8BF56A94C2D4E28B7E3E6CAFB060985A850380E3C6C2647E997D77 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:40:28.0087 0x09f0 wmiApSrv - ok
20:40:28.0134 0x09f0 WMPNetworkSvc - ok
20:40:28.0165 0x09f0 [ 4E8429A8E3873D99581B76F4BB2E2BCD, 7B6EA55C1DF3C12B6108D6F7E6C1BFC71B54BCA65199ADD685B9133092ECFAEE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
20:40:28.0197 0x09f0 wpcfltr - ok
20:40:28.0243 0x09f0 [ 247140C51FE0424C54AA85412CDFB26D, 36B61FA1794FC8580AC2A2679C3ED00AA0A11E4520A77611660E21672CE15947 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:40:28.0290 0x09f0 WPCSvc - ok
20:40:28.0306 0x09f0 [ AA429F7C7B9E18FF66FE3504B80FAB9A, A676B24F0A7519066404DE6C9598F9DCDF676E50ECBFE1CB736468162D272B82 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:40:28.0353 0x09f0 WPDBusEnum - ok
20:40:28.0368 0x09f0 [ FA4024915B947A7A4C33F6F18454B32A, 9BF9A3FC1099A9472EFF2B54D36F64D009A683535EF102D1172D2385C9DEFEBC ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
20:40:28.0399 0x09f0 WpdUpFltr - ok
20:40:28.0399 0x09f0 [ B4E48459933B8C48F388BCC3EB1F58D1, 23DE611C880E60B8A4E81F8A44541119D86B15E1718D5E3ADE4E600DE1D0A515 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:40:28.0462 0x09f0 ws2ifsl - ok
20:40:28.0477 0x09f0 [ C3A047C10C2B4C6A1C081F04EFBCE1E3, 3AC760E742CE4357FEE5E8E33344586D5D38D495733B9829866CADFAB7071B4D ] wscsvc C:\Windows\System32\wscsvc.dll
20:40:28.0540 0x09f0 wscsvc - ok
20:40:28.0540 0x09f0 WSearch - ok
20:40:28.0680 0x09f0 [ 8760CCDABD00942F32DD02B8F04D7EA8, AF00539CE9312CEB624664F66E8834D086807CD6ED6BFD76DCAD457D1D22FC4E ] WSService C:\Windows\System32\WSService.dll
20:40:28.0930 0x09f0 WSService - ok
20:40:29.0257 0x09f0 [ 3E8C4507F587C7151F0755DAA1FDB997, E2F9630CC777A76F10788DD146AE4CADC6CE4EBD419DF3EB78F71DA57D7F08E1 ] wuauserv C:\Windows\system32\wuaueng.dll
20:40:29.0632 0x09f0 wuauserv - ok
20:40:29.0725 0x09f0 [ A599942A2C8DED90CB73C28A86F56EF3, C5F7103ADBB7DBAF10CC39C4D02264222EA08719829BEB6924AA6F2295102430 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:40:29.0772 0x09f0 WudfPf - ok
20:40:29.0803 0x09f0 [ EB155EDD2256E626368796F4B7CBE013, D049298AD903C967A336596CAF030DDA1B66AACADC4A2E9ECD7E15082B4EA0BC ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
20:40:29.0850 0x09f0 WUDFRd - ok
20:40:29.0897 0x09f0 [ C4B15954BFF994889DEB6A2AFE9E8985, EA55A7CD5C4B718C2693AA39B151D7A0F8D1272E47DD13F1136F9146C938A7BC ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:40:29.0944 0x09f0 wudfsvc - ok
20:40:29.0975 0x09f0 [ DD9797B5157EF2CAB24454D0F5A08837, 5F25EA5C5B75E45212D463C59B36A79202DE77DE56B6C63FAF1487860A219CF9 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:40:30.0037 0x09f0 WwanSvc - ok
20:40:30.0084 0x09f0 ================ Scan global ===============================
20:40:30.0131 0x09f0 [ 26E0369D73B00093D046562F22676D70, 96CE28CCD5DF70EEACE9223A9939F8845B93B3F71EAF3215C167A1E8B1FB593E ] C:\Windows\system32\basesrv.dll
20:40:30.0193 0x09f0 [ E84549406F758028C87FB4C404AD582B, B512E562763D6E85D17BDDC73213CC292F41134588295B47B1F732B14544776E ] C:\Windows\system32\winsrv.dll
20:40:30.0271 0x09f0 [ E1F689E799E6BF3EE078A228E01E6DAB, B51ACDE3A47E02F3D8C7988B21E7B277535C0C102497FBB2C54B8B644DF37EF0 ] C:\Windows\system32\sxssrv.dll
20:40:30.0334 0x09f0 [ 0D9642ECA426AB06234E41161BCC9628, DAB7EB1321B7F246878720DD5011D90D57CE5C9F22E4EAA6B450E0F5EE88B0A1 ] C:\Windows\system32\services.exe
20:40:30.0334 0x09f0 [ Global ] - ok
20:40:30.0349 0x09f0 ================ Scan MBR ==================================
20:40:30.0365 0x09f0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:40:31.0290 0x09f0 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
20:40:31.0290 0x09f0 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:40:33.0778 0x09f0 ================ Scan VBR ==================================
20:40:33.0809 0x09f0 [ ACF4FFFBB302AD629A0DF9B0851E0D8E ] \Device\Harddisk0\DR0\Partition1
20:40:33.0825 0x09f0 \Device\Harddisk0\DR0\Partition1 - ok
20:40:33.0856 0x09f0 [ 74D9421ADA4FD2181D471B391C4D34F6 ] \Device\Harddisk0\DR0\Partition2
20:40:33.0856 0x09f0 \Device\Harddisk0\DR0\Partition2 - ok
20:40:33.0856 0x09f0 Waiting for KSN requests completion. In queue: 52
20:40:34.0870 0x09f0 Waiting for KSN requests completion. In queue: 52
20:40:35.0978 0x09f0 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
20:40:35.0993 0x09f0 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
20:40:36.0056 0x09f0 Win FW state via NFP2: enabled
20:40:38.0511 0x09f0 ============================================================
20:40:38.0511 0x09f0 Scan finished
20:40:38.0511 0x09f0 ============================================================
20:40:38.0543 0x11a4 Detected object count: 1
20:40:38.0543 0x11a4 Actual detected object count: 1
20:41:01.0000 0x11a4 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:41:01.0000 0x11a4 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by Markus (administrator) on 25-10-2013 at 20:45:46
Windows 8 (X64)
Running From: C:\Users\Markus\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 31%
Total physical RAM: 4060.93 MB
Available physical RAM: 2789.78 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6134.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:284.99 GB) (Free:267.59 GB) NTFS
2 Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 13 GB 1024 KB
Partition 2 Primary 100 MB 13 GB
Partition 3 Primary 284 GB 13 GB
Partition 4 Primary 1360 KB 298 GB
======================================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 NTFS Partition 13 GB Healthy Hidden
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 NTFS Partition 100 MB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 284 GB Healthy Boot
======================================================================================================
Disk: 0
Partition 4
Type : 17 (Suspicious Type)
Hidden: Yes
Active: No
There is no volume associated with this partition.
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=1360 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4
****** End Of Log ******
Geändert von Markus100 (25.10.2013 um 19:55 Uhr) |
|
25.10.2013, 19:52
| #4 |
| | Bootsektorvirus BOO/TDss.o Hier die ergebnisse von FRST: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-10-2013
Ran by Markus (administrator) on Markus on 25-10-2013 20:48:43
Running from C:\Users\Markus\Downloads
Windows 8 Pro (X64) OS Language: English(US)
Internet Explorer Version 10
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4206.722_x64__8wekyb3d8bbwe\LiveComm.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) c:\program files (x86)\avira\antivir desktop\avgnt.exe
(Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exe
(Farbar) C:\Users\Markus\Desktop\ListParts64.exe
==================== Registry (Whitelisted) ==================
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-10-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2657C24EA9D1CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.8,en-US;q=0.5,en;q=0.3
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Markus\AppData\Roaming\Mozilla\Firefox\Profiles\gf7mczwi.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
==================== Services (Whitelisted) =================
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-10-10] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-10-10] (Avira Operations GmbH & Co. KG)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [15952 2012-07-26] (Microsoft Corporation)
==================== Drivers (Whitelisted) ====================
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [132600 2013-10-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-10-10] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [83160 2013-10-10] (Avira Operations GmbH & Co. KG)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [5139968 2012-06-02] (Broadcom Corporation)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2013-10-26 05:21 - 2013-10-25 19:35 - 00000000 ____D C:\Windows\Panther
2013-10-25 20:48 - 2013-10-25 20:48 - 01955944 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2013-10-25 20:48 - 2013-10-25 20:48 - 00000000 ____D C:\FRST
2013-10-25 20:45 - 2013-10-25 20:46 - 00003354 _____ C:\Users\Markus\Desktop\Result.txt
2013-10-25 20:44 - 2013-10-25 20:44 - 00868491 _____ (Farbar) C:\Users\Markus\Desktop\ListParts64.exe
2013-10-25 20:37 - 2013-10-25 20:37 - 04101145 _____ C:\Users\Markus\Downloads\tdsskiller.zip
2013-10-25 20:30 - 2013-10-25 20:30 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-25 20:29 - 2013-10-25 20:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-25 20:28 - 2013-10-25 20:29 - 00000000 ____D C:\ProgramData\Adobe
2013-10-25 20:22 - 2013-10-25 20:23 - 23280480 _____ C:\Users\Markus\Downloads\vlc-2.1.0-win64.exe
2013-10-25 20:19 - 2013-10-25 20:19 - 00000000 ____D C:\Users\Markus\AppData\Local\Macromedia
2013-10-25 20:18 - 2013-10-25 20:33 - 00000000 ____D C:\Users\Markus\AppData\Local\Adobe
2013-10-25 20:18 - 2013-10-25 20:18 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-25 20:18 - 2013-10-25 20:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 20:01 - 2013-10-25 20:01 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Users\Markus\AppData\Local\Google
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 19:57 - 2013-10-25 19:57 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-25 19:53 - 2013-10-25 19:53 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-25 19:52 - 2013-10-10 19:14 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-25 19:52 - 2013-10-10 19:14 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-25 19:46 - 2013-10-25 19:46 - 25474984 _____ C:\Users\Markus\Downloads\GoogleEarthWin_2019.exe
2013-10-25 19:45 - 2013-10-25 20:46 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-658232560-3260347316-3776188219-1001
2013-10-25 19:44 - 2013-10-25 19:46 - 123853152 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exe
2013-10-25 19:42 - 2013-10-25 19:42 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-25 19:41 - 2013-10-25 19:41 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Macromedia
2013-10-25 19:37 - 2013-10-25 19:37 - 00001430 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Adobe
2013-10-25 19:35 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Local\Packages
2013-10-25 19:35 - 2013-10-25 19:37 - 00000000 ____D C:\ProgramData\PRICache
2013-10-25 19:35 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\VirtualStore
2013-10-25 19:34 - 2013-10-25 20:12 - 13503756 _____ C:\Windows\WindowsUpdate.log
2013-10-25 19:34 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus
2013-10-25 19:34 - 2013-10-25 19:34 - 00000020 ___SH C:\Users\Markus\ntuser.ini
2013-10-25 19:34 - 2013-10-25 19:34 - 00000000 ____D C:\Windows\CSC
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2013-10-25 19:34 - 2012-07-26 08:47 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-25 19:32 - 2013-10-25 19:32 - 00001138 _____ C:\Windows\system32\netcfg--3234399.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3240467.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3230436.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3222652.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3218627.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001136 _____ C:\Windows\system32\netcfg--3500817.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001134 _____ C:\Windows\system32\netcfg--3518461.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000197 _____ C:\Windows\system32\netcfg--3499679.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000185 _____ C:\Windows\system32\netcfg--3507525.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000164 _____ C:\Windows\system32\netcfg--3515715.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000161 _____ C:\Windows\system32\netcfg--3508586.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3514171.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3511644.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3509444.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000159 _____ C:\Windows\system32\netcfg--3512658.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3520224.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3510879.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000150 _____ C:\Windows\system32\netcfg--3513391.txt
2013-10-25 19:22 - 2013-10-25 19:22 - 00000436 _____ C:\Windows\PFRO.log
2013-10-15 15:37 - 2013-10-25 20:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe
==================== One Month Modified Files and Folders =======
2013-10-26 05:21 - 2012-07-26 08:47 - 00262144 _____ C:\Windows\system32\config\BCD-Template
2013-10-25 20:48 - 2013-10-25 20:48 - 01955944 _____ (Farbar) C:\Users\Markus\Downloads\FRST64.exe
2013-10-25 20:48 - 2013-10-25 20:48 - 00000000 ____D C:\FRST
2013-10-25 20:46 - 2013-10-25 20:45 - 00003354 _____ C:\Users\Markus\Desktop\Result.txt
2013-10-25 20:46 - 2013-10-25 19:45 - 00003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-658232560-3260347316-3776188219-1001
2013-10-25 20:44 - 2013-10-25 20:44 - 00868491 _____ (Farbar) C:\Users\Markus\Desktop\ListParts64.exe
2013-10-25 20:37 - 2013-10-25 20:37 - 04101145 _____ C:\Users\Markus\Downloads\tdsskiller.zip
2013-10-25 20:37 - 2013-10-15 15:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Markus\Desktop\TDSSKiller.exe
2013-10-25 20:33 - 2013-10-25 20:18 - 00000000 ____D C:\Users\Markus\AppData\Local\Adobe
2013-10-25 20:30 - 2013-10-25 20:30 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-25 20:29 - 2013-10-25 20:29 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-25 20:29 - 2013-10-25 20:28 - 00000000 ____D C:\ProgramData\Adobe
2013-10-25 20:23 - 2013-10-25 20:22 - 23280480 _____ C:\Users\Markus\Downloads\vlc-2.1.0-win64.exe
2013-10-25 20:19 - 2013-10-25 20:19 - 00000000 ____D C:\Users\Markus\AppData\Local\Macromedia
2013-10-25 20:18 - 2013-10-25 20:18 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2013-10-25 20:18 - 2013-10-25 20:18 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2013-10-25 20:12 - 2013-10-25 19:34 - 13503756 _____ C:\Windows\WindowsUpdate.log
2013-10-25 20:02 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\sru
2013-10-25 20:01 - 2013-10-25 20:01 - 00002212 _____ C:\Users\Public\Desktop\Google Earth.lnk
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Users\Markus\AppData\Local\Google
2013-10-25 20:01 - 2013-10-25 20:01 - 00000000 ____D C:\Program Files (x86)\Google
2013-10-25 20:00 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\restore
2013-10-25 19:57 - 2013-10-25 19:57 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Avira
2013-10-25 19:53 - 2013-10-25 19:53 - 00002066 _____ C:\Users\Public\Desktop\Avira Control Center.lnk
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\ProgramData\Avira
2013-10-25 19:52 - 2013-10-25 19:52 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-25 19:46 - 2013-10-25 19:46 - 25474984 _____ C:\Users\Markus\Downloads\GoogleEarthWin_2019.exe
2013-10-25 19:46 - 2013-10-25 19:44 - 123853152 _____ C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exe
2013-10-25 19:42 - 2013-10-25 19:42 - 00001147 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Users\Markus\AppData\Local\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\ProgramData\Mozilla
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2013-10-25 19:42 - 2013-10-25 19:42 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-25 19:41 - 2013-10-25 19:41 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Macromedia
2013-10-25 19:39 - 2012-07-26 08:13 - 00803370 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-25 19:37 - 2013-10-25 19:37 - 00001430 _____ C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ___RD C:\Users\Markus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-25 19:37 - 2013-10-25 19:37 - 00000000 ____D C:\Users\Markus\AppData\Roaming\Adobe
2013-10-25 19:37 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\Packages
2013-10-25 19:37 - 2013-10-25 19:35 - 00000000 ____D C:\ProgramData\PRICache
2013-10-25 19:37 - 2013-10-25 19:34 - 00000000 ____D C:\Users\Markus
2013-10-25 19:35 - 2013-10-26 05:21 - 00000000 ____D C:\Windows\Panther
2013-10-25 19:35 - 2013-10-25 19:35 - 00000000 ____D C:\Users\Markus\AppData\Local\VirtualStore
2013-10-25 19:35 - 2012-07-26 08:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2013-10-25 19:35 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\WinStore
2013-10-25 19:34 - 2013-10-25 19:34 - 00000020 ___SH C:\Users\Markus\ntuser.ini
2013-10-25 19:34 - 2013-10-25 19:34 - 00000000 ____D C:\Windows\CSC
2013-10-25 19:32 - 2013-10-25 19:32 - 00001138 _____ C:\Windows\system32\netcfg--3234399.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3240467.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3230436.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3222652.txt
2013-10-25 19:32 - 2013-10-25 19:32 - 00000117 _____ C:\Windows\system32\netcfg--3218627.txt
2013-10-25 19:27 - 2012-07-26 08:47 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-25 19:27 - 2012-07-26 08:06 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-25 19:26 - 2012-07-26 08:02 - 00281248 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-25 19:25 - 2012-07-26 08:49 - 00001720 _____ C:\Windows\DtcInstall.log
2013-10-25 19:25 - 2012-07-26 08:05 - 00003803 _____ C:\Windows\mmciCo.log
2013-10-25 19:25 - 2012-07-26 05:33 - 00262144 ___SH C:\Windows\system32\config\BBI
2013-10-25 19:24 - 2012-07-26 08:05 - 00014275 _____ C:\Windows\setupact.log
2013-10-25 19:23 - 2013-10-25 19:23 - 00001136 _____ C:\Windows\system32\netcfg--3500817.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00001134 _____ C:\Windows\system32\netcfg--3518461.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000197 _____ C:\Windows\system32\netcfg--3499679.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000185 _____ C:\Windows\system32\netcfg--3507525.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000164 _____ C:\Windows\system32\netcfg--3515715.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000161 _____ C:\Windows\system32\netcfg--3508586.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3514171.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3511644.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000160 _____ C:\Windows\system32\netcfg--3509444.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000159 _____ C:\Windows\system32\netcfg--3512658.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3520224.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000157 _____ C:\Windows\system32\netcfg--3510879.txt
2013-10-25 19:23 - 2013-10-25 19:23 - 00000150 _____ C:\Windows\system32\netcfg--3513391.txt
2013-10-25 19:22 - 2013-10-25 19:22 - 00000436 _____ C:\Windows\PFRO.log
2013-10-10 19:14 - 2013-10-25 19:52 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-10 19:14 - 2013-10-25 19:52 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
Some content of TEMP:
====================
C:\Users\Markus\AppData\Local\Temp\avgnt.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe
[2012-07-26 01:35] - [2012-07-26 04:06] - 0581120 ____A (Microsoft Corporation) E69AD48020B6410E3E693314C75EC7EC
C:\Windows\System32\wininit.exe
[2012-07-26 01:39] - [2012-07-26 04:06] - 0133120 ____A (Microsoft Corporation) 5150B63AEBF4049F1D188FC715556DF5
C:\Windows\explorer.exe
[2012-07-26 01:10] - [2012-07-26 04:14] - 2529192 ____A (Microsoft Corporation) 4D00F8FEBE9F86E7A34038C40C41F8C1
C:\Windows\SysWOW64\explorer.exe
[2012-07-26 01:01] - [2012-07-26 03:51] - 2274544 ____A (Microsoft Corporation) 38D4A5276A69B3A24D937FF9A4C3EC0B
C:\Windows\System32\svchost.exe
[2012-07-26 01:37] - [2012-07-26 04:05] - 0032768 ____A (Microsoft Corporation) 842D6B4BC250A6E43061F660AE02AE45
C:\Windows\SysWOW64\svchost.exe
[2012-07-26 01:26] - [2012-07-26 03:39] - 0028160 ____A (Microsoft Corporation) FF15D4B1BAFC79F3D7EE1FF5CC8660CB
C:\Windows\System32\services.exe
[2012-07-26 05:33] - [2012-07-26 05:33] - 0356864 ____A (Microsoft Corporation) 0D9642ECA426AB06234E41161BCC9628
C:\Windows\System32\User32.dll
[2012-07-26 01:37] - [2012-07-26 04:04] - 1317376 ____A (Microsoft Corporation) AD2AD3172CB24C178511836182340F2B
C:\Windows\SysWOW64\User32.dll
[2012-07-26 01:26] - [2012-07-26 01:26] - 1221120 ____A (Microsoft Corporation) CBD429F6FA5C534EF942F62E1EDBB7F5
C:\Windows\System32\userinit.exe
[2012-07-26 01:41] - [2012-07-26 04:06] - 0027648 ____A (Microsoft Corporation) FA6BF75254E0C7897DF944C6DBB5736A
C:\Windows\SysWOW64\userinit.exe
[2012-07-26 01:29] - [2012-07-26 03:39] - 0024064 ____A (Microsoft Corporation) 0DA6CAE9E266EA56CFED1CE5D297DE3B
C:\Windows\System32\Drivers\volsnap.sys
[2012-07-26 03:32] - [2012-07-26 05:10] - 0311536 ____A (Microsoft Corporation) ED7880AB1743BEB09A8549B6E88E7FF5
LastRegBack: 2013-10-25 19:22
==================== End Of Log ============================
Additional: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-10-2013
Ran by Markus at 2013-10-25 20:49:58
Running from C:\Users\Markus\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Avira Free Antivirus (x32 Version: 14.0.0.411)
Google Earth (x32 Version: 7.1.2.2019)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 24.0 (x86 de) (x32 Version: 24.0)
Mozilla Maintenance Service (x32 Version: 24.0)
==================== Restore Points =========================
25-10-2013 18:00:19 Installed Google Earth.
==================== Hosts content: ==========================
2012-07-26 05:33 - 2012-07-26 05:33 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {13425470-DE1E-40A1-84C8-34441AF9A033} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-25] (Adobe Systems Incorporated)
Task: {5DD98C08-CF5A-4ED2-B471-1504DBBB6D78} - System32\Tasks\Microsoft\Windows\Servicing\StartComponentCleanup => C:\Windows\System32\dism.exe [2012-07-26] (Microsoft Corporation)
Task: {8ECE74E8-FAC6-43CD-94AE-6B365A882154} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-25 19:53 - 2013-10-10 19:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-25 19:42 - 2013-09-11 04:26 - 03279768 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/25/2013 08:35:25 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000d29c
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5
Error: (10/25/2013 08:35:23 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000d292
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5
Error: (10/25/2013 08:24:02 PM) (Source: Application Error) (User: )
Description: Faulting application name: install_reader11_de_mssd_aaa_aih.exe, version: 3.3.9.0, time stamp: 0x51c7f3cd
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x00f36e76
Faulting process id: 0x1174
Faulting application start time: 0xinstall_reader11_de_mssd_aaa_aih.exe0
Faulting application path: install_reader11_de_mssd_aaa_aih.exe1
Faulting module path: install_reader11_de_mssd_aaa_aih.exe2
Report Id: install_reader11_de_mssd_aaa_aih.exe3
Faulting package full name: install_reader11_de_mssd_aaa_aih.exe4
Faulting package-relative application ID: install_reader11_de_mssd_aaa_aih.exe5
Error: (10/25/2013 08:19:43 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec46
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5
Error: (10/25/2013 08:19:41 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec62
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5
Error: (10/25/2013 08:19:39 PM) (Source: Application Error) (User: )
Description: Faulting application name: FlashPlayerPlugin_11_9_900_117.exe, version: 11.9.900.117, time stamp: 0x5244d3b6
Faulting module name: MMDevApi.dll, version: 6.2.9200.16384, time stamp: 0x50107ff9
Exception code: 0xc0000420
Fault offset: 0x0000ec11
Faulting process id: 0x13ac
Faulting application start time: 0xFlashPlayerPlugin_11_9_900_117.exe0
Faulting application path: FlashPlayerPlugin_11_9_900_117.exe1
Faulting module path: FlashPlayerPlugin_11_9_900_117.exe2
Report Id: FlashPlayerPlugin_11_9_900_117.exe3
Faulting package full name: FlashPlayerPlugin_11_9_900_117.exe4
Faulting package-relative application ID: FlashPlayerPlugin_11_9_900_117.exe5
Error: (10/25/2013 08:18:06 PM) (Source: Application Error) (User: )
Description: Faulting application name: install_flashplayer11x32_mssd_aaa_aih.exe, version: 3.3.9.0, time stamp: 0x51c7f3cd
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x00f36e76
Faulting process id: 0xf8c
Faulting application start time: 0xinstall_flashplayer11x32_mssd_aaa_aih.exe0
Faulting application path: install_flashplayer11x32_mssd_aaa_aih.exe1
Faulting module path: install_flashplayer11x32_mssd_aaa_aih.exe2
Report Id: install_flashplayer11x32_mssd_aaa_aih.exe3
Faulting package full name: install_flashplayer11x32_mssd_aaa_aih.exe4
Faulting package-relative application ID: install_flashplayer11x32_mssd_aaa_aih.exe5
Error: (10/25/2013 07:54:26 PM) (Source: Application Error) (User: )
Description: Faulting application name: avgnt.exe, version: 14.0.0.383, time stamp: 0x52492d6c
Faulting module name: gdiplus.dll, version: 6.2.9200.16384, time stamp: 0x50107fd1
Exception code: 0xc0000420
Fault offset: 0x00084f72
Faulting process id: 0x13f4
Faulting application start time: 0xavgnt.exe0
Faulting application path: avgnt.exe1
Faulting module path: avgnt.exe2
Report Id: avgnt.exe3
Faulting package full name: avgnt.exe4
Faulting package-relative application ID: avgnt.exe5
Error: (10/25/2013 07:49:12 PM) (Source: Application Error) (User: )
Description: Faulting application name: avira_free_antivirus_de_14b411.exe, version: 0.0.0.0, time stamp: 0x00000000
Faulting module name: SHLWAPI.dll, version: 6.2.9200.16384, time stamp: 0x50107c95
Exception code: 0xc0000420
Fault offset: 0x0002085d
Faulting process id: 0xbac
Faulting application start time: 0xavira_free_antivirus_de_14b411.exe0
Faulting application path: avira_free_antivirus_de_14b411.exe1
Faulting module path: avira_free_antivirus_de_14b411.exe2
Report Id: avira_free_antivirus_de_14b411.exe3
Faulting package full name: avira_free_antivirus_de_14b411.exe4
Faulting package-relative application ID: avira_free_antivirus_de_14b411.exe5
Error: (10/25/2013 07:40:52 PM) (Source: Application Error) (User: )
Description: Faulting application name: IEXPLORE.EXE, version: 10.0.9200.16384, time stamp: 0x50107b11
Faulting module name: MSHTML.dll, version: 10.0.9200.16384, time stamp: 0x501081e1
Exception code: 0xc0000420
Fault offset: 0x01161cc4
Faulting process id: 0x6dc
Faulting application start time: 0xIEXPLORE.EXE0
Faulting application path: IEXPLORE.EXE1
Faulting module path: IEXPLORE.EXE2
Report Id: IEXPLORE.EXE3
Faulting package full name: IEXPLORE.EXE4
Faulting package-relative application ID: IEXPLORE.EXE5
System errors:
=============
Error: (10/25/2013 08:19:07 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
Error: (10/25/2013 08:19:07 PM) (Source: Schannel) (User: NT AUTHORITY)
Description: A fatal alert was generated and sent to the remote endpoint. This may result in termination of the connection. The TLS protocol defined fatal error code is 51. The Windows SChannel error state is 900.
Error: (10/25/2013 07:48:34 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (10/25/2013 07:48:34 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000000000. The name of the file is "<unable to determine file name>".
Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000000000. The name of the file is "<unable to determine file name>".
Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (10/25/2013 07:48:08 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000000000. The name of the file is "<unable to determine file name>".
Error: (10/25/2013 07:47:28 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The exact nature of the corruption is unknown. The file system structures need to be scanned online.
Error: (10/25/2013 07:47:28 PM) (Source: Ntfs) (User: NT AUTHORITY)
Description: A corruption was discovered in the file system structure on volume ??.
The Master File Table (MFT) contains a corrupted file record. The file reference number is 0x1000000000000. The name of the file is "<unable to determine file name>".
Microsoft Office Sessions:
=========================
Error: (10/25/2013 08:35:25 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000d29c13ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll36447a20-3da4-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:35:23 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000d29213ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll35351c9d-3da4-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:24:02 PM) (Source: Application Error)(User: )
Description: install_reader11_de_mssd_aaa_aih.exe3.3.9.051c7f3cdMSHTML.dll10.0.9200.16384501081e1c000042000f36e76117401ced1af5e3fcdb0C:\Users\Markus\AppData\Local\Temp\install_reader11_de_mssd_aaa_aih.exeC:\Windows\SYSTEM32\MSHTML.dll9eeb423d-3da2-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:19:43 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec4613ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll0496f7bc-3da2-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:19:41 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec6213ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll03748e63-3da2-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:19:39 PM) (Source: Application Error)(User: )
Description: FlashPlayerPlugin_11_9_900_117.exe11.9.900.1175244d3b6MMDevApi.dll6.2.9200.1638450107ff9c00004200000ec1113ac01ced1aebf8705a5C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_9_900_117.exeC:\Windows\System32\MMDevApi.dll02332e47-3da2-11e3-b368-60eb696d1c85
Error: (10/25/2013 08:18:06 PM) (Source: Application Error)(User: )
Description: install_flashplayer11x32_mssd_aaa_aih.exe3.3.9.051c7f3cdMSHTML.dll10.0.9200.16384501081e1c000042000f36e76f8c01ced1ae8a011a66C:\Users\Markus\AppData\Local\Temp\install_flashplayer11x32_mssd_aaa_aih.exeC:\Windows\SYSTEM32\MSHTML.dllcb0fadf7-3da1-11e3-b368-60eb696d1c85
Error: (10/25/2013 07:54:26 PM) (Source: Application Error)(User: )
Description: avgnt.exe14.0.0.38352492d6cgdiplus.dll6.2.9200.1638450107fd1c000042000084f7213f401ced1ab3978187cC:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exeC:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9200.16384_none_ba245425e0986353\gdiplus.dll7cc305f0-3d9e-11e3-b368-60eb696d1c85
Error: (10/25/2013 07:49:12 PM) (Source: Application Error)(User: )
Description: avira_free_antivirus_de_14b411.exe0.0.0.000000000SHLWAPI.dll6.2.9200.1638450107c95c00004200002085dbac01ced1aa82f0f9f7C:\Users\Markus\Downloads\avira_free_antivirus_de_14b411.exeC:\Windows\SYSTEM32\SHLWAPI.dllc135dd4c-3d9d-11e3-b368-60eb696d1c85
Error: (10/25/2013 07:40:52 PM) (Source: Application Error)(User: )
Description: IEXPLORE.EXE10.0.9200.1638450107b11MSHTML.dll10.0.9200.16384501081e1c000042001161cc46dc01ced1a9468a11bcC:\Program Files (x86)\Internet Explorer\IEXPLORE.EXEC:\Windows\SYSTEM32\MSHTML.dll979fad3f-3d9c-11e3-b368-60eb696d1c85
==================== Memory info ===========================
Percentage of memory in use: 33%
Total physical RAM: 4060.93 MB
Available physical RAM: 2699.61 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6051.09 MB
Total Virtual: 8192 MB
Available Virtual: 8191.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:284.99 GB) (Free:267.53 GB) NTFS
Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
25.10.2013, 20:14
| #5 |
| /// TB-Ausbilder | Bootsektorvirus BOO/TDss.o Hallo Markus, es ist genau wie angenommen. Schritt 1 Starte bitte TDSSkiller.exe. Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
Schritt 2 Drücke die  + R Taste und schreibe "notepad" in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument: Code:
ATTFilter Disk=0 Partition=4 delete
__________________ cheers, Leo |
|
25.10.2013, 20:57
| #6 |
| | Bootsektorvirus BOO/TDss.o Vielen Dank! Hier das log des TDSSkiller: Code:
ATTFilter 21:44:57.0195 0x0b58 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
21:45:02.0924 0x0b58 ============================================================
21:45:02.0924 0x0b58 Current date / time: 2013/10/25 21:45:02.0924
21:45:02.0924 0x0b58 SystemInfo:
21:45:02.0924 0x0b58
21:45:02.0924 0x0b58 OS Version: 6.2.9200 ServicePack: 0.0
21:45:02.0924 0x0b58 Product type: Workstation
21:45:02.0924 0x0b58 ComputerName: Markus
21:45:02.0924 0x0b58 UserName: Markus
21:45:02.0924 0x0b58 Windows directory: C:\Windows
21:45:02.0924 0x0b58 System windows directory: C:\Windows
21:45:02.0924 0x0b58 Running under WOW64
21:45:02.0924 0x0b58 Processor architecture: Intel x64
21:45:02.0924 0x0b58 Number of processors: 2
21:45:02.0924 0x0b58 Page size: 0x1000
21:45:02.0924 0x0b58 Boot type: Normal boot
21:45:02.0924 0x0b58 ============================================================
21:45:04.0628 0x0b58 System UUID: {58548BA2-E657-B406-5EE4-5F1A1E10BEA6}
21:45:05.0423 0x0b58 !crdlk
21:45:05.0454 0x0b58 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
21:45:05.0532 0x0b58 ============================================================
21:45:05.0532 0x0b58 \Device\Harddisk0\DR0:
21:45:05.0532 0x0b58 MBR partitions:
21:45:05.0532 0x0b58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A00800, BlocksNum 0x32000
21:45:05.0532 0x0b58 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A32800, BlocksNum 0x239FB800
21:45:05.0532 0x0b58 ============================================================
21:45:05.0595 0x0b58 C: <-> \Device\Harddisk0\DR0\Partition2
21:45:05.0595 0x0b58 ============================================================
21:45:05.0595 0x0b58 Initialize success
21:45:05.0595 0x0b58 ============================================================
21:45:53.0724 0x0474 ============================================================
21:45:53.0724 0x0474 Scan started
21:45:53.0724 0x0474 Mode: Manual; SigCheck; TDLFS;
21:45:53.0724 0x0474 ============================================================
21:45:53.0724 0x0474 KSN ping started
21:45:56.0205 0x0474 KSN ping finished: true
21:45:56.0864 0x0474 ================ Scan system memory ========================
21:45:56.0864 0x0474 System memory - ok
21:45:56.0864 0x0474 ================ Scan services =============================
21:45:57.0426 0x0474 [ 17495C8F96D57904C2E9630CF77F5B02, 426E1F92585D922EE40E63DD8FDF8213E3ABA3A2FD6FAF869ACE1AA01E281258 ] 1394ohci C:\Windows\System32\drivers\1394ohci.sys
21:45:57.0535 0x0474 1394ohci - ok
21:45:57.0613 0x0474 [ 20EE62BA8318B249EE4C5A208A645E7E, 3868B926461B15226068E23BBC61BE9FAFDE5C4D043EA62CDC11C027762731E2 ] 3ware C:\Windows\system32\drivers\3ware.sys
21:45:57.0644 0x0474 3ware - ok
21:45:57.0691 0x0474 [ 5165287A849B6DEB83D5B1E167FD31A3, D6CFDA90F28A89E5B55B22D6AAD42C99927FE345A01CDFC168CDEA1058998B63 ] ACPI C:\Windows\system32\drivers\ACPI.sys
21:45:57.0753 0x0474 ACPI - ok
21:45:57.0784 0x0474 [ 64F237B2C6EF0111BB870C8B64861CAD, 164304BC71165AF7D1D7E157A00DD63AD4CD2219BBB042CB30E4FF9A9C5C1F4F ] acpiex C:\Windows\system32\Drivers\acpiex.sys
21:45:57.0800 0x0474 acpiex - ok
21:45:57.0816 0x0474 [ A11500807F1877BD2ADBA1023E42F784, F059143C84EF34054BCF7DFD3155C366B2A2BF866DCF1953C0F1F16490159841 ] acpipagr C:\Windows\System32\drivers\acpipagr.sys
21:45:57.0831 0x0474 acpipagr - ok
21:45:57.0847 0x0474 [ 13C3D41BE36FE2027FB3FFCE2CD2CCF0, D524FB36FC33528F43ECBB0607D239037A8A01E506F3E4A5711A766C45C83C6C ] AcpiPmi C:\Windows\System32\drivers\acpipmi.sys
21:45:57.0878 0x0474 AcpiPmi - ok
21:45:57.0894 0x0474 [ 3EE3093708B2DCA60323B0AA14DF359F, BD11A04AC1025CC941EF15A0517283C9234657DDC1D3BBD1794EF7266B6AA85A ] acpitime C:\Windows\System32\drivers\acpitime.sys
21:45:57.0925 0x0474 acpitime - ok
21:45:58.0018 0x0474 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
21:45:58.0034 0x0474 AdobeARMservice - ok
21:45:58.0371 0x0474 [ A283108E14F3970432C21AF4C0CB1BCE, 1D3219EF916D54232838870EDE557296AACB714B456ED0AAE0DE3CE3822F4643 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:45:58.0434 0x0474 AdobeFlashPlayerUpdateSvc - ok
21:45:58.0512 0x0474 [ 764584A0AD1BD3FF198135AD2D7692B8, DFFF1AF774AFE5CFF55F5BF4F0BE6271ACB80D6685FBF77BE0A6288F8F99C2C4 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
21:45:58.0559 0x0474 adp94xx - ok
21:45:58.0605 0x0474 [ 5C82D0A150CB633A54751A3111C06398, 64EA04F87F0A1CC0A72296C0E6C13A8407F0E0635A4674B412CD7DE591826C75 ] adpahci C:\Windows\system32\drivers\adpahci.sys
21:45:58.0652 0x0474 adpahci - ok
21:45:58.0683 0x0474 [ DB4E3210CE6A79ECAAD1C09AE2922322, F8D96243DADB980620310BF272449900FF996F1D000F5D2FD5456CE7A7712F6C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
21:45:58.0715 0x0474 adpu320 - ok
21:45:58.0761 0x0474 [ 8889F910936A68EEB448177DA135656F, 8281DFBBEFC111C708B7716CED7523D7DBC00CDDAB0C5A5E633C1D9BDA7B7984 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
21:45:58.0793 0x0474 AeLookupSvc - ok
21:45:58.0871 0x0474 [ D3C1DE857B2CC4DCC9805AA460E95375, 5432BE91B8D0B24E756A3228946D4C036F343D631B8B137EE701206E872F27A1 ] AFD C:\Windows\system32\drivers\afd.sys
21:45:58.0933 0x0474 AFD - ok
21:45:58.0995 0x0474 [ EE103CB9714AF259CE02E05B802443AE, 36B1BF40266CA6BA51F620E156455EB8AB4C4BD204AD604CF02195CEE354B7BC ] agp440 C:\Windows\system32\drivers\agp440.sys
21:45:59.0027 0x0474 agp440 - ok
21:45:59.0042 0x0474 [ 22A49960013C51651E5C6C0D896819FE, B6A1ECE260719F88291BB245CE667A524C75AA3C8B22ACB52920E7B1FD8E5775 ] ALG C:\Windows\System32\alg.exe
21:45:59.0073 0x0474 ALG - ok
21:45:59.0120 0x0474 [ 0210340186C19D133BCE3F31914BE63D, 57DCAC6D13B1BA389DA96AC9BDA350672E103CFDA0030343FE5645A6ABE7B3CE ] AllUserInstallAgent C:\Windows\system32\AUInstallAgent.dll
21:45:59.0151 0x0474 AllUserInstallAgent - ok
21:45:59.0183 0x0474 [ 9AC4C8659A13D9CACBB9387A92DF4299, FFB8D82E59204AA7A4C071CC2D51862482B3A296D97E75D5CC72AAD1380C81FE ] AmdK8 C:\Windows\System32\drivers\amdk8.sys
21:45:59.0214 0x0474 AmdK8 - ok
21:45:59.0261 0x0474 [ 9E2B8A93C6BAC8AD6B62853FE134E666, 66360C2DD0D2B8CB35B9605A51B60E4F719DA98967308C1914A0A7C61B851EA3 ] AmdPPM C:\Windows\System32\drivers\amdppm.sys
21:45:59.0276 0x0474 AmdPPM - ok
21:45:59.0307 0x0474 [ 87C7DAC076B22EE0817AA6393573770D, 22A85C5D859615236C3552794968852AE98B78811829C24C8611A314018FC846 ] amdsata C:\Windows\system32\drivers\amdsata.sys
21:45:59.0323 0x0474 amdsata - ok
21:45:59.0354 0x0474 [ 6BDD088E9002743EB7721998876239F4, 9D741B9B9D2A9D01C75AB244346DAFAA2F9038BA762014DF561257C7AB3E40D3 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
21:45:59.0401 0x0474 amdsbs - ok
21:45:59.0417 0x0474 [ 2EFF0617F34D7B61DDF80980EEF01D24, CE78CE21D34A185F0F798E2C4F675A866ADE9F540331CD2DEA153AECC3EC048A ] amdxata C:\Windows\system32\drivers\amdxata.sys
21:45:59.0432 0x0474 amdxata - ok
21:45:59.0619 0x0474 [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:45:59.0666 0x0474 AntiVirSchedulerService - ok
21:45:59.0699 0x0474 [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:45:59.0730 0x0474 AntiVirService - ok
21:45:59.0808 0x0474 [ 59A16E5DEA0EDBEF76EA40C4E6FE597D, 4777D703E79B79673FBA9EDD44BC01D39B77E91E2336A604156DD6F5F495C257 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
21:45:59.0886 0x0474 AntiVirWebService - ok
21:45:59.0948 0x0474 [ 97BCBD4C0257A469D8E55A41C2DF29C7, 4D8980370729E731E302E7F272F7C472BEBA2115AB2DBEC5AFA790919535B724 ] AppID C:\Windows\system32\drivers\appid.sys
21:45:59.0995 0x0474 AppID - ok
21:46:00.0057 0x0474 [ 45E046FA37ADF4B738B9C8AEC97C81D9, FB35AEED64A82F277396AD159F36D1E025EAC76578B831B157237F5C394A3BB1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
21:46:00.0089 0x0474 AppIDSvc - ok
21:46:00.0104 0x0474 [ F8EC4211BED681F86848EC2D516BADEC, 654B81C62DFB596D08696FCF52CABCF0F670D0D45EE99189F1FBB7601A2F78CC ] Appinfo C:\Windows\System32\appinfo.dll
21:46:00.0135 0x0474 Appinfo - ok
21:46:00.0151 0x0474 [ 7A575C64548A630B6BF06D014D774750, 5C4F79AF927EC71F9F46FE6D6032E594344B54F822F0A30F4996C7F7B441FA9C ] AppMgmt C:\Windows\System32\appmgmts.dll
21:46:00.0182 0x0474 AppMgmt - ok
21:46:00.0213 0x0474 [ 3242E9F093CEC59A891AF84B664D728C, 51A21D425D4746B910101E80781F8811B14DE9EAD26F7CFBB1E4C67C750F78E4 ] arc C:\Windows\system32\drivers\arc.sys
21:46:00.0245 0x0474 arc - ok
21:46:00.0307 0x0474 [ 1DF0B7A719F4A29F51C22E58D4383629, BE68C5A47B465AE0E30857287E0BD17D18158F37DD408E857FA4641EE500A702 ] arcsas C:\Windows\system32\drivers\arcsas.sys
21:46:00.0323 0x0474 arcsas - ok
21:46:00.0354 0x0474 [ 9D20D357E10498AA3DA5DFAAC7E4A598, C1FC676CFF0CA998A3C14B67ABD034C1B64D71961DAC35D0E8FB75853B5C5196 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
21:46:00.0385 0x0474 AsyncMac - ok
21:46:00.0401 0x0474 [ 04E65143EE20BAD768389C61718F116A, 98C2549DB1BC8772E99CB9C895A0A71BB27C4529D33F26B9CB0322AC8718E511 ] atapi C:\Windows\system32\drivers\atapi.sys
21:46:00.0416 0x0474 atapi - ok
21:46:00.0447 0x0474 [ 70A96EB82AE095554D7A2928FD0FB099, 412F46B64A90B541CD6A9BAF2DB6FC4F05E1CA5FEA9632C25899C871AA2AC861 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
21:46:00.0479 0x0474 AudioEndpointBuilder - ok
21:46:00.0541 0x0474 [ A3499B83F027D7EF549190D6FCF283F1, F82AB55EDAC14BC9FF8E62DDE084FA0012D163072A7951E80AD4A8A4A2686710 ] Audiosrv C:\Windows\System32\Audiosrv.dll
21:46:00.0603 0x0474 Audiosrv - ok
21:46:00.0666 0x0474 [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
21:46:00.0697 0x0474 avgntflt - ok
21:46:00.0728 0x0474 [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
21:46:00.0744 0x0474 avipbb - ok
21:46:00.0759 0x0474 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
21:46:00.0775 0x0474 avkmgr - ok
21:46:00.0806 0x0474 [ D1D40E04F258917863F8F6AE3D49DC33, D620C721686F7A5161781119E94B5B21B757384A40B1115F68CD97475638FCED ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
21:46:00.0822 0x0474 avnetflt - ok
21:46:00.0853 0x0474 [ CF4E5D4F4CA70859A9B8C2FC2E231AD7, F6B2FEBA3808BDFCB9D084EB73F3B9FFA24D24D7F5273B6E31215ECBFA4B6B42 ] AxInstSV C:\Windows\System32\AxInstSV.dll
21:46:00.0869 0x0474 AxInstSV - ok
21:46:00.0931 0x0474 [ EABCCC87C98C4A87C792E8D7E0E2A4DA, 3B54971FBFB6AC90CEB2E9A9A8B08BBFD26FEB870A3D767192A310EB1292DC80 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
21:46:00.0978 0x0474 b06bdrv - ok
21:46:01.0009 0x0474 [ 70C6C26CD374699D6DBB6D681B8A972E, 808AD40C5E239D657024A208FCB63BF76309F5A3921D07B6353F2DE4B5DE5D18 ] BasicDisplay C:\Windows\System32\drivers\BasicDisplay.sys
21:46:01.0025 0x0474 BasicDisplay - ok
21:46:01.0040 0x0474 [ 9FC9F32E41B9BACBF721A6BE64B45A21, A7E58F27110B37A493383817B28B305CE1C9CEC61146ADE9A7EDDB9026DE41C3 ] BasicRender C:\Windows\System32\drivers\BasicRender.sys
21:46:01.0071 0x0474 BasicRender - ok
21:46:01.0352 0x0474 [ 2FE2E0EBCDF1EF22A34B44CED1E59893, CAAF05E0F2ADE9057323FCDE4452DEF1911120BCC0854B8F447F9ACCA036FB86 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl63a.sys
21:46:01.0680 0x0474 BCM43XX - ok
21:46:01.0851 0x0474 [ 1A61CBA65EAD2EEB3E54C4346BF19BBB, 4F1CF764E487623F7E650CC152EE3ABCA8C9B73C2BD16195DA8D386F3D6C8F57 ] BDESVC C:\Windows\System32\bdesvc.dll
21:46:01.0898 0x0474 BDESVC - ok
21:46:01.0914 0x0474 [ 9CA7506575641FA017C69649A6CA0EFF, D0DADD656B3EB40AC2E30C65ED7F65BF653EEA543F37FB251BE897E7A698379D ] Beep C:\Windows\system32\drivers\Beep.sys
21:46:01.0929 0x0474 Beep - ok
21:46:01.0992 0x0474 [ 0C85BC19619931FBDEFF48830F95D5AE, BC30F4F2709FAB7040D06CB3CB130001684D59D57B451E9350DC0A6E83C8DFCB ] BFE C:\Windows\System32\bfe.dll
21:46:02.0054 0x0474 BFE - ok
21:46:02.0163 0x0474 [ B94800B76A324834796BC68246DD3E31, 3D3BA07324605D5B01FB45D8F7A160130ACD7FAA5E181F163A78AD128B6DB987 ] BITS C:\Windows\System32\qmgr.dll
21:46:02.0257 0x0474 BITS - ok
21:46:02.0319 0x0474 [ 199FCFF2B289F66111B7770D8CAF341C, 03B5B0EA168BA336354EE032CD0EFA7C8A1CC4A87954B913B1BCBA022C5F20A2 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
21:46:02.0351 0x0474 bowser - ok
21:46:02.0382 0x0474 [ F79B65F8B44DA6735CF0FE6DD5D50BB2, 4867B9BE4ABCDCE237FBC05322E5E1CA5708FBC98D0037CA63FDC75ECAE7D6A8 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
21:46:02.0429 0x0474 BrokerInfrastructure - ok
21:46:02.0460 0x0474 [ 44C16C5F3CD2E85E341B4758E391A6B3, B8CE78813BE06D18B753970E19EF3078B3E659D14C424B2505592E1FB4F14FF3 ] Browser C:\Windows\System32\browser.dll
21:46:02.0507 0x0474 Browser - ok
21:46:02.0538 0x0474 [ F92BBA7BBF29C991CBEB9C79F8456BED, 717E4F75F83F7DECEE627BDE04583F6F9AECBEF49602B8783CA7D0CB973E6C31 ] BthAvrcpTg C:\Windows\System32\drivers\BthAvrcpTg.sys
21:46:02.0585 0x0474 BthAvrcpTg - ok
21:46:02.0600 0x0474 [ 8DA65E6D5C2BBEC9F1DF8E46995540BD, D73208F756F762D4DE9990B18A0227EC9420496E244073FB6DCD853FA5422C15 ] BthHFEnum C:\Windows\System32\drivers\bthhfenum.sys
21:46:02.0694 0x0474 BthHFEnum - ok
21:46:02.0709 0x0474 [ 0375B8756A92CA4F53C8058C6BD75082, 3480500D449165A779347D08482354377470E9B10FC2D16393D7420B55BB2CF4 ] bthhfhid C:\Windows\System32\drivers\BthHFHid.sys
21:46:02.0756 0x0474 bthhfhid - ok
21:46:02.0772 0x0474 [ 4373A04575405AAE159AFB2EA857D586, F6A72BD8BF6E0CBA6BE608B0E0338B346AB576715D985EDB0306E1F1669847BA ] BTHMODEM C:\Windows\System32\drivers\bthmodem.sys
21:46:02.0819 0x0474 BTHMODEM - ok
21:46:02.0850 0x0474 [ 097E028F506D68D198A86E8EA342A297, 19B58C6D7955320EEA96C392EA7034BFD813FC58F4815D1F41B72B0118A79CFF ] bthserv C:\Windows\system32\bthserv.dll
21:46:02.0881 0x0474 bthserv - ok
21:46:02.0897 0x0474 [ 9FDF55B0486D9A59C979645FBC3F132B, 696668AE62F2BD2CB3ABA226D517E80504CD982AB770DF865A6EE396D648B2CD ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
21:46:02.0928 0x0474 cdfs - ok
21:46:02.0943 0x0474 [ 40B7C9B1593614385B9C2F3B8D89CE8D, B3ED39281AE6FCFCD8B421B934BDA5B433FA4DC174A820AE2C3573F6610C56EA ] cdrom C:\Windows\System32\drivers\cdrom.sys
21:46:02.0975 0x0474 cdrom - ok
21:46:03.0006 0x0474 [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] CertPropSvc C:\Windows\System32\certprop.dll
21:46:03.0037 0x0474 CertPropSvc - ok
21:46:03.0068 0x0474 [ 60B681FF66540A7E9F00D2073030BF29, A92F041420FAD05F9CE1B29F33ECC6AC7C38934111FAC1B221E756F90EB8FE1A ] circlass C:\Windows\System32\drivers\circlass.sys
21:46:03.0115 0x0474 circlass - ok
21:46:03.0146 0x0474 [ 705B02F6B765BDEF2EF8BB37D5D371EC, E5CDA3854E38F1AA5C7CF51336F8C4F3961AB3B8EFC852FB4C46108BDDE44E1F ] CLFS C:\Windows\system32\drivers\CLFS.sys
21:46:03.0193 0x0474 CLFS - ok
21:46:03.0209 0x0474 [ D8993E1CEB237DB41A18F14D2D873B6F, 772D50D538214B2F0B2F5FAFD264C29BC05BDCCB1D51439E18FF7CCD18660091 ] CmBatt C:\Windows\System32\drivers\CmBatt.sys
21:46:03.0255 0x0474 CmBatt - ok
21:46:03.0302 0x0474 [ C0BF8F5D780CFE07A9690E5B6F5FCB32, 8D9154D0C7E7487B594E9E2262E998C98D278AAFB957028127EFC86EDFEB609C ] CNG C:\Windows\system32\Drivers\cng.sys
21:46:03.0365 0x0474 CNG - ok
21:46:03.0380 0x0474 [ C850B672E78BB45A4F980FFA2197EEFB, FC8ACE717D7872E5269071808CBD2D77CE129027604A1339E8958FC37AFB8A5F ] CompositeBus C:\Windows\System32\drivers\CompositeBus.sys
21:46:03.0427 0x0474 CompositeBus - ok
21:46:03.0443 0x0474 COMSysApp - ok
21:46:03.0458 0x0474 [ 587F4752B4892ECCB1FF14F478BE7396, 9598738EC0C8C4B3E94029EE0ED0875721450A25A0C37DDB014F32F37AEC286A ] condrv C:\Windows\system32\drivers\condrv.sys
21:46:03.0489 0x0474 condrv - ok
21:46:03.0536 0x0474 [ F25BBEFB14A75AA154417991BAD98967, 3447AA3F44028A836529F494483CDAEAB5BEEFA48240E8E07512409A6EF31264 ] CryptSvc C:\Windows\system32\cryptsvc.dll
21:46:03.0552 0x0474 CryptSvc - ok
21:46:03.0614 0x0474 [ 0F67E05737A49D43B0A50A6482F57B1A, 2A12C10121A01FB1337A88E12791BE4782AD42778AAC83986E9BACD11967208D ] CSC C:\Windows\system32\drivers\csc.sys
21:46:03.0692 0x0474 CSC - ok
21:46:03.0770 0x0474 [ 09DEA2ADC74E46CA5CC66AC26F13A7AF, 04F133B880848429F9B0896F84796680974EED07F2249A19EEDD97EBD63FBC17 ] CscService C:\Windows\System32\cscsvc.dll
21:46:03.0848 0x0474 CscService - ok
21:46:03.0879 0x0474 [ 7B08F79034E4EEF9E10BB77939D2C72F, 0FABEA070805052798788C45C563BAF139D7E348B02C00C99E214BA0075A6161 ] dam C:\Windows\system32\drivers\dam.sys
21:46:03.0911 0x0474 dam - ok
21:46:03.0973 0x0474 [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] DcomLaunch C:\Windows\system32\rpcss.dll
21:46:04.0051 0x0474 DcomLaunch - ok
21:46:04.0113 0x0474 [ FA7AC7454EBBA1AD402E32B399BC9CE5, C7C12728E80DADFAF3187B829FCE71D4098BB491EC4DEF6E5992BD73922419EC ] defragsvc C:\Windows\System32\defragsvc.dll
21:46:04.0160 0x0474 defragsvc - ok
21:46:04.0207 0x0474 [ 565B3ABEF0B54B0731BEFA4DEF9EE845, F379ADCB5B6DF257883B0908A4B780A706A8955E30D1745E91048BBA47109949 ] DeviceAssociationService C:\Windows\system32\das.dll
21:46:04.0254 0x0474 DeviceAssociationService - ok
21:46:04.0316 0x0474 [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] DeviceInstall C:\Windows\system32\umpnpmgr.dll
21:46:04.0347 0x0474 DeviceInstall - ok
21:46:04.0410 0x0474 [ 91E1FD9887DF6CAD9AAB3796AFB0D87C, 819014D6C15D354D25EF08C553C3D40E77E0A0DFEAFD3FE9DB3E99BF2593D874 ] Dfsc C:\Windows\system32\Drivers\dfsc.sys
21:46:04.0425 0x0474 Dfsc - ok
21:46:04.0472 0x0474 [ E628016CC8982BEE0D7190DEBC4A34F4, DDE032D514C2237836F645BFC963EE91A47DA2CB780B9115B6C2679EE5F3A41F ] Dhcp C:\Windows\system32\dhcpcore.dll
21:46:04.0535 0x0474 Dhcp - ok
21:46:04.0550 0x0474 [ 9B6F6E3153D1C05CFF3D2A6EBA8B371C, 3907B9D879973738B520F46C27E56257F4A8BF7CA72E91CEACD5B2F4F70D4F60 ] discache C:\Windows\system32\drivers\discache.sys
21:46:04.0581 0x0474 discache - ok
21:46:04.0613 0x0474 [ 387792EA19C374A785ADBC385EDE3D4E, 2987941D8C437C2B81C4870C0D725464E5FC6DF0190EF2B3404C180BE2A1BF16 ] disk C:\Windows\system32\drivers\disk.sys
21:46:04.0628 0x0474 disk - ok
21:46:04.0665 0x0474 [ 666B3B00C02B0D1D7D186EDBE0815092, A9DB43170472A13473AB9EF0E3FB6583485276C5EA0CD9372C2382B4AD3D503E ] dmvsc C:\Windows\System32\drivers\dmvsc.sys
21:46:04.0699 0x0474 dmvsc - ok
21:46:04.0730 0x0474 [ E627748CC6DF1A0E32CF62125701972F, 71191820754C2C64036B393175E5A2067CE42B981D6092CEF17B0E716A5A162B ] Dnscache C:\Windows\System32\dnsrslvr.dll
21:46:04.0761 0x0474 Dnscache - ok
21:46:04.0792 0x0474 [ A7C7A276FA35BC09723F754756616363, D777587A6919A944AAE2C5DF8EC8B39ECE53CD549D9848FE94A035B1F199E82C ] dot3svc C:\Windows\System32\dot3svc.dll
21:46:04.0839 0x0474 dot3svc - ok
21:46:04.0870 0x0474 [ 58BECDD07D2C142B5B885CFCE2417E37, B40985E4DEA06F96B1B00E951209FB50BAE35BDDE4D5CA5C0C1AC7C772C1B64E ] DPS C:\Windows\system32\dps.dll
21:46:04.0901 0x0474 DPS - ok
21:46:04.0933 0x0474 [ 66E92FA5752E142145E4713129B839A0, 267BEA7B69C8A92031762474534967588305658A747BEB0D1308C976417D5886 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
21:46:04.0979 0x0474 drmkaud - ok
21:46:05.0026 0x0474 [ 95B29527993D6CF37A793F3A021A27C3, 5502765548AC728E2FB043BA3AF8182675597F8EAE8F5AEC1F0978A0C3398685 ] DsmSvc C:\Windows\System32\DeviceSetupManager.dll
21:46:05.0057 0x0474 DsmSvc - ok
21:46:05.0151 0x0474 [ 87CB29AC7973AEFEF9A3C8F8A37E68A4, EF2F34976D0D62C48CDBC5DDB48C2AE6C982D5661DDD905017558CB0809D6BA4 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
21:46:05.0260 0x0474 DXGKrnl - ok
21:46:05.0401 0x0474 [ 2DA79F8979B3B4915C061B7940072411, 207065F040FCD49A50F8978D8DA9AE9E670AC2C8CC8B8B3760E3319CD29D261B ] Eaphost C:\Windows\System32\eapsvc.dll
21:46:05.0447 0x0474 Eaphost - ok
21:46:05.0635 0x0474 [ 06265D21ACA4359D6F950BB0B5D77A8A, 81B5DE840DC6FE6D86BC2FAAB065812C9C699AE40A543BE933DFF6361DB832F8 ] ebdrv C:\Windows\system32\drivers\evbda.sys
21:46:05.0915 0x0474 ebdrv - ok
21:46:05.0993 0x0474 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] EFS C:\Windows\System32\lsass.exe
21:46:06.0040 0x0474 EFS - ok
21:46:06.0087 0x0474 [ 3F654C1AD8AE56F5C8D2B10AE6367FB4, 930BF850BC10A3143EBEB133099044F1C2C3A0A11213C9B8B833EACD0CB185C4 ] EhStorClass C:\Windows\system32\drivers\EhStorClass.sys
21:46:06.0103 0x0474 EhStorClass - ok
21:46:06.0118 0x0474 [ 589EB959679725E43F36843E56100240, 612515D8DE32FA16763C9BA815141877212B84A06F396C04C9FB26CF44FB7C09 ] EhStorTcgDrv C:\Windows\system32\drivers\EhStorTcgDrv.sys
21:46:06.0149 0x0474 EhStorTcgDrv - ok
21:46:06.0181 0x0474 [ 194D8325063BB5EA1DD93F7C014E85B4, B64CCC4D786ADDC433595327E8F9B24236D96C8BA34760643380E965692CB8F3 ] ErrDev C:\Windows\System32\drivers\errdev.sys
21:46:06.0196 0x0474 ErrDev - ok
21:46:06.0274 0x0474 [ A6EC6E7D226DDF8A9B7179AA67E21BB9, 1B45B908E6BE479CDCD5831EAB4E4E853D81FF8EB668277A673E2C66BB6F1F29 ] EventSystem C:\Windows\system32\es.dll
21:46:06.0321 0x0474 EventSystem - ok
21:46:06.0352 0x0474 [ 09BE68D402EFABB9EA1C41391A1980C9, C55659AAEBC51A6025521C814A4CE46D9A9245FBE8A7E20CCE56A82B1B44CBC1 ] exfat C:\Windows\system32\drivers\exfat.sys
21:46:06.0399 0x0474 exfat - ok
21:46:06.0415 0x0474 [ F9EFFB914427E904FE9A34055C8343BE, 4028620B55F1E22AA02FF9309024AA8EA9C45CD8C11972F9500F19E34C53B62D ] fastfat C:\Windows\system32\drivers\fastfat.sys
21:46:06.0446 0x0474 fastfat - ok
21:46:06.0524 0x0474 [ 00CF8E60010A9941EB6CE04E65953589, C09D08BAB67DC358A09CEB00EA2E92569BF387B4DE6016B63DC5EF62E259E4D4 ] Fax C:\Windows\system32\fxssvc.exe
21:46:06.0633 0x0474 Fax - ok
21:46:06.0680 0x0474 [ E7887664718A3EBE0B2C5CB530DD66E8, 13622929175390F6E061B5429019B10D5C96304E698331BEEE194AB1F0E53F91 ] fdc C:\Windows\System32\drivers\fdc.sys
21:46:06.0711 0x0474 fdc - ok
21:46:06.0727 0x0474 [ 1F8564FA6576322F4F4CE3193D62AEC2, 302676FAF062269A2D255324D55C00A5AF730D1E64F9D0310208C78EDECA1DE6 ] fdPHost C:\Windows\system32\fdPHost.dll
21:46:06.0820 0x0474 fdPHost - ok
21:46:06.0851 0x0474 [ B4130625D12F80C116CE41E1854C8B2D, 9FA3F8C4FAD7A6F209C5B07F0E79AC6D351B03091E12693DF3F8E2DE968D857C ] FDResPub C:\Windows\system32\fdrespub.dll
21:46:06.0883 0x0474 FDResPub - ok
21:46:06.0976 0x0474 [ 2CFA5D87BC7062D82F188915B1C0906E, 6C3613350EE6E2AFB9318D4D2C32C850AB9B61FE573109277D67EC01D65859BC ] fhsvc C:\Windows\system32\fhsvc.dll
21:46:07.0023 0x0474 fhsvc - ok
21:46:07.0054 0x0474 [ 8C857A0D3923AC7781C9B46960A58C1E, AA976D74BF27E7B87FBA6586127204FCA2F7004258A6F1F7208618F8C2D395EE ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
21:46:07.0070 0x0474 FileInfo - ok
21:46:07.0085 0x0474 [ 7F209B1C0E011FD01EDC4B73D045B39A, 61FECACB1ECEB8D5866ADBAAB98A360F9E403372D10F6E79F82C686999B124AE ] Filetrace C:\Windows\system32\drivers\filetrace.sys
21:46:07.0132 0x0474 Filetrace - ok
21:46:07.0132 0x0474 [ BDC556E08AC280E4FDD493653DB636E5, 52E2DE40B80E046D84533AC5B6DD76047DE8CCE4C1A3477AD7112B2D63203491 ] flpydisk C:\Windows\System32\drivers\flpydisk.sys
21:46:07.0163 0x0474 flpydisk - ok
21:46:07.0195 0x0474 [ EE84ACFE47C3B47D3F6B2B037F09BDB9, B74964DE47E93432F5C489BD10674C6F6DA691B7F9B48EC9643968C06B03080A ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
21:46:07.0241 0x0474 FltMgr - ok
21:46:07.0342 0x0474 [ 9405DC324331FA918F0F6B4ECE22B16A, 73C537B95A7E8A5D0EE26C6409C86EBA9DBCD5DB03127B1770ACFFF8B8DD42E1 ] FontCache C:\Windows\system32\FntCache.dll
21:46:07.0466 0x0474 FontCache - ok
21:46:07.0513 0x0474 [ C44DF89B95173F08E392CB16697AB736, 7E8AB7BBFA29D5615D369BED615EE3C1C43A68BAA0936121F2430380DA5C371B ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
21:46:07.0544 0x0474 FsDepends - ok
21:46:07.0560 0x0474 [ AE804E1B405A79197F27FEAF73E1B1D9, 247235B2C70F1EF57EBD1D63D045E9AE8F2E41730066E1BB03C0BCDFB0EA72C5 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
21:46:07.0576 0x0474 Fs_Rec - ok
21:46:07.0622 0x0474 [ CFCA5826E2B8430848FF9D28A4B103F6, A3D1AFA3CE3FC03998A984F53A876BDC4440F10DF4DE74365F59699EDC6D91D8 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
21:46:07.0685 0x0474 fvevol - ok
21:46:07.0716 0x0474 [ E8FC085A40148801EA66745D1247C379, 37C74FABF1E5D78517F03FD5A6810ACCF484D03A79F6BC4B31BAAD888DB58478 ] FxPPM C:\Windows\System32\drivers\fxppm.sys
21:46:07.0747 0x0474 FxPPM - ok
21:46:07.0763 0x0474 [ F3A74355FE0F38D599DC30A31E6F47DD, 8B8E97714682C7C1034FBEB2DCEFB7AFDE4FE4990EEC4EFD0C90E15E95CD3856 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
21:46:07.0778 0x0474 gagp30kx - ok
21:46:07.0810 0x0474 [ E818CF36D8FCB46AF9726490B9285683, 3770E186752C87E7799C48033CB0457152AA3064E8CE9E9AEEDEAE7BE37DBBB1 ] gencounter C:\Windows\System32\drivers\vmgencounter.sys
21:46:07.0825 0x0474 gencounter - ok
21:46:07.0856 0x0474 [ 80756BE0B7DB1880CAB1D8169F500521, B136980DE9A0CF6D7114FD4D36730D1E5953190893103AE56152C1B977E679AB ] GPIOClx0101 C:\Windows\system32\Drivers\msgpioclx.sys
21:46:07.0888 0x0474 GPIOClx0101 - ok
21:46:07.0981 0x0474 [ BAE87B5D00CF637430E0DC64752BC890, 0E9C015F956C7FA8B47AA307BB0C5B8217A56C46B851ED6D1BE589F3902A9BD7 ] gpsvc C:\Windows\System32\gpsvc.dll
21:46:08.0075 0x0474 gpsvc - ok
21:46:08.0153 0x0474 [ D954548CA876D33FA87992EAC3A907E9, 7A182533F24C5B35D8B421D0FA07C151879D9B53FCC9FB9A71086F30979D3902 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:46:08.0231 0x0474 HdAudAddService - ok
21:46:08.0262 0x0474 [ 5EEBB5F5F86DF444B144D8FC0586164E, 433000F4CCD2468B371E62ACE5E4022E2EEFFF64ABA9C52B66807F22AA07278A ] HDAudBus C:\Windows\System32\drivers\HDAudBus.sys
21:46:08.0309 0x0474 HDAudBus - ok
21:46:08.0340 0x0474 [ 90229C967C2D75DA5A0825E1473875F6, DE3762BA83EC2210B5251C8C6E6B3B1E80C2B9AD9F75AB32F9CE4231561400C2 ] HidBatt C:\Windows\System32\drivers\HidBatt.sys
21:46:08.0371 0x0474 HidBatt - ok
21:46:08.0387 0x0474 [ B70CD61C1B2F282463A32E0C41481148, 8CBEA39C5B4CEF6746997B1E1E4C538888A28F9B5D4ED17A7F457748A1094716 ] HidBth C:\Windows\System32\drivers\hidbth.sys
21:46:08.0418 0x0474 HidBth - ok
21:46:08.0434 0x0474 [ 33609592291468A3C494B44DEE1FCF79, 79AC4E2A7DC07124FDBAC2B7CBF5BAA7C38790BF094AA4E2C51B8638DF46AF20 ] hidi2c C:\Windows\System32\drivers\hidi2c.sys
21:46:08.0480 0x0474 hidi2c - ok
21:46:08.0496 0x0474 [ D6850FA3EE1ECD7457F8E53726250CD1, 0FEF80F2C1BF0B8C89C0574C4183E8977D8C7631C49F7646BF08C1879D0B8500 ] HidIr C:\Windows\System32\drivers\hidir.sys
21:46:08.0543 0x0474 HidIr - ok
21:46:08.0574 0x0474 [ A52EF1D6B8F4B9ED040B909009349DCE, 27CA5D923F2C05E82F0522420F50A7884C6A4E7E6DF2B13E00D793A7823EB90E ] hidserv C:\Windows\system32\hidserv.dll
21:46:08.0605 0x0474 hidserv - ok
21:46:08.0621 0x0474 [ 8FADE4B0D0AAFFE4187E2D940A694D1F, B54441365E606925902A4A088DD8E52A3E1156143BF698C995C09FB3E376FA4D ] HidUsb C:\Windows\System32\drivers\hidusb.sys
21:46:08.0652 0x0474 HidUsb - ok
21:46:08.0683 0x0474 [ 9BD84DF296F61203EA4B90A4C38C966E, BC33075557A5961ADE2DD4C624C21997E46AF135B49517CE9AE90A5681BC2205 ] hkmsvc C:\Windows\system32\kmsvc.dll
21:46:08.0714 0x0474 hkmsvc - ok
21:46:08.0761 0x0474 [ 9A63274C72E567B06F0674ED51AF6430, B5ABAB89B7C35C97098B02DD6AA741836D4254DD5C3073B56E6E7F3D9C069F8E ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:46:08.0824 0x0474 HomeGroupListener - ok
21:46:08.0870 0x0474 [ C42B7A6216465AEDACE06E71DAB01E00, 02EA72B87D9D49624C8293082A6CEF34BDABADFAD9A2BC45F13F4A0FE62E88E9 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:46:08.0917 0x0474 HomeGroupProvider - ok
21:46:08.0964 0x0474 [ AE3BF8D78963AAAB2F8E5B1D4DB48DB6, F655723A914EFD8F276F3ACB0B0E6873BDC7C86720B54F7C0C436BC5EE09CA5D ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
21:46:08.0995 0x0474 HpSAMD - ok
21:46:09.0058 0x0474 [ 5FBC36B5A11DDED4BA7CA0F373E089F7, 97511B98CDECC7AA4CC6BB1E4236715CEE22FFEE07B765968915200AD465DAFE ] HTTP C:\Windows\system32\drivers\HTTP.sys
21:46:09.0182 0x0474 HTTP - ok
21:46:09.0214 0x0474 [ 8EBD3CDD8BEBA39CAF6F83D7EBAB950D, 5450E3D1674BF453AC74E3FD2E480C0B9A0981F3FC1188479BA5954874BBB773 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
21:46:09.0229 0x0474 hwpolicy - ok
21:46:09.0245 0x0474 [ B4D8CFAA814300E7604C634F5C5B25DB, EC60DE2E23569BAE162714A2560DD9D7903094D0176A38B3E7D2811094E6A2A4 ] hyperkbd C:\Windows\System32\drivers\hyperkbd.sys
21:46:09.0276 0x0474 hyperkbd - ok
21:46:09.0276 0x0474 [ CD657365669B52CCA07B20F07E53CA4B, CF20832504B266EBB477EB125A76EC1CE4425BC57A8113897442BA8F8752A35C ] HyperVideo C:\Windows\system32\DRIVERS\HyperVideo.sys
21:46:09.0307 0x0474 HyperVideo - ok
21:46:09.0323 0x0474 [ 7F2D02F109F427BB79B09026BFD4497C, 2F37E0C63AD3BFE2478DB7689C6349683C1B3452486E2374AAAAB83FFD8F444F ] i8042prt C:\Windows\System32\drivers\i8042prt.sys
21:46:09.0354 0x0474 i8042prt - ok
21:46:09.0416 0x0474 [ 6B031913FA9387744A70099E8CACB568, DADB1C38636F14AF7BD7F6B7FB104E7B8CD3D1F395A870AAD9FDB1DB75DFE646 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
21:46:09.0510 0x0474 iaStorV - ok
21:46:09.0541 0x0474 [ D789021B5ED044A82242895017F40E94, 13BAA853E5D04C0C417BB876B359DA8396B77130931DF2979A7CD4F65A754948 ] iirsp C:\Windows\system32\drivers\iirsp.sys
21:46:09.0557 0x0474 iirsp - ok
21:46:09.0619 0x0474 [ 634C6D286178700BDE9122C55175F654, A67B44C93AD26219C41C80FEAC8107FCA10AC02CAF7E626DA2A5D174562F9C4C ] IKEEXT C:\Windows\System32\ikeext.dll
21:46:09.0697 0x0474 IKEEXT - ok
21:46:09.0728 0x0474 [ BFE2E1129284CEB8A4C1771AE6A6595B, BDA34DF3A378B75E70E2FDD3A2D2BC67E3939CE56919D256A34B3B8358613841 ] intelide C:\Windows\system32\drivers\intelide.sys
21:46:09.0744 0x0474 intelide - ok
21:46:09.0760 0x0474 [ 40C0816BF04741CCD3D0DE04172FB2A9, CA062A1FF9963168EB782C37870F32620402461C4F423F894A1EE655921FCE9C ] intelppm C:\Windows\System32\drivers\intelppm.sys
21:46:09.0791 0x0474 intelppm - ok
21:46:09.0806 0x0474 [ F9C5A1592AC4F5432ED09C1D26041A57, E54B3F06479701E83C8ADF91ADD5B68238AB876DAFEFF738E292AACBAE12E101 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:46:09.0838 0x0474 IpFilterDriver - ok
21:46:09.0989 0x0474 [ D40C8D59F2BDB7CF6D4A0CE08042640E, 4D378CE22E2A3C089D4A333B6DC00B19465759438C4E0D5CDC5B2EB91DFAC49B ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
21:46:10.0067 0x0474 iphlpsvc - ok
21:46:10.0098 0x0474 [ 46F807A9C6EE8C4CA477BC037F37D154, 70E8B9FB0675212DE8C57599975DC0D28110206DCD37879B9523053845351919 ] IPMIDRV C:\Windows\System32\drivers\IPMIDrv.sys
21:46:10.0129 0x0474 IPMIDRV - ok
21:46:10.0168 0x0474 [ CECF7E60DEF1A500673BF299A8B99E25, EEB10A4B137DE48C160D1191A390E047BA36B12C4B22145F16A3273BD2ED3328 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
21:46:10.0193 0x0474 IPNAT - ok
21:46:10.0208 0x0474 [ B5F2900361C7747E6F831824759482A2, B6D1DDE654202563C2A24461F3D03733E80D1F9D4D224B3CAD8BE837D8EF11C6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
21:46:10.0240 0x0474 IRENUM - ok
21:46:10.0255 0x0474 [ 023C558E997F09BAB91B736A1714095F, 241D280F62248FC270BCE8EF8DDCE240813858A5A8AEE8A97855045657876388 ] isapnp C:\Windows\system32\drivers\isapnp.sys
21:46:10.0271 0x0474 isapnp - ok
21:46:10.0302 0x0474 [ 1CB65E4C55B135FDCFB41B53C03C0E86, 57FF4D6E6F1E05EDF2A1885937F88F20960E4BC7BA229D23FB8F68D07BE0A174 ] iScsiPrt C:\Windows\System32\drivers\msiscsi.sys
21:46:10.0349 0x0474 iScsiPrt - ok
21:46:10.0364 0x0474 [ 2C8AB975DEA711046AF8D7B6FEF790F2, A65AE55265A0E15D063AA311AC44D5768D7FA253901FCCBF328FD5AF4C95C74A ] kbdclass C:\Windows\System32\drivers\kbdclass.sys
21:46:10.0396 0x0474 kbdclass - ok
21:46:10.0411 0x0474 [ 8A0FBD022B316E7CDB8072E33C4A348A, CFC5E705874ACA4F75601B56A5EE34903F7360184D4F814451EF1C5F1A108B54 ] kbdhid C:\Windows\System32\drivers\kbdhid.sys
21:46:10.0427 0x0474 kbdhid - ok
21:46:10.0442 0x0474 [ 7108512F89511DB5B4AA4B4988C48984, 11BA6D744FD0FFF2EBA3DC90BFE82ED6EECB312D56CCFF70063F166F236DCF93 ] kdnic C:\Windows\system32\DRIVERS\kdnic.sys
21:46:10.0474 0x0474 kdnic - ok
21:46:10.0505 0x0474 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] KeyIso C:\Windows\system32\lsass.exe
21:46:10.0520 0x0474 KeyIso - ok
21:46:10.0552 0x0474 [ D154BEE5E0A8E8576DFB243632B08D4C, 004366D5DA831D9B08A943BC9B9EAE51D4A4F233FBDBDD7466C522A38D5299D1 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
21:46:10.0583 0x0474 KSecDD - ok
21:46:10.0614 0x0474 [ 77080A55782B0FB515969E28CA7A3E17, 983B9AC21809C34680F62BF0995FEE874A4977F0F94A1E6CA5968B7D8F3A301F ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
21:46:10.0630 0x0474 KSecPkg - ok
21:46:10.0661 0x0474 [ E2BDD62776D1EA24FF2CB9EE995BA05F, 8328142485F1F5104FE62CA9B51A4145CC788A1D31CD402A6E5BB76D63804518 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
21:46:10.0692 0x0474 ksthunk - ok
21:46:10.0739 0x0474 [ 959BB9C502B0EB11F10E60AC83E302DC, D2275C54271B77ADF3EE71E066C33B2272EF03BDC926FC828C3D5106F16B61B2 ] KtmRm C:\Windows\system32\msdtckrm.dll
21:46:10.0786 0x0474 KtmRm - ok
21:46:10.0832 0x0474 [ 8412D334F6B18F655BFF430E9DB1ABC6, 1F38AA06B3F0437393884479DC4B63109672C557FC118AF0D005BB188DEF2636 ] L1C C:\Windows\system32\DRIVERS\L1C63x64.sys
21:46:10.0848 0x0474 L1C - ok
21:46:10.0910 0x0474 [ B98C14ADDAB35C842A6E6C7569319BD8, D5EAC5B7537D876B10F3024AF56A775BD7DADC55134EF498F16C5BE998B0E7D5 ] LanmanServer C:\Windows\system32\srvsvc.dll
21:46:10.0957 0x0474 LanmanServer - ok
21:46:11.0004 0x0474 [ 1485CF3F698BA2B09BEDBAEF13EBD45F, D34C642E2E4C9E8CC3A63B630A7EB9E53F9D40D295D4F435B05C6E9C97CBC8A3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:46:11.0035 0x0474 LanmanWorkstation - ok
21:46:11.0051 0x0474 [ FAC973039530C50FECCAF7E72FFA3524, CDE0837E37D3ADE152FC7077C16758A0BEAD0B7CA3B89E81C1EAF2091996C063 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
21:46:11.0082 0x0474 lltdio - ok
21:46:11.0129 0x0474 [ EB320128404659367A50774094B72210, D331E970FCF4E37C31CE591BD59D0D2B27F85F42435DCFE8F5D85C4ED58C6971 ] lltdsvc C:\Windows\System32\lltdsvc.dll
21:46:11.0176 0x0474 lltdsvc - ok
21:46:11.0207 0x0474 [ 04FB978A11E7BBBAB90909B222675337, B5865689B9CAC15EB724C5E097527CDDB148D49A5DA9E4BC6D428D06A265BB13 ] lmhosts C:\Windows\System32\lmhsvc.dll
21:46:11.0238 0x0474 lmhosts - ok
21:46:11.0269 0x0474 [ 8FDBE4BA532047F678E39F6770941ED2, FD6FD8B718E44A2D023B1A4554FB56D6F56AD01CAD652CE9660CC4E8CDFC8327 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
21:46:11.0300 0x0474 LSI_SAS - ok
21:46:11.0332 0x0474 [ C06811E17E37F5EEC06D90535801424A, 77F11ED1BAD6FC1B53B1A9C1D4DE6D83E1D01040DB88C8F6691AB0C16D72DC55 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
21:46:11.0347 0x0474 LSI_SAS2 - ok
21:46:11.0378 0x0474 [ 6F2C426DF48334BB2F0B74C76985FE2A, F26C0C08302B95D4CA9D328B9717EBF1AB7E07DF0901107BB60365BE61F1372E ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
21:46:11.0410 0x0474 LSI_SCSI - ok
21:46:11.0425 0x0474 [ D01AE7845DE31EA30887FAEC6E8DCB65, 854C500B707E874BC6D7683E0A6135F3A702CCCC0FD1305A07A036615CA46E01 ] LSI_SSS C:\Windows\system32\drivers\lsi_sss.sys
21:46:11.0456 0x0474 LSI_SSS - ok
21:46:11.0503 0x0474 [ B7809CBCF86839FE5C2DADD412666787, EE16B035B9874E5C0D072413DC85F9DCC660168B0DCB475C5256CCB5436B7402 ] LSM C:\Windows\System32\lsm.dll
21:46:11.0566 0x0474 LSM - ok
21:46:11.0612 0x0474 [ 588AB727594A6778FB1FBEC4280C62C6, 5ADB8841D321C9FC9AFC3F39E31F2C5842627628BA1A56193A078CD6700139F7 ] luafv C:\Windows\system32\drivers\luafv.sys
21:46:11.0644 0x0474 luafv - ok
21:46:11.0675 0x0474 [ 7E052CF6115C9CD8FBDDE37569C0426C, 467F112AAC27CA1DA56A304C2A08A2745C2B5B008C7981049745301348A1CDBA ] megasas C:\Windows\system32\drivers\megasas.sys
21:46:11.0690 0x0474 megasas - ok
21:46:11.0737 0x0474 [ 6D808A6597FB161729E2EF050A9D76E4, 12159A0AF27120A037A073454DDD58A2628D8543A245EB8107E30A68ADE45496 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
21:46:11.0800 0x0474 MegaSR - ok
21:46:11.0846 0x0474 [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] MMCSS C:\Windows\system32\mmcss.dll
21:46:11.0878 0x0474 MMCSS - ok
21:46:11.0893 0x0474 [ 1D9717FA1195CB9F8A7B92F4BF2FDCDB, 868798DDE2D55D1E2F95436B13F671C4EA46419EEBBBBA9CEDA8B31838C1D242 ] Modem C:\Windows\system32\drivers\modem.sys
21:46:11.0924 0x0474 Modem - ok
21:46:11.0940 0x0474 [ 7E237CA07779A30EDFC7B2AD21172019, 8FBA4DFC0A9A67F81E119816D75023AAF0DAEF3863B33233B4AE7A0A240B5DE4 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
21:46:11.0987 0x0474 monitor - ok
21:46:11.0987 0x0474 [ 9F029A7247126ACE95BF3BFB2305DBB6, 54C5F36D6E1806ECAF50604950FBFDDF964167A3D132000523D43AFC926F4839 ] mouclass C:\Windows\System32\drivers\mouclass.sys
21:46:12.0018 0x0474 mouclass - ok
21:46:12.0034 0x0474 [ 7F557A4CDF0838B1251A35304B1FD4BD, 0DBB52F0A2360175D0521DA306D93722E391E468F6AEE503F725F7AEE2A893D1 ] mouhid C:\Windows\System32\drivers\mouhid.sys
21:46:12.0065 0x0474 mouhid - ok
21:46:12.0080 0x0474 [ BFBB08994C56B5FACDDE64858FA766CD, 982E31528770DE1D7BE556BA045C2124C84863685544E27B911CB174662CF35B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
21:46:12.0096 0x0474 mountmgr - ok
21:46:12.0236 0x0474 [ 0329A45C849C9D77901094B8FFE8BBB9, 2151C15A4185FABBC3367B8213017B45E08C43E26E1D8942E707E217C6A5EDA7 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:46:12.0283 0x0474 MozillaMaintenance - ok
21:46:12.0314 0x0474 [ B15DC7D5DBFDC0C7E49877EA51E7B6D3, 7AFD66E6447771344C0A20E4E4C708673D8651C8B88714B1A709A0F978CDDF25 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
21:46:12.0346 0x0474 mpsdrv - ok
21:46:12.0439 0x0474 [ 94B5D3B01A4A6E6BDD59ED001D650A6C, C602819159C11083444A7C9A4C2010546D2D519D498DA515EEC980145E33B134 ] MpsSvc C:\Windows\system32\mpssvc.dll
21:46:12.0548 0x0474 MpsSvc - ok
21:46:12.0673 0x0474 [ 0154E2CF4E6C13189150081D26BBADCF, 0BE62D6E8DC459CDA08767E1915A94EA2F8143161768670318CC88B398DD0261 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
21:46:12.0704 0x0474 MRxDAV - ok
21:46:12.0751 0x0474 [ BD43E075C75A0DA06E16BEAB997919E1, 85F7185CCD59E5851F6D5D593CDE6B95FC8CFF66790A12123D6CB0D98E4D063E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
21:46:12.0798 0x0474 mrxsmb - ok
21:46:12.0845 0x0474 [ E2E3BB261B69B41EB8FCB4BA9B08CDA5, F414C6AB4115917339F6609027F5B025D7B4798A9088DAF6C184F9AB60E2FFD2 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:46:12.0892 0x0474 mrxsmb10 - ok
21:46:12.0907 0x0474 [ 15C9E57A7D3347F985486F9A09E67538, 2E4B133C2D7DE02E5BD760512E3EDB2424A0A413517062D1A33FFE1853C2051A ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:46:12.0938 0x0474 mrxsmb20 - ok
21:46:12.0970 0x0474 [ 5D95E6DD5E8AE8F1D1BBF9B15AC1C29B, 4874B0FF974AD8C598891E2974BA1E75268EDF8C1D26F512BBF2FDED651343FE ] MsBridge C:\Windows\system32\DRIVERS\bridge.sys
21:46:13.0016 0x0474 MsBridge - ok
21:46:13.0048 0x0474 [ 0C13FCA740312536BF89AF4214E02803, EDCC63607789DC9F26C977D19D6546EF1F07D7031879DB4AEEA38466982FC269 ] MSDTC C:\Windows\System32\msdtc.exe
21:46:13.0079 0x0474 MSDTC - ok
21:46:13.0141 0x0474 [ 6196FF7C20AEA729A8E0A344D04CEE48, C96126E6F0FE67A8283E9EF4CDB8EB14EB8729B67E6784E00CBA0C332F7FD467 ] Msfs C:\Windows\system32\drivers\Msfs.sys
21:46:13.0172 0x0474 Msfs - ok
21:46:13.0204 0x0474 [ 3E60AB00CB326348AA75165F428B4453, BBEFE2A5E897F46B089C5B7CFF4C6B48533BB6EA49FF626D5DF5DB209936CEAB ] msgpiowin32 C:\Windows\System32\drivers\msgpiowin32.sys
21:46:13.0219 0x0474 msgpiowin32 - ok
21:46:13.0235 0x0474 [ A12249F2C8A15A34239625E8CA857CF2, E6DC4A1FA4D9D182196E3D7522EA8A199025AB78AD0C708B564B2AC6AD4AAEAB ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
21:46:13.0266 0x0474 mshidkmdf - ok
21:46:13.0282 0x0474 [ D516EE4A6B5DDED62673C4A49A808CF9, E8D99F76D4686F82204A16C311CFF142A9F396CB3F6FD35BADBDF2CE9EA9E849 ] mshidumdf C:\Windows\System32\drivers\mshidumdf.sys
21:46:13.0297 0x0474 mshidumdf - ok
21:46:13.0313 0x0474 [ C8FC57640D9AE3856AEFBB48F9C246E3, C6FE1C477CDBC8169B14564D960225C2F48333E2D01E4A5FF858529EC371C839 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
21:46:13.0344 0x0474 msisadrv - ok
21:46:13.0422 0x0474 [ 8A1589AD1F0D4BB5417BA4E0A143DFCC, 1748AE142C48A5524321E1F0BC248E570AAC39E1A433FCDB3C1FDC45865C20F7 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
21:46:13.0500 0x0474 MSiSCSI - ok
21:46:13.0516 0x0474 msiserver - ok
21:46:13.0578 0x0474 [ 81FD1141F6843053D045099EF1E9FFF4, 9E7091C38F81ED920D2E40E0687DC378CC8323367E4E490BA0E7E866FF275472 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
21:46:13.0609 0x0474 MSKSSRV - ok
21:46:13.0640 0x0474 [ 56D27E5B5D5FCF993058426B73701C26, 7711FFD113EE4A6304A40E2C69805A12B127791489FBD7EB88C4FB1E24A40C3C ] MsLldp C:\Windows\system32\DRIVERS\mslldp.sys
21:46:13.0656 0x0474 MsLldp - ok
21:46:13.0672 0x0474 [ 05E5204D25C6EB88D870D82E73DFA6A6, 153E3ABFD19DACE8F80F08925AFCC2F8ED9067EE308C837226129F092B2E38CA ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
21:46:13.0703 0x0474 MSPCLOCK - ok
21:46:13.0718 0x0474 [ 59789052F097F995C53C4F1A751961BA, 26BDF9D09F7FC2A35F8CA72ADDFE1774FC6A25CF92FDFDFECC5DBF3D43D43F93 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
21:46:13.0734 0x0474 MSPQM - ok
21:46:13.0812 0x0474 [ 573528C6A0753B72F86B765D5B607E0E, CD6343DF6F044ABC65058379E3E41040B3DFDEAA8A44E1B3C3487B1345AE71AB ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
21:46:13.0859 0x0474 MsRPC - ok
21:46:13.0906 0x0474 [ 417AFCB41E395182A911431B039DEBB9, 9482B98110D9DF3A83544DAF3D582B5AF37BBBF7AB491BEA2728F45F2976C283 ] mssmbios C:\Windows\System32\drivers\mssmbios.sys
21:46:13.0921 0x0474 mssmbios - ok
21:46:13.0952 0x0474 [ 0AAA0930A7FDFA71B5808E5DCC313C17, 7F6ECF8BC7545BC3642C2F04012AA41944A846BA754B52C9BC4E0CBC1E18B6E2 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
21:46:13.0984 0x0474 MSTEE - ok
21:46:13.0999 0x0474 [ C8C114A691B4B5EA4093064E2C942DCD, 7B78C0DB7CA08897B58246F77B87FBDDEEA0EECE203A5E4F3773D27FA2C6F6BF ] MTConfig C:\Windows\System32\drivers\MTConfig.sys
21:46:14.0030 0x0474 MTConfig - ok
21:46:14.0046 0x0474 [ 6F9A0DC60178D403AFF77370FC046B7E, 9310B420C02192AFC271D6DC42AE55AA20382D19610EB2171CE03AC0208CBE7F ] Mup C:\Windows\system32\Drivers\mup.sys
21:46:14.0077 0x0474 Mup - ok
21:46:14.0108 0x0474 [ 3094B508C7C40544A60D9EF5C62A9D5F, 934B859749844CC8EE7244393783EA35DB466E3C1A4816A42D8C9765171BE4DE ] mvumis C:\Windows\system32\drivers\mvumis.sys
21:46:14.0124 0x0474 mvumis - ok
21:46:14.0202 0x0474 [ 7FC8E15AAB7FF630EACCFB977195452D, CCF4846D62BA619DDEE3C3612139A14C8C6F9C4D11C2D82E653799BDFDA791BA ] napagent C:\Windows\system32\qagentRT.dll
21:46:14.0264 0x0474 napagent - ok
21:46:14.0374 0x0474 [ 153B849C9692E6BAE7666A6361B8B65C, 65D315A4E6C950C9C70AA6DE8E486D32871EDA267B2AAEDD628532132D187178 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
21:46:14.0420 0x0474 NativeWifiP - ok
21:46:14.0483 0x0474 [ E5001E5C5C766B095971F6EF07C93DE3, 38AB58AE4391317BC1661A17809146AB481B2BFA8A2772A116EE10834332E924 ] NcaSvc C:\Windows\System32\ncasvc.dll
21:46:14.0514 0x0474 NcaSvc - ok
21:46:14.0545 0x0474 [ 392B0E0CB50218037CEDE5588FFAD1AB, E7CBAEB55AF64D2F087BAE7FC0BEE3CCECB12B6FA120586E10B75EF33100898E ] NcdAutoSetup C:\Windows\System32\NcdAutoSetup.dll
21:46:14.0576 0x0474 NcdAutoSetup - ok
21:46:14.0639 0x0474 [ BB639DE49430EE053F6FCD61B57041C2, 79369DE6068D19AE575C4DA1B1ACDA5A2EE5DE8AD7CF08B6572E2DFCC8BA4AE6 ] NDIS C:\Windows\system32\drivers\ndis.sys
21:46:14.0717 0x0474 NDIS - ok
21:46:14.0795 0x0474 [ D461CFB366F933840C8B37C4E39A9B4D, 95EAA8F222BBF8146CE836B7BE04DB95289A2A4A323FE123824C24BA9F79F334 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
21:46:14.0826 0x0474 NdisCap - ok
21:46:14.0842 0x0474 [ EE813CA43B87655DFF7C2D5406CC0379, B6A5DE024AF7F1097E22B51046E86CE84529F4DD5D4DD4891427A00A36DBC864 ] NdisImPlatform C:\Windows\system32\DRIVERS\NdisImPlatform.sys
21:46:14.0873 0x0474 NdisImPlatform - ok
21:46:14.0888 0x0474 [ 097107F94AFFCF749A051B6443C130A7, 07C43E2C15E087F707634D8564C6562390DD6AD53E4FCCAAF452E32A377E9686 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
21:46:14.0920 0x0474 NdisTapi - ok
21:46:14.0951 0x0474 [ 048DCECEB6EF091D92947CF96ADB1CAF, 1FE96D6E8662526578BA328CE231FC4F589DCF47A716508715F4F2462BB06546 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
21:46:14.0982 0x0474 Ndisuio - ok
21:46:14.0998 0x0474 [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:15.0044 0x0474 NdisWan - ok
21:46:15.0060 0x0474 [ 4091690968CA4C5CFF5EB34AF0D76E81, F0B114B6381AFF1B59A23C92D816A492EA8882A18BA82D663DDFA223A091EEB6 ] NDISWANLEGACY C:\Windows\system32\DRIVERS\ndiswan.sys
21:46:15.0091 0x0474 NDISWANLEGACY - ok
21:46:15.0107 0x0474 [ 670C782064DE46493E468C1606A9ABE7, 09791767D210C422C75617B488BADFC20E27AED6F2EB52A9A173ADA3CE7FD800 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
21:46:15.0138 0x0474 NDProxy - ok
21:46:15.0154 0x0474 [ CC8B7A1AFEBE219F5BB2A2A172B385FF, 8B5DFBCA1DC89CEFF0EC01C6C0D7DB0FAD44AC61D9FADE569C59CDC9DD4AE857 ] Ndu C:\Windows\system32\drivers\Ndu.sys
21:46:15.0185 0x0474 Ndu - ok
21:46:15.0200 0x0474 [ 35FFEC755452F8DFE59538815FA95136, D455BBA416315F1ACAEA4CE6CEA207E2650A6069E5AA4DD71C782BCBEC86A5EF ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
21:46:15.0232 0x0474 NetBIOS - ok
21:46:15.0269 0x0474 [ 70CA93D2D94F5EDD2B634F5A39E5713C, BDDA39C4A99D2BA7490AB538B569A0DA949E18D55E63A65739C636F1ADE4C6F1 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
21:46:15.0332 0x0474 NetBT - ok
21:46:15.0363 0x0474 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] Netlogon C:\Windows\system32\lsass.exe
21:46:15.0394 0x0474 Netlogon - ok
21:46:15.0441 0x0474 [ 43EA14A7DC7AF57E5C12F1974C43E467, 36B2E0C1667CBDD92423649F92271DF05A271C6C5CB0E3FB74D5905D1DA2912A ] Netman C:\Windows\System32\netman.dll
21:46:15.0488 0x0474 Netman - ok
21:46:15.0519 0x0474 [ 60AD109DD43E1F86A9BFCF2B6E8B885F, B4597EC4CF20ABAF571C15E2E1D828C35715283F7CD7C4FE036C401D59CA365B ] netprofm C:\Windows\System32\netprofmsvc.dll
21:46:15.0581 0x0474 netprofm - ok
21:46:15.0737 0x0474 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:46:15.0768 0x0474 NetTcpPortSharing - ok
21:46:15.0800 0x0474 [ 021B9AB328E5757520A88AA3D8379C3A, 1E1195FA28BF8E1CE2AF8EED2395600A51B45179FE7C82274627AD8553FD7016 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
21:46:15.0815 0x0474 nfrd960 - ok
21:46:15.0893 0x0474 [ 95C3BEB611D0F63AD26C31F0D23123DF, D30F13D571A60D8E4F27812CB48957EF77FEA703EE1C611DBC691D5674F82314 ] NlaSvc C:\Windows\System32\nlasvc.dll
21:46:15.0940 0x0474 NlaSvc - ok
21:46:15.0956 0x0474 [ 41ED6F90DF31F85F9682EA715402D085, 55AFBF779DCAD0F1B54DA2320CEDBFEA90125F729AF07F469DEA4603D1964FBD ] Npfs C:\Windows\system32\drivers\Npfs.sys
21:46:15.0987 0x0474 Npfs - ok
21:46:16.0002 0x0474 [ 41BF79B2371A3821F41A4C060E067961, 0A7AA24CD65AA5D0689D3B800FE639FD1B050A3742835ED8379EBFCCA67383E0 ] npsvctrig C:\Windows\System32\drivers\npsvctrig.sys
21:46:16.0034 0x0474 npsvctrig - ok
21:46:16.0065 0x0474 [ FE4741AC4331724ACE78EA1D95B86705, 28DF7AD69BA78D53EA6A6E33FE11C91BF503EF87EF2BC71AD136AB9C21B00079 ] nsi C:\Windows\system32\nsisvc.dll
21:46:16.0096 0x0474 nsi - ok
21:46:16.0112 0x0474 [ 71343C73520814808B8F11A77DBAB939, 8B153F5D90F90557B385B3CF973AC95ED80A3C1906C1957175FECC3B67619923 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
21:46:16.0143 0x0474 nsiproxy - ok
21:46:16.0252 0x0474 [ C0B3937287DB54B104F209A0B8322E04, F8E8387574EA4C6BDFAEFB4F73CF035E3F670ADA37E5A8FC110C837388E458B9 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
21:46:16.0393 0x0474 Ntfs - ok
21:46:16.0455 0x0474 [ 29B1334BD9E24648F54C373DC99E7D70, 1CC13AE6250DBD4F9647C473071C02B05C38910F534BE6EFD887F2A803BBD9F7 ] Null C:\Windows\system32\drivers\Null.sys
21:46:16.0486 0x0474 Null - ok
21:46:17.0158 0x0474 [ F648FE6BCE0AAD9E5EA63C8BE9AD90E3, F4885B42FCE7D838B7640EB9CF81135F9D637E7CD7A016894AD2F24450FA91BD ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
21:46:17.0953 0x0474 nvlddmkm - ok
21:46:18.0156 0x0474 [ 0D63F22609BAB3886F0230B941391805, D1A85903B574D182AB623A8AE017D54A03F971FACF40FFF6648B9E07C822B1CA ] nvraid C:\Windows\system32\drivers\nvraid.sys
21:46:18.0172 0x0474 nvraid - ok
21:46:18.0203 0x0474 [ F55FAE2A40129EFD3D0A1BE46AF8989E, 3157F349ACA0E1F2AB6AF4D7643973C2B2C9562E78CE8809D02CB632A1F66DDD ] nvstor C:\Windows\system32\drivers\nvstor.sys
21:46:18.0234 0x0474 nvstor - ok
21:46:18.0250 0x0474 [ 268326902900187FFF45C30111FB6597, 11D447F9E9DE1D8FA5EB97F8D43B47DED526A168DE39C5DA779CBC072D0BA4FF ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
21:46:18.0281 0x0474 nv_agp - ok
21:46:18.0336 0x0474 [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
21:46:18.0383 0x0474 p2pimsvc - ok
21:46:18.0446 0x0474 [ C6B277E5590ED43C097D9B34A70EBC96, 104532EAD79B103AE3D000EA04E32EBC165E493A0C814E98BA98D9F6AB2621A3 ] p2psvc C:\Windows\system32\p2psvc.dll
21:46:18.0492 0x0474 p2psvc - ok
21:46:18.0524 0x0474 [ 7952733956DEDC283BB670CC8507B82F, 9D416D506C25C4B80EF86665246C032A169E71406E2888C7A41A1BE4D4B7CF76 ] Parport C:\Windows\System32\drivers\parport.sys
21:46:18.0555 0x0474 Parport - ok
21:46:18.0586 0x0474 [ 7B07B33ACAA1EFF76B234CF5AD290B60, F259EBDEC14ED953D500A891248532A75526BB97A5C1CB4CDAFD87F9C2E778BB ] partmgr C:\Windows\system32\drivers\partmgr.sys
21:46:18.0602 0x0474 partmgr - ok
21:46:18.0648 0x0474 [ 4120E1D48D03CEE451C57E3F7E4BF98E, D15CDF0E6E55A9EDBB005165F0047A6CB054FA498F5E06CC85B98ABA7123CA1E ] PcaSvc C:\Windows\System32\pcasvc.dll
21:46:18.0695 0x0474 PcaSvc - ok
21:46:18.0758 0x0474 [ 448054F3715D27C57A5F9D0AEEB75B4F, 84268A713B2C3585F90D74F21BCB5E7BAF4693DF122E0CC0A81885BBD47E2E6C ] pci C:\Windows\system32\drivers\pci.sys
21:46:18.0789 0x0474 pci - ok
21:46:18.0836 0x0474 [ 33575A8402F4F99853E6C82E36D896BB, 24AFF39052FCBDE35DD16E7737BE35769A134570971E6FDA4E89392F3C14E768 ] pciide C:\Windows\system32\drivers\pciide.sys
21:46:18.0867 0x0474 pciide - ok
21:46:18.0898 0x0474 [ BB66139986C93CEBAC93B93753F554A1, 3DEB701A962497C133C560DA3CA73AD6535E1ACA67CC8255F43CAB496A769940 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
21:46:18.0929 0x0474 pcmcia - ok
21:46:18.0960 0x0474 [ C4DD119D342C2257B18235AB845780F9, E0A5C0712F68F846ECC2FACDFEB34DA4A18AE2428F7AC97E056246FFE3623E34 ] pcw C:\Windows\system32\drivers\pcw.sys
21:46:18.0976 0x0474 pcw - ok
21:46:18.0992 0x0474 [ 7460CEEC923A65870400ED44C9B64B35, 164D3430C1B836D01D2B51574FE593FA0801C80E68CB82507EF852697D2A50BC ] pdc C:\Windows\system32\drivers\pdc.sys
21:46:19.0007 0x0474 pdc - ok
21:46:19.0070 0x0474 [ AC865A94D9E72EBE57D1857FEF153B7E, 726A4F0C482837EF4B9A2C43971798B43EBC4C2CD27605962B28BCE9C9DBD659 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
21:46:19.0148 0x0474 PEAUTH - ok
21:46:19.0304 0x0474 [ 9FFDA8D2F8B53F1CB3B2F5767CE93D36, 1BE581A49B92107FD57E1B151E03BBA26C02BC51AF60430EE2D32BB636802FF1 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
21:46:19.0538 0x0474 PeerDistSvc - ok
21:46:19.0838 0x0474 [ D05073358971569CE89D3207826C3AF6, A78060F5157C3ECC7D70FBC225F891A31BE300D74FF850436FF29F2EA71C451C ] PerfHost C:\Windows\SysWow64\perfhost.exe
21:46:19.0947 0x0474 PerfHost - ok
21:46:20.0056 0x0474 [ 7D901118FFE2798DB7EBD2C3D58464F5, F72C3E444F9E302224B6419ED456CE70E72A8178E82310F16062EE28A58D3E34 ] pla C:\Windows\system32\pla.dll
21:46:20.0181 0x0474 pla - ok
21:46:20.0306 0x0474 [ 93FC3A6E569C99F0147C15E0434858FE, 9799D43F97647DE140B6868DFCC7CA55BC2CA50F7D14B4CE852F194960A5A27B ] PlugPlay C:\Windows\system32\umpnpmgr.dll
21:46:20.0368 0x0474 PlugPlay - ok
21:46:20.0384 0x0474 [ 792ED24914C5950602631EE5A2CF27DE, 6BC03D5A05C17E6E7264929DFF918DB3F2C67E596FDBC5D4C881A4A514007C54 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
21:46:20.0415 0x0474 PNRPAutoReg - ok
21:46:20.0462 0x0474 [ 7F16AB362FCCF8E0DF21B0E21E2E6264, A32441800FFC532C8A138AF6F4DED4AA6B0ED8D8E067A5E3C76D5694470EBF71 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
21:46:20.0509 0x0474 PNRPsvc - ok
21:46:20.0587 0x0474 [ 210022F2576232F658F4E51B94E0C007, 4B7A03EE44347520AC4493B652EE7831D1818822B3EB08C19F591B507C01EEF9 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
21:46:20.0665 0x0474 PolicyAgent - ok
21:46:20.0727 0x0474 [ EE13ADD1EC56499137DA684A62F862DB, B84551B1100D6243B1B6472C25572594F0CCA81B8B3D7A2AE74A5548C196C0BF ] Power C:\Windows\system32\umpo.dll
21:46:20.0758 0x0474 Power - ok
21:46:20.0810 0x0474 [ 2EFA11495641A7699DB0994C59F83F49, 147874AD73ABD547BC33BF09307B6E46A5D34EE846A9F2C623A3EA0EFAC11769 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
21:46:20.0841 0x0474 PptpMiniport - ok
21:46:21.0045 0x0474 [ 3453D93F6E1615A95A1E07B21E93C975, B2E9B05C6135D39E83C252EDE419699202FC2940EBB3C4E2D724DAED8C1717EC ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
21:46:21.0232 0x0474 PrintNotify - ok
21:46:21.0295 0x0474 [ 4A80590E3BBA28BD74DC44AD6CFC048C, 0B0B879C3A017779E0A14FFA149C8A66A9DA43369C97FA863A88C30D39BFECF7 ] Processor C:\Windows\System32\drivers\processr.sys
21:46:21.0326 0x0474 Processor - ok
21:46:21.0373 0x0474 [ 07CBE151F9071CFCB13758E13C15DD3F, B6E4D51938859EC86DA53D88FF9FEDD46F3F253C151F4229104BF4D945B8AD89 ] ProfSvc C:\Windows\system32\profsvc.dll
21:46:21.0404 0x0474 ProfSvc - ok
21:46:21.0435 0x0474 [ DE85A3DDF540AB318789B55537D14975, BB7C87C750E3370CE85F26FF69FD6C23034A034F5D93A3648019C65E28F82759 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
21:46:21.0466 0x0474 Psched - ok
21:46:21.0513 0x0474 [ D1BC31AFF3071E8E2088011846A0B7C3, 7AD87D0CA8F7952652A24876695C09C1587B7AB4A880310DF375BE20640D2FDA ] QWAVE C:\Windows\system32\qwave.dll
21:46:21.0560 0x0474 QWAVE - ok
21:46:21.0591 0x0474 [ A65A4F0072C2CD763D5B053DFF164597, 1E3D7B3E8AA117E0D106D68726F5E56A2E906995E235087CB8EBA1FB614DDF75 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
21:46:21.0622 0x0474 QWAVEdrv - ok
21:46:21.0638 0x0474 [ A4E18A22432A27142EF3F6CC388F77E6, B02771E0075BD1778F3D1D3FE91189E436CCBD9EF3EB081D8CA3D899EDFA1CA3 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
21:46:21.0654 0x0474 RasAcd - ok
21:46:21.0700 0x0474 [ 929B76FA637DCC5214ABB2B80345AE5B, C6D469161BE64541236E228494094275B03033ACFC786D8BA71C716EB0592664 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
21:46:21.0732 0x0474 RasAgileVpn - ok
21:46:21.0747 0x0474 [ 51FF61A349DC465B1671885039D1BDD6, E9E7F7924CDDBB826955C4028209192EF31E7128C3D1FE980BFE16BF54D587EA ] RasAuto C:\Windows\System32\rasauto.dll
21:46:21.0778 0x0474 RasAuto - ok
21:46:21.0825 0x0474 [ 5C1A0389769C8C15BB7DA0A0F3C7FF6F, F7CC42E9A56DE3C99EFA4F2A253B6CE8C59F03588CF081D4B8AF1372847E4551 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
21:46:21.0856 0x0474 Rasl2tp - ok
21:46:21.0903 0x0474 [ 2D6D75A0CEF355094F0291E4779B8EEA, CD43F75368C06EFB404E8CE8F9424CBAA54B126A1E31E2A6C348BE3AF070F301 ] RasMan C:\Windows\System32\rasmans.dll
21:46:21.0950 0x0474 RasMan - ok
21:46:21.0981 0x0474 [ C0FCBE1C9EC14B076C43721AD87B0217, 3D6962B411BD8FB89D001B88692E656A0A78C59AD101B8337B79A5622E0420BE ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
21:46:22.0012 0x0474 RasPppoe - ok
21:46:22.0028 0x0474 [ 29B17662D3130B0040B4666CBB5B15BF, 853425B37065172137AD13A7A8A61B962336D5BB2C853452417BA55332FB57E8 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
21:46:22.0059 0x0474 RasSstp - ok
21:46:22.0090 0x0474 [ 84A2C0A8429AC708C567483F2253C47B, B6B1618E4DDE04027EADFF9CD55FC02C7A82E253D868C9567B32668F7128C63D ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
21:46:22.0137 0x0474 rdbss - ok
21:46:22.0168 0x0474 [ 1CA9376CA1C0D2E55CE50C755F6DC483, EB3C52662201C9C0E7BA416C2D90E88F57C220772136098585E757BBF8C197E6 ] rdpbus C:\Windows\System32\drivers\rdpbus.sys
21:46:22.0200 0x0474 rdpbus - ok
21:46:22.0231 0x0474 [ 09C2F1E1AACEB431C645F8C708E7DD02, 00E3A151DB8EEFE3518E5A30C6F61564F67512855BD91AB41C4C64F8517F26C6 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
21:46:22.0278 0x0474 RDPDR - ok
21:46:22.0293 0x0474 [ 666C31466EC8E91A8BBB623F7F32A93E, FFF243455835343A84C1977822A5223ECD2E5C7869EFC69F5D04DE0390B8F3ED ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
21:46:22.0324 0x0474 RdpVideoMiniport - ok
21:46:22.0356 0x0474 [ 5AC07890A77E42729B674366E508F569, 04161C573BA24F470CA4A5CE66EF619AE2775E3254AD6AC2582595214134D7E3 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
21:46:22.0402 0x0474 RDPWD - ok
21:46:22.0434 0x0474 [ DD9EB082A1839271AC6D251CEE6DF765, 1B213F27419A367217A99B51C0709736205E7EEB35EFD25F8002242DD13984A6 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
21:46:22.0465 0x0474 rdyboost - ok
21:46:22.0512 0x0474 [ 671C1F8FEFD5C3C9A2BF472EC566822E, 7654DEBAD8E5DE130AE764AADF7D8E7B6F5DE8393EE82B65D6CB8A773126650D ] RemoteAccess C:\Windows\System32\mprdim.dll
21:46:22.0543 0x0474 RemoteAccess - ok
21:46:22.0590 0x0474 [ 44B42C98A2A51717EECF8F58F2275B34, 162B2C4CA7C6D5B234A99D38360A9C248AC051C6720EFD2AE7CBA5897D2D36A7 ] RemoteRegistry C:\Windows\system32\regsvc.dll
21:46:22.0636 0x0474 RemoteRegistry - ok
21:46:22.0652 0x0474 [ 1C6B8B9452A03BF2C046F534E5D7309B, CDBB5BF186E19883B353212D16AB78199BC5B6B72946623E23377B2534DA4C57 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
21:46:22.0683 0x0474 RpcEptMapper - ok
21:46:22.0730 0x0474 [ 7D3DFAC8C2A12A2B155701856423D988, F96F285DAF068ECECE25F3695C57E5310CAA62226B85FA85AC2F13D8ED4F3D34 ] RpcLocator C:\Windows\system32\locator.exe
21:46:22.0746 0x0474 RpcLocator - ok
21:46:22.0808 0x0474 [ 5FE7B522293942A00779B921DB8F0094, 951486DC9771EAF776417CBCF17922654CB1367FDA27A731313F0C3A004BE593 ] RpcSs C:\Windows\system32\rpcss.dll
21:46:22.0870 0x0474 RpcSs - ok
21:46:22.0905 0x0474 [ E0431BEBB118507797C66114616E760B, DEBC75F9A2AB366A43FDD9B558815AE7AC73458D51A9CD7FE3163FF63710D9E5 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
21:46:22.0936 0x0474 rspndr - ok
21:46:22.0967 0x0474 [ 868E3F54FA9B213545548CE3DD317C2B, 02C9260FDEA53C5F1607D3573F87759ADA2AD087613E7511DB25F0F32F8EC42D ] s3cap C:\Windows\System32\drivers\vms3cap.sys
21:46:22.0999 0x0474 s3cap - ok
21:46:23.0061 0x0474 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] SamSs C:\Windows\system32\lsass.exe
21:46:23.0077 0x0474 SamSs - ok
21:46:23.0108 0x0474 [ 65B271C79076149F4330F6E1EC5FEA89, 8F4ED4826C8273C10009AB7A7A9A6C3A49A93A27A56EBA2394EC8C7266EB1FB6 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
21:46:23.0139 0x0474 sbp2port - ok
21:46:23.0186 0x0474 [ F226ADCCDF951B5E6C6AEC4C5BF6E5AD, B6E5C63160D8B7D482FDA35706DC8B15E196289CB4FFCCE6396626E9F4178425 ] SCardSvr C:\Windows\System32\SCardSvr.dll
21:46:23.0233 0x0474 SCardSvr - ok
21:46:23.0233 0x0474 [ A02331E45B378E2E2E8B3F9054F91B28, 3C32B2B7A74A853BF0F3D851B55BA9737AA7B4CD431B7264F6347373A1E766AB ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
21:46:23.0279 0x0474 scfilter - ok
21:46:23.0342 0x0474 [ BBB5F9F353106E1FFD6636EF52F9B21A, D0EFA2183A18ECACB95BDCFD99BC2C1B017327E500E247E6C07A0BBDA866F4BF ] Schedule C:\Windows\system32\schedsvc.dll
21:46:23.0451 0x0474 Schedule - ok
21:46:23.0513 0x0474 [ 483E122C2C011F28552E25268FDD9F21, 53744B3D215022EE529FF4BBAD50253E3F2E51FC859CD2F717562C911095AA9B ] SCPolicySvc C:\Windows\System32\certprop.dll
21:46:23.0545 0x0474 SCPolicySvc - ok
21:46:23.0576 0x0474 [ A6426111F4AC173F98D9615C3A384EE0, FCD66C13584FE5A66743EB8E0571358A29CA009DC6D39C4E1FD15AF64279F2E3 ] sdbus C:\Windows\System32\drivers\sdbus.sys
21:46:23.0607 0x0474 sdbus - ok
21:46:23.0654 0x0474 [ C56B0F3E2F27E1A43F9CD9F46586D1AF, 3559AF03656038A45931F2B534EB56F5AFC504EAA502776916A8DBCCBA1C1419 ] SDRSVC C:\Windows\System32\SDRSVC.dll
21:46:23.0701 0x0474 SDRSVC - ok
21:46:23.0732 0x0474 [ 6E4C20D038664B4D19D866919BA740C2, 05EEE9AAACDD79E4A523E4D03696368E26FD49980827A11C63CECC709230E814 ] sdstor C:\Windows\System32\drivers\sdstor.sys
21:46:23.0763 0x0474 sdstor - ok
21:46:23.0779 0x0474 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
21:46:23.0794 0x0474 secdrv - ok
21:46:23.0841 0x0474 [ 7DFA8291BE7FB33DECE217307A75D2FD, 0A7C22F8606A9185851A336117FA65811D1499F89F8D3D23F74B26F200EA4656 ] seclogon C:\Windows\system32\seclogon.dll
21:46:23.0872 0x0474 seclogon - ok
21:46:23.0888 0x0474 [ 27B770C28CFBD80E60516DA112E0C8F3, E125DC9C93D657094E440C809C0CC4CB2C5113246B7FA0CF8DEE4F5707C0212B ] SENS C:\Windows\System32\sens.dll
21:46:23.0935 0x0474 SENS - ok
21:46:23.0950 0x0474 [ F8CDB64F6DA38D8812DE211362B98A12, FFF7EEC31E2C623F63C84F096EBB241D50BBAF7D1BCDE31DDF6314C1468B6367 ] SensrSvc C:\Windows\system32\sensrsvc.dll
21:46:23.0997 0x0474 SensrSvc - ok
21:46:24.0044 0x0474 [ 000BD3414CFFF5B38F8374D620C8F43E, 997E512B3DE024E35059DDBD6552567417E480CEDF3F2B954FA3F45A3C76295E ] SerCx C:\Windows\system32\drivers\SerCx.sys
21:46:24.0059 0x0474 SerCx - ok
21:46:24.0091 0x0474 [ B79AA351309FB7AF95B2E1634F4C0F89, 55BCB89BC03721FFB7B5A03E954117399F80CC490CA1A7D41362516A602A326C ] Serenum C:\Windows\System32\drivers\serenum.sys
21:46:24.0106 0x0474 Serenum - ok
21:46:24.0122 0x0474 [ E0DAA18F4694579C7D66D0FFD42C3B4B, 1B3728BB621B91DB0C448C22C582B5CF14424F2995DC8057235FF04F7F456A0B ] Serial C:\Windows\System32\drivers\serial.sys
21:46:24.0153 0x0474 Serial - ok
21:46:24.0169 0x0474 [ 96FE02C72242D4AD5EFC610DC37DA107, 42EAF2DE69332462EDD76B4506D35954C3E97CE8A90356AD59B30F46598C38A2 ] sermouse C:\Windows\System32\drivers\sermouse.sys
21:46:24.0200 0x0474 sermouse - ok
21:46:24.0247 0x0474 [ 63CC3E3F5CEF3D3BD22ACB670B1D9154, 0FAA9C2B7899127385C14B246EA3E777AE6C9DC0259CEECBF1272004CE3396A3 ] SessionEnv C:\Windows\system32\sessenv.dll
21:46:24.0293 0x0474 SessionEnv - ok
21:46:24.0309 0x0474 [ 18F2EEA5A661E1B808D84EA7D2CB3E5E, FA544AFE3DE4B8838462399C0658F649D38AF99D73A399E70F9EE707C48E5BC7 ] sfloppy C:\Windows\System32\drivers\sfloppy.sys
21:46:24.0340 0x0474 sfloppy - ok
21:46:24.0403 0x0474 [ 05CA53E25BBD45CE0022AD966638A19B, EDD24EA163F53743BC1813C393E05EF3181EDA512BCFED069DA2C80676E4BF79 ] SharedAccess C:\Windows\System32\ipnathlp.dll
21:46:24.0465 0x0474 SharedAccess - ok
21:46:24.0527 0x0474 [ FA431599A1631AD4D110D0ADDE9D333C, D1725648FFA9E6C4E65FB784986598A0B07367EA7B1762456B1D1CD6D9611FFC ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:46:24.0605 0x0474 ShellHWDetection - ok
21:46:24.0668 0x0474 [ EE13C9F22485DADEB864F3D93DB30F29, 9F7CF8031AE387BF24CBC51554A51A9E665D7382EEB6388B867DAC23E41D955F ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
21:46:24.0683 0x0474 SiSRaid2 - ok
21:46:24.0699 0x0474 [ 456FD58EE194BC7F289B8D9F2A2BC000, 9835F2A50A88A134B0E7D4CBDA9C70B797F32E5D4C39D324EB6BD29DC98F0C03 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
21:46:24.0730 0x0474 SiSRaid4 - ok
21:46:24.0777 0x0474 [ 2D0CC4CDC4E5805800A9615A4AE2E826, 32AC81A21135B1F2C9460C4A3C10DA0791DAE3EDC707EFFB49B4EA372295D702 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
21:46:24.0808 0x0474 SNMPTRAP - ok
21:46:24.0839 0x0474 [ 0312EE5B88383F9C8C69C4B3611BBCDF, 27A8A4938233B047EDDC1A61C3577278A940A01E949B44904340EAC1386908CB ] spaceport C:\Windows\system32\drivers\spaceport.sys
21:46:24.0871 0x0474 spaceport - ok
21:46:24.0886 0x0474 [ AE81DC8F9EC833A2578DD5F195B091BA, ABD2135462148B26BF40E2240D048499BC899EE13E3F01F91A39C15FF61C20F0 ] SpbCx C:\Windows\system32\drivers\SpbCx.sys
21:46:24.0917 0x0474 SpbCx - ok
21:46:24.0964 0x0474 [ C65FEFCD539B1ACAE87FB8DA7014C320, 064E6112CB02E71AB7BF508352D4CB3931716C662BE236209CACE20284ADD342 ] Spooler C:\Windows\System32\spoolsv.exe
21:46:25.0042 0x0474 Spooler - ok
21:46:25.0292 0x0474 [ CE5998B0CE281A8EB15CC6B4BACB50CB, C271C240DD1865B3EC4D291800AAF22D5FE1DA4346A42FB9836C8D0BA1FD74B0 ] sppsvc C:\Windows\system32\sppsvc.exe
21:46:25.0619 0x0474 sppsvc - ok
21:46:25.0729 0x0474 [ 5848941CEEAFB81EA975465CA7F95980, 955C593A46E7FDAB2E0E0C3B01A10DD17315881CEEF11E1A3FF09951DAC45373 ] srv C:\Windows\system32\DRIVERS\srv.sys
21:46:25.0775 0x0474 srv - ok
21:46:25.0822 0x0474 [ A83F32595367896B32523A3124A652C3, BD2AA5B19DFDE1EA08972A47FB1B3E9E85D6C3D0D86EBF3B50C5F90409324EC2 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
21:46:25.0885 0x0474 srv2 - ok
21:46:25.0916 0x0474 [ EC101EB41762E038CAE4D630998C9351, 921A930B6FA5F1CE218B745C5797FB78829621A5E9F627D8EA3C7DBFA97738F2 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
21:46:25.0947 0x0474 srvnet - ok
21:46:25.0994 0x0474 [ 82F694259060F222CA079FC2BA7A8A47, E717D83D48B370A2B20FDFCF887228AE17B6F70B0AC52D848208F1E244D255EC ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
21:46:26.0025 0x0474 SSDPSRV - ok
21:46:26.0041 0x0474 [ 21D742D8259AA4FD94411F5738841DFD, 50B2075AA79DD01C8B69C94439EA299B5B2399CBC7EA934D1F5BAD2C345A02FF ] SstpSvc C:\Windows\system32\sstpsvc.dll
21:46:26.0087 0x0474 SstpSvc - ok
21:46:26.0103 0x0474 [ C0A03E9D1DF7671B0CAED016EEB67074, 5795129A70B9A702B0332EAA9A2F56E4CEFF5EB839CB7605504292BABAF2AF2D ] stexstor C:\Windows\system32\drivers\stexstor.sys
21:46:26.0134 0x0474 stexstor - ok
21:46:26.0181 0x0474 [ 4D400620DCD449E1E22639C7585B8E3C, F68CC58C4D0BA85BFBBD4AF5DE6B3952B9467652E552AF8F447F45CE24AC6C38 ] stisvc C:\Windows\System32\wiaservc.dll
21:46:26.0259 0x0474 stisvc - ok
21:46:26.0306 0x0474 [ 383821D628B9843D8BA7501FD8C6D4D3, E0AD4FA5AF8DB20CD42C45FCF162BA812AA8A5132428CA78512CF00F372C1D18 ] storahci C:\Windows\system32\drivers\storahci.sys
21:46:26.0321 0x0474 storahci - ok
21:46:26.0353 0x0474 [ 844F73085E49A0B46ECCDD16CAFC1C1E, 7AD84AF4DC2BA8D84EA962AE4EB903D13123FBAEBA881674620383B6FC57BA74 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
21:46:26.0384 0x0474 storflt - ok
21:46:26.0415 0x0474 [ 29AD38D45DB2161CE60812E99402CFF6, 2ED09732186E8A754D900324B0E1EA5854CDDE1764B08E04C253E8B885585A7C ] StorSvc C:\Windows\system32\storsvc.dll
21:46:26.0462 0x0474 StorSvc - ok
21:46:26.0493 0x0474 [ 799E1DD1D72CC320E2CC0B9202F2A899, 1A5AD40ED5ED597FC52177444AF073F35D8D66030B94906123BE94BB81421FCB ] storvsc C:\Windows\system32\drivers\storvsc.sys
21:46:26.0509 0x0474 storvsc - ok
21:46:26.0540 0x0474 [ 3AF3BC53DCF91DC3D1D2A6A30AD051CF, 3495FF296378714B922D8C624AA527B78D850A17D7D94CE5D3259F3C5AEB44FE ] storvsp C:\Windows\System32\drivers\storvsp.sys
21:46:26.0571 0x0474 storvsp - ok
21:46:26.0618 0x0474 [ B25224A4EDF64737F4300968BC45AB9C, 63ACC8AD3E5C861EDA4144D63760286D7C190F494CBC1E09B6AFEAA82819281F ] svsvc C:\Windows\system32\svsvc.dll
21:46:26.0649 0x0474 svsvc - ok
21:46:26.0665 0x0474 [ 53C4A8832F1A0C01ED2A47998CA68070, E36E1BC361C4E468508D1536D63FFCB9FF9FB7ED5DE3CA4CA73C0BE6BA812BCA ] swenum C:\Windows\System32\drivers\swenum.sys
21:46:26.0680 0x0474 swenum - ok
21:46:26.0727 0x0474 [ 3DA2D680BC7CFB4F832DD8C402045DDE, 6ED5E646FF59E185F3BF1234C14166828064A12CDDB4018C12C601F9515EC7C9 ] swprv C:\Windows\System32\swprv.dll
21:46:26.0805 0x0474 swprv - ok
21:46:26.0899 0x0474 [ B63ADA5B8CA26A7D56B782B7ECE495CF, 31C89C69CF27EE1FDA907501A77882D24F278782CB117740BCD17C71E3F061DB ] SysMain C:\Windows\system32\sysmain.dll
21:46:27.0039 0x0474 SysMain - ok
21:46:27.0086 0x0474 [ AA1C13A4153AB9D839ECF3F626CA0FDA, FA41DD96A2927A69E942FBFE01370E73E0655A688DE8487E2B0CA7250E700884 ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
21:46:27.0133 0x0474 SystemEventsBroker - ok
21:46:27.0148 0x0474 [ A1878EF21CC43AB0C20E9E226C61CF8F, F92EAA45340F3A1CBF98C745D9C67EBE50EF03865AC2863922F6AD44833A50A9 ] TabletInputService C:\Windows\System32\TabSvc.dll
21:46:27.0195 0x0474 TabletInputService - ok
21:46:27.0226 0x0474 [ 23D9550BCFB35E2EAFEA65EACB4E447D, 4446E0A29C4C085D743743050FAD3BADBAAEFB3F7CEE7BC03A7DFF04AD33B3D2 ] TapiSrv C:\Windows\System32\tapisrv.dll
21:46:27.0273 0x0474 TapiSrv - ok
21:46:27.0398 0x0474 [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
21:46:27.0554 0x0474 Tcpip - ok
21:46:27.0710 0x0474 [ 311E318C6B4213C3FC25732DD7CA1661, A65E1182566F9A09F53D6A8EE4695D17E61FBF6D0578364C0730A3A5FD5F7427 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
21:46:27.0866 0x0474 TCPIP6 - ok
21:46:27.0928 0x0474 [ AA231BA5CD8A6769099FA1E01D5CF8F4, 30E20C1B3EEDACD866352C6B06D38023FAB111909396E1D32BFA61B94B694E5A ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
21:46:27.0959 0x0474 tcpipreg - ok
21:46:27.0975 0x0474 [ 82944280D22410A0A5CA7133EC81AA92, 039F30E39C39E6312654C442D22601DFD9216707BB78FD1F381F2205FE707DF0 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
21:46:28.0006 0x0474 tdx - ok
21:46:28.0053 0x0474 [ FD64257C5F21CD800AFBC98443ED2410, 9B32D7662B7735E74609A87BC9088816C7CE9C15068B4494BC5416A740DD67E7 ] terminpt C:\Windows\System32\drivers\terminpt.sys
21:46:28.0069 0x0474 terminpt - ok
21:46:28.0147 0x0474 [ 771564E254793B33E51D62303480BE97, 83D4B5E987B4B75027C8984FF5C244C7FA3C2FD8261B1C7D085A3F96F170E371 ] TermService C:\Windows\System32\termsrv.dll
21:46:28.0225 0x0474 TermService - ok
21:46:28.0271 0x0474 [ 99CD7A3F21958E4386B853AE7CDF1149, 44FAFA81AEA271AED3EDE82A408B0ED045524A30640E7A934E82292404F7C0D8 ] Themes C:\Windows\system32\themeservice.dll
21:46:28.0318 0x0474 Themes - ok
21:46:28.0349 0x0474 [ F318498AE16EC11D44D286576D86159E, C347FBC3354FA2A2E2F9F3ED823C54C390FF8224F7F4FF41889EAC33FAEC4D1E ] THREADORDER C:\Windows\system32\mmcss.dll
21:46:28.0381 0x0474 THREADORDER - ok
21:46:28.0412 0x0474 [ 969E681262181C4D3786C1F038594FF0, 5868FDE6F5E407B49A6AA356345C1D173FF5DB4B9705A7B425A1E8623EBE5BDD ] TimeBroker C:\Windows\System32\TimeBrokerServer.dll
21:46:28.0443 0x0474 TimeBroker - ok
21:46:28.0490 0x0474 [ C595E59E47AE16286A84EFDE9B8E394B, 1587019150D9C44318ACE6398425401948D7DBD05AA583578CBB2209A3D225FB ] TPM C:\Windows\system32\drivers\tpm.sys
21:46:28.0521 0x0474 TPM - ok
21:46:28.0552 0x0474 [ D1D9A607FBCD1493F3E48F7EF4274DA7, D33D869BD2C0317AE1ED779A2AEDEA2965F5DD92A056875A6163D25F1482C770 ] TrkWks C:\Windows\System32\trkwks.dll
21:46:28.0599 0x0474 TrkWks - ok
21:46:28.0630 0x0474 [ 9FE0BE086B89218187E02435FC3356B7, 6C2F02B948513460568BCB21DD18ADAE8ABFB2E5F7B992B0CDC7A341DEF12BAD ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:46:28.0661 0x0474 TrustedInstaller - ok
21:46:28.0708 0x0474 [ C1B8409E6A4BA28CFB3C874AAB60A2EC, 8BE9B5B9DCBEBE677CABE09101725D898F4CB3DEFBC00002F0CBF75B9193EFE2 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
21:46:28.0755 0x0474 TsUsbFlt - ok
21:46:28.0777 0x0474 [ 403C610E2EDD0523803951BC648B74C3, 9579819505D8D546B845BE02923890D1870C1B9683E9897C46F364E0D87B0431 ] TsUsbGD C:\Windows\System32\drivers\TsUsbGD.sys
21:46:28.0793 0x0474 TsUsbGD - ok
21:46:28.0855 0x0474 [ 880F87B7A75F39E6A41508DA43C966A8, 1B7954BC814DF8847EDD6A86AF9BBC9981385020A830AD3BE00E8DA5280D6F00 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
21:46:28.0886 0x0474 tunnel - ok
21:46:28.0902 0x0474 [ 6300E896D59730C8E30998B0C546E189, 5B3F8FA1A7C57BF8AC467285B446394480E30D4CC7AD5ECF88A952CC76753B42 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
21:46:28.0917 0x0474 uagp35 - ok
21:46:28.0933 0x0474 [ BD1EE7A81DBD00797F22CA8785F53C26, A118F1B72CF3AC6A98E876B1D7946C8025149EDEFD31749667135E2E7DD96897 ] UASPStor C:\Windows\System32\drivers\uaspstor.sys
21:46:28.0964 0x0474 UASPStor - ok
21:46:28.0995 0x0474 [ C56348B01CF40F04BC0A37DC3ABAFD33, 7D1F5E8A2286FF73BE0489823317BCCA3FB2AE59D0682B41ED148D082870E697 ] UCX01000 C:\Windows\System32\drivers\ucx01000.sys
21:46:29.0027 0x0474 UCX01000 - ok
21:46:29.0058 0x0474 [ F9E7170D13E0222F74435614D06669C4, E86449EDAF30CE975227F26920936593834E5EF87AF01A938AEBA0099CAEF38C ] udfs C:\Windows\system32\DRIVERS\udfs.sys
21:46:29.0105 0x0474 udfs - ok
21:46:29.0167 0x0474 [ DC38F7BDA9CB58A3974DE16E5B92B373, C79FC7AAF603F3996FE036F4DC464B09F402F3C2F33F24F3342D5B903EA46D89 ] UI0Detect C:\Windows\system32\UI0Detect.exe
21:46:29.0198 0x0474 UI0Detect - ok
21:46:29.0229 0x0474 [ FF40F051E4587B23D42324BB41E6AC3D, 6A0AD3C53434CA0009D1CAEE60B50EF992A371339B4A594CE18A0EB2505C0F58 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
21:46:29.0261 0x0474 uliagpkx - ok
21:46:29.0276 0x0474 [ E50E55AFADD4BA807EFAE884820F631C, 3DE18E6A89E77783077F445198DD842A0C1FCAB9E554ADFD91E5C31C354E6E1D ] umbus C:\Windows\System32\drivers\umbus.sys
21:46:29.0307 0x0474 umbus - ok
21:46:29.0323 0x0474 [ C8B523CFCC5AA060CC019ED9E54E1D1A, 0035BAF0F7A935440F4CC0578D495269D474EE58A4A0B342AE06F35312B1B1F9 ] UmPass C:\Windows\System32\drivers\umpass.sys
21:46:29.0354 0x0474 UmPass - ok
21:46:29.0385 0x0474 [ E7E4E3F0EF460D07E4A3642CF220893C, 60B869451C0E13D1DF47C6D819226DE6E7855198BD1316044DB3A9FED94E093F ] UmRdpService C:\Windows\System32\umrdp.dll
21:46:29.0432 0x0474 UmRdpService - ok
21:46:29.0463 0x0474 [ F04BE595430D590F2788966890B54DAD, 372F49E3DACA44A4113C13B9416A4669BFA18B4EBBB23E9C28062C32AAF54B07 ] upnphost C:\Windows\System32\upnphost.dll
21:46:29.0526 0x0474 upnphost - ok
21:46:29.0541 0x0474 [ 72EA2F0611459449E30014EBFB0548BE, A88FE762B207D7FE96495C9976C8C31E8977D3D6E47792C09001CF2F6DBFD787 ] usbccgp C:\Windows\System32\drivers\usbccgp.sys
21:46:29.0573 0x0474 usbccgp - ok
21:46:29.0588 0x0474 [ A11C6D32F0942D3301EF159AF73ABC1D, 14F891D873BB5BA56708F80EB4CAE2E20BAE3ACB95092AFD56BBDC34C619683A ] usbcir C:\Windows\System32\drivers\usbcir.sys
21:46:29.0635 0x0474 usbcir - ok
21:46:29.0651 0x0474 [ A35CA67BD41E5F5D4DCB7BFCCC3490B0, 6176768493E2D36F52B9DE7644681E8FB91B9B5D32921236B20031FBED73281C ] usbehci C:\Windows\System32\drivers\usbehci.sys
21:46:29.0666 0x0474 usbehci - ok
21:46:29.0697 0x0474 [ E5789E9E8D771CF55D90E897487C06F0, 0AA71E05A003AB0C32AF24CD0B9FC0F20779CCE22DF3FCC40C9115FD200D2049 ] usbhub C:\Windows\System32\drivers\usbhub.sys
21:46:29.0744 0x0474 usbhub - ok
21:46:29.0775 0x0474 [ 68F582D743424837C082A46AAD7F5C2A, A292EB81D612C092559F737DCDF42D50F805E074752F9492FAF43481410C9B71 ] USBHUB3 C:\Windows\System32\drivers\UsbHub3.sys
21:46:29.0822 0x0474 USBHUB3 - ok
21:46:29.0869 0x0474 [ 0F04142FF6103B898F8BAA04EC626FC4, 8925F76E8249BD809B0B53F954C1CB4A087F0E04358118FF8698F23E40BB074E ] usbohci C:\Windows\System32\drivers\usbohci.sys
21:46:29.0885 0x0474 usbohci - ok
21:46:29.0900 0x0474 [ F3CDD4A88125BD7B91D6847170E06B96, 60C1D8E5E6C2DF6D7412A6B20C5B5CB6AEFEB72A79538A1FCB75AC75ED6CFF1E ] usbprint C:\Windows\System32\drivers\usbprint.sys
21:46:29.0931 0x0474 usbprint - ok
21:46:29.0947 0x0474 [ D68B7268CA888C06447FB8ADC8E0ACF7, 67580E237B7D7D9862A537EE11EBE3BB9AB029E522EAB94EC9A41642A8466019 ] USBSTOR C:\Windows\System32\drivers\USBSTOR.SYS
21:46:29.0963 0x0474 USBSTOR - ok
21:46:29.0978 0x0474 [ B1FC6C75482078C324A2470CBA5CD737, E687204FF0FE22CAAAFD05285FA07229668B737DABEC2A63697D0A48B0BCF9FE ] usbuhci C:\Windows\System32\drivers\usbuhci.sys
21:46:30.0009 0x0474 usbuhci - ok
21:46:30.0056 0x0474 [ 99F8D02C629F6EA68AC057647A7A4A5E, 2A76EB8A58D94DA1B4CD93894671F9E9505BEAF23CA3C0A5B07872A3FF7C2486 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
21:46:30.0103 0x0474 usbvideo - ok
21:46:30.0150 0x0474 [ FCCCCFE107E17D834B9B132DAE965B25, F6F80EEF47FC3C975C9E68135372E16CF913DC40DF111F0C6E72D11CACCD0065 ] USBXHCI C:\Windows\System32\drivers\USBXHCI.SYS
21:46:30.0181 0x0474 USBXHCI - ok
21:46:30.0212 0x0474 [ 9141CD0B72E527B6C8A6D127DEF04D6C, 532D6F98E4453051CB8BCCB89C2FFACCEE2EC3F9DBC95FCDD71D2F537C037228 ] VaultSvc C:\Windows\system32\lsass.exe
21:46:30.0244 0x0474 VaultSvc - ok
21:46:30.0259 0x0474 [ CC402B1ED2921B39BB972913422219BB, 3037CCC6EB07CCFBD72D7C772486FB4DCC8560CF577EB65C65BC06C0BA532437 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
21:46:30.0275 0x0474 vdrvroot - ok
21:46:30.0353 0x0474 [ 5A57E3FBB73FF8B503FFDBBBE06C7F73, 7346212BFAC8AE404B231DC1E6D4B5934ED2EBC12511E19931FF137F0FA6B0B3 ] vds C:\Windows\System32\vds.exe
21:46:30.0431 0x0474 vds - ok
21:46:30.0462 0x0474 [ 5BD4FBB9E65CDC70C029612D1DE26356, E4E79FA2ED32AC3EC8240C007ABD9255EBCFD7E9B5C7B5408AC6990E070B68F3 ] VerifierExt C:\Windows\system32\drivers\VerifierExt.sys
21:46:30.0493 0x0474 VerifierExt - ok
21:46:30.0571 0x0474 [ 5FE0329F82B1AD8F95A155231E2AAE37, BFFBF7D4AE3C33985A225206491C25E0F8B6438AC2B7069E0E258DAE86EB1708 ] vhdmp C:\Windows\System32\drivers\vhdmp.sys
21:46:30.0634 0x0474 vhdmp - ok
21:46:30.0712 0x0474 [ 51A2636F86F50484FB35E14AB2AA764C, 6273D9E68F5E7401817D95B53999A5B71D3870BFAA97C2733551DCB8AFC4AA2F ] viaide C:\Windows\system32\drivers\viaide.sys
21:46:30.0727 0x0474 viaide - ok
21:46:30.0758 0x0474 [ 684A0454B2C377DCBE138159F5F1E102, 55E93778D92C1E7452179C847679030AC7F0672C4F8750931B64FA1F8A2B4C50 ] Vid C:\Windows\System32\drivers\Vid.sys
21:46:30.0790 0x0474 Vid - ok
21:46:30.0805 0x0474 [ 1E5B68D3A799EFC803942801D14EB1D9, 0B8548C589C0EE4A4BB08C4D1B88B9B58A623B55FBC6DBF23C16C4DFCF82D66D ] vmbus C:\Windows\system32\drivers\vmbus.sys
21:46:30.0836 0x0474 vmbus - ok
21:46:30.0852 0x0474 [ 2B69692D7A89A55A91657D070B265C51, 2F85D625E53A5393E7C19EF247864BC0619EFBD13365F9F76C5EF53F3C01D582 ] VMBusHID C:\Windows\System32\drivers\VMBusHID.sys
21:46:30.0868 0x0474 VMBusHID - ok
21:46:30.0899 0x0474 [ 273477B3331983A356E132700288FF2D, 883450DED09363F5614699B702773B2100B9EED269F4E43116C6578D6B6938D8 ] vmbusr C:\Windows\System32\drivers\vmbusr.sys
21:46:30.0930 0x0474 vmbusr - ok
21:46:30.0992 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicheartbeat C:\Windows\System32\ICSvc.dll
21:46:31.0039 0x0474 vmicheartbeat - ok
21:46:31.0055 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
21:46:31.0102 0x0474 vmickvpexchange - ok
21:46:31.0117 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicrdv C:\Windows\System32\ICSvc.dll
21:46:31.0164 0x0474 vmicrdv - ok
21:46:31.0180 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicshutdown C:\Windows\System32\ICSvc.dll
21:46:31.0304 0x0474 vmicshutdown - ok
21:46:31.0320 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmictimesync C:\Windows\System32\ICSvc.dll
21:46:31.0367 0x0474 vmictimesync - ok
21:46:31.0382 0x0474 [ A6C424A68EE182D9D93E3DF3B9E4019D, 5F104C84D5F61A37B70C5E3643189E197B876A373F1F813C5E3FD1AA384FF628 ] vmicvss C:\Windows\System32\ICSvc.dll
21:46:31.0429 0x0474 vmicvss - ok
21:46:31.0445 0x0474 [ A6FD547C67E16300F880CFC29EB1180B, B6C4EDBC00A145C93184E63C8B5FB5A1647D93B12EB2A3259A72C6281678EB46 ] volmgr C:\Windows\system32\drivers\volmgr.sys
21:46:31.0476 0x0474 volmgr - ok
21:46:31.0507 0x0474 [ 4EC94AFA246E256460811D8CEBBC914A, FCF4C445B964F1BB26DE173737CE1C1E6CAED11E9E05CB67C32244C8090C5A28 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
21:46:31.0554 0x0474 volmgrx - ok
21:46:31.0570 0x0474 [ ED7880AB1743BEB09A8549B6E88E7FF5, 4938FC4FE246FC756CDF58262C092A439F00699172CC09B992EDA3AE9D76067D ] volsnap C:\Windows\system32\drivers\volsnap.sys
21:46:31.0601 0x0474 volsnap - ok
21:46:31.0616 0x0474 [ 569755E8A09406F074764A9C72361969, 6E3E64390DD3CB0459BDD9AFFDFDE95493CA10D49CAE186CA4EE601BB12327C4 ] vpci C:\Windows\System32\drivers\vpci.sys
21:46:31.0648 0x0474 vpci - ok
21:46:31.0663 0x0474 [ BD272A755B8D028CC558E3CD0330E286, 725A4900CD4981EB922B94CD3462322669BA46AC175C132B4C2EC16C7BCE1401 ] vpcivsp C:\Windows\System32\drivers\vpcivsp.sys
21:46:31.0679 0x0474 vpcivsp - ok
21:46:31.0710 0x0474 [ 9EE2C503B3960AE8E43DDB85523428CA, CBC0A1FAF9861FACF3805CBEC24F40F9E4B8164A7CF01BF2A16F766EF18AD03A ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
21:46:31.0741 0x0474 vsmraid - ok
21:46:31.0882 0x0474 [ 9BD38DF6B2C7D020B2F29C0573B557C8, 621AE44A7E01F6294F4D690D6D6C1E11FB56C96BBEE241D34B4155252B620798 ] VSS C:\Windows\system32\vssvc.exe
21:46:32.0334 0x0474 VSS - ok
21:46:32.0708 0x0474 [ 4ACE469E3FD59CB605D680124938DD06, D7C0BC0DEFD75C30F94FDC840FEF53D48DA44D28B101DA0ED8EA4DE5A11FA091 ] VSTXRAID C:\Windows\system32\drivers\vstxraid.sys
21:46:32.0786 0x0474 VSTXRAID - ok
21:46:32.0833 0x0474 [ 3C84A039E2796EECA1997902F5D635E7, A503051F5820E61EE15221AF1BA7A7C04CDB3760487D287743D0FAA0A167B59C ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
21:46:32.0880 0x0474 vwifibus - ok
21:46:32.0927 0x0474 [ C6BB1AD6603A83B0B00C344DE2BA652D, 869EFD4EBC4F19C7C82DBC12CF59CAB71946F242401B59D23AE8BF6C91DCA499 ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
21:46:32.0958 0x0474 vwififlt - ok
21:46:32.0989 0x0474 [ C78819ED0FF21EFFA23465267E507441, E9FBA09783DC516FB66465960CC793BF0BE348665E28A21C79534DC3D856BC0D ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
21:46:33.0005 0x0474 vwifimp - ok
21:46:33.0067 0x0474 [ 9192AECDDAB77DB096AF1557EF58EF07, 56B6B14B6873522270F257BCA382773DE2B33D89DBE53EC012F67A6551A86855 ] W32Time C:\Windows\system32\w32time.dll
21:46:33.0114 0x0474 W32Time - ok
21:46:33.0130 0x0474 [ 142617854B09099C9F32FB4A3B96CB83, 3A90636E00D01EAFF559F2C9BB0EE7C803E381EB738D825D7D68F1245BEFE146 ] WacomPen C:\Windows\System32\drivers\wacompen.sys
21:46:33.0161 0x0474 WacomPen - ok
21:46:33.0176 0x0474 [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
21:46:33.0223 0x0474 Wanarp - ok
21:46:33.0223 0x0474 [ CFD3CBAFEA35BEB4B584C03B141F7573, 3378912B845B121CBFB067D48D5B8D518B113C6F72DFF19C677CF299B3D4EBCE ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
21:46:33.0270 0x0474 Wanarpv6 - ok
21:46:33.0354 0x0474 [ 1B7B06CF9206E129D03BE3011E35C6E5, 653545F4C709ABE8292C7CBD948E5300F7CFE91003D236280138A9C116E5006A ] wbengine C:\Windows\system32\wbengine.exe
21:46:33.0495 0x0474 wbengine - ok
21:46:33.0557 0x0474 [ 06212EE0E6FFE33E40CB519EFA2E055D, 4381248FE810284114FAE659A160CE1FA612A8B2F70B3F98E3FD97753D4D2815 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
21:46:33.0588 0x0474 WbioSrvc - ok
21:46:33.0635 0x0474 [ DC45A1C14D36A4FB1E581D69602306A5, E33EC9182A1525E59C039E5060C65C6930768A739FC6B8E410B83F790A359968 ] Wcmsvc C:\Windows\System32\wcmsvc.dll
21:46:33.0666 0x0474 Wcmsvc - ok
21:46:33.0698 0x0474 [ 7C86BF53418BAE01483853E129B1FCB7, DEE1568020702F10F72EEE35E3195922478E1AA19948EC5A12A9DE6578576637 ] wcncsvc C:\Windows\System32\wcncsvc.dll
21:46:33.0760 0x0474 wcncsvc - ok
21:46:33.0791 0x0474 [ B6B3F1A5BCEC66B1E08A8A96B67161E1, 2E4269DC1820DDB22A7C4FC866746F0057F3E3DBDDFDEBAAFAB5EE00502E5654 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:46:33.0822 0x0474 WcsPlugInService - ok
21:46:33.0854 0x0474 [ 80915B11341BD6A0653A2E2DC73A1A87, 6F45B16662F7606CA7AAC43A31E8392BC3BC7CDF925B11478ABD7CBC4B2D4F24 ] Wd C:\Windows\system32\drivers\wd.sys
21:46:33.0869 0x0474 Wd - ok
21:46:33.0885 0x0474 [ 664BDB2F6B12FE9B07538B5BF443F403, BAAE3A784D5FBB5E68BD5FFE9F3984E71362DFFFADDFC8D1CC618A23672ECEA4 ] WdBoot C:\Windows\system32\drivers\WdBoot.sys
21:46:33.0916 0x0474 WdBoot - ok
21:46:33.0987 0x0474 [ 7F2978DE8DDF0145DEF9EA8FB1E3D019, 7C4129C045CE82440FFA0582F184647B67A8E197AE206CF23B70627640E31540 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
21:46:34.0049 0x0474 Wdf01000 - ok
21:46:34.0127 0x0474 [ C22973DD5DA19664C51583D30E5DE3B3, C535A32DB10600510F2682BC049FD182B40AD3E4B2B5340619D80469CACABEE0 ] WdFilter C:\Windows\system32\drivers\WdFilter.sys
21:46:34.0174 0x0474 WdFilter - ok
21:46:34.0190 0x0474 [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiServiceHost C:\Windows\system32\wdi.dll
21:46:34.0237 0x0474 WdiServiceHost - ok
21:46:34.0237 0x0474 [ CBF9FD761DBC7BEF0BC8DF1C3B11BC6A, D8B030BA0751ADA65837989AE5663C4E634B564CDD8AF410D674BEDD5D614486 ] WdiSystemHost C:\Windows\system32\wdi.dll
21:46:34.0283 0x0474 WdiSystemHost - ok
21:46:34.0330 0x0474 [ 950D8382A389844DED765834A796EEDC, B1E1AF2D9F0048C51A5E32DA0B273021F26AD88037209371255411367594643D ] WebClient C:\Windows\System32\webclnt.dll
21:46:34.0377 0x0474 WebClient - ok
21:46:34.0408 0x0474 [ 02D478D6142E0FF303C53D9FB8D34A53, 657A34E9A23DA4317D53447AAEFA1904DA46BA974C9F39AC94CB8BF07A8A8249 ] Wecsvc C:\Windows\system32\wecsvc.dll
21:46:34.0439 0x0474 Wecsvc - ok
21:46:34.0455 0x0474 [ F2F427F3C188877E0754C4D0D9D7321D, FBC6ED0EE41D13D170B36476297211EDA200621EDD0F7341012C3D4D667761BF ] wercplsupport C:\Windows\System32\wercplsupport.dll
21:46:34.0517 0x0474 wercplsupport - ok
21:46:34.0533 0x0474 [ 158AB68C9761845EB6B240CD273D667F, 11D0291F04632DDF6EAD266214011125405B32326CB48C50BCD97024C8BDE893 ] WerSvc C:\Windows\System32\WerSvc.dll
21:46:34.0595 0x0474 WerSvc - ok
21:46:34.0642 0x0474 [ 01353FA4F412E1CFEBD049B604208A90, 860F06EE231771E2021B400B7D6931A9601562CA8EBEE52F79865F8B8EEB9250 ] WFPLWFS C:\Windows\system32\DRIVERS\wfplwfs.sys
21:46:34.0658 0x0474 WFPLWFS - ok
21:46:34.0689 0x0474 [ D16E5C1F2E4680C7263784B45916EE52, 156BE46EF6B61A732CFB112E18099F70D72F32C841FBCF87F2DA4B827FD89A6D ] WiaRpc C:\Windows\System32\wiarpc.dll
21:46:34.0720 0x0474 WiaRpc - ok
21:46:34.0736 0x0474 [ 1B6DA2B0F0ED2FCF77BC64E33513A329, 25854A6E7D3384123E62BF954FEED9596D1BB28A8EB134C5FFF63F0D51B56683 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
21:46:34.0767 0x0474 WIMMount - ok
21:46:34.0798 0x0474 WinDefend - ok
21:46:34.0861 0x0474 [ E9A19812C75CC074B20088C714AEB690, 47546E381D72AE9D2F5330B982582199E2E6D2DE66ADE3C5DEE6FAC831631D72 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
21:46:34.0923 0x0474 WinHttpAutoProxySvc - ok
21:46:35.0079 0x0474 [ 4C5FD622294D2F81F6F06F741E895F70, 258E56A01B2CD29A754D6CDF7FCF103883AB7088B4E262DB46DAA93F885747BD ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
21:46:35.0126 0x0474 Winmgmt - ok
21:46:35.0282 0x0474 [ 4083852CC0E31D32B3B16AC9E18F0B3F, 055A2C9340CEDBFE2F9D6617A2D75A05AB03B0F6714E982AD41C4260359115CE ] WinRM C:\Windows\system32\WsmSvc.dll
21:46:35.0485 0x0474 WinRM - ok
21:46:35.0625 0x0474 [ AE5D57594A2F1A6A6C34DD47066201E8, 69773BEB53F43255613472886C27A2FAE9387127821A7361A34CE3848993809D ] WlanSvc C:\Windows\System32\wlansvc.dll
21:46:35.0750 0x0474 WlanSvc - ok
21:46:35.0984 0x0474 [ C347251ACD04EA68E62BCE707B42E756, 603C408792541B441A3FB27C51EE0FED598CE97832205F596BE093510F339A73 ] wlidsvc C:\Windows\system32\wlidsvc.dll
21:46:36.0124 0x0474 wlidsvc - ok
21:46:36.0187 0x0474 [ F274B2E40D94B41098AB82F2EEE07898, C55B80FCAAE218C375169DA821EDD5BD36DCCC6105AD8BCECCD890FE99C61C23 ] WmiAcpi C:\Windows\System32\drivers\wmiacpi.sys
21:46:36.0218 0x0474 WmiAcpi - ok
21:46:36.0285 0x0474 [ F8FD8BF814C83FEAAA3110477D49C57E, 82FE4325EF8BF56A94C2D4E28B7E3E6CAFB060985A850380E3C6C2647E997D77 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
21:46:36.0328 0x0474 wmiApSrv - ok
21:46:36.0359 0x0474 WMPNetworkSvc - ok
21:46:36.0406 0x0474 [ 4E8429A8E3873D99581B76F4BB2E2BCD, 7B6EA55C1DF3C12B6108D6F7E6C1BFC71B54BCA65199ADD685B9133092ECFAEE ] wpcfltr C:\Windows\system32\DRIVERS\wpcfltr.sys
21:46:36.0452 0x0474 wpcfltr - ok
21:46:36.0487 0x0474 [ 247140C51FE0424C54AA85412CDFB26D, 36B61FA1794FC8580AC2A2679C3ED00AA0A11E4520A77611660E21672CE15947 ] WPCSvc C:\Windows\System32\wpcsvc.dll
21:46:36.0518 0x0474 WPCSvc - ok
21:46:36.0533 0x0474 [ AA429F7C7B9E18FF66FE3504B80FAB9A, A676B24F0A7519066404DE6C9598F9DCDF676E50ECBFE1CB736468162D272B82 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
21:46:36.0565 0x0474 WPDBusEnum - ok
21:46:36.0580 0x0474 [ FA4024915B947A7A4C33F6F18454B32A, 9BF9A3FC1099A9472EFF2B54D36F64D009A683535EF102D1172D2385C9DEFEBC ] WpdUpFltr C:\Windows\system32\drivers\WpdUpFltr.sys
21:46:36.0611 0x0474 WpdUpFltr - ok
21:46:36.0627 0x0474 [ B4E48459933B8C48F388BCC3EB1F58D1, 23DE611C880E60B8A4E81F8A44541119D86B15E1718D5E3ADE4E600DE1D0A515 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
21:46:36.0658 0x0474 ws2ifsl - ok
21:46:36.0689 0x0474 [ C3A047C10C2B4C6A1C081F04EFBCE1E3, 3AC760E742CE4357FEE5E8E33344586D5D38D495733B9829866CADFAB7071B4D ] wscsvc C:\Windows\System32\wscsvc.dll
21:46:36.0705 0x0474 wscsvc - ok
21:46:36.0721 0x0474 WSearch - ok
21:46:36.0877 0x0474 [ 8760CCDABD00942F32DD02B8F04D7EA8, AF00539CE9312CEB624664F66E8834D086807CD6ED6BFD76DCAD457D1D22FC4E ] WSService C:\Windows\System32\WSService.dll
21:46:37.0064 0x0474 WSService - ok
21:46:37.0289 0x0474 [ 3E8C4507F587C7151F0755DAA1FDB997, E2F9630CC777A76F10788DD146AE4CADC6CE4EBD419DF3EB78F71DA57D7F08E1 ] wuauserv C:\Windows\system32\wuaueng.dll
21:46:37.0632 0x0474 wuauserv - ok
21:46:37.0741 0x0474 [ A599942A2C8DED90CB73C28A86F56EF3, C5F7103ADBB7DBAF10CC39C4D02264222EA08719829BEB6924AA6F2295102430 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
21:46:37.0757 0x0474 WudfPf - ok
21:46:37.0788 0x0474 [ EB155EDD2256E626368796F4B7CBE013, D049298AD903C967A336596CAF030DDA1B66AACADC4A2E9ECD7E15082B4EA0BC ] WUDFRd C:\Windows\System32\drivers\WUDFRd.sys
21:46:37.0819 0x0474 WUDFRd - ok
21:46:37.0866 0x0474 [ C4B15954BFF994889DEB6A2AFE9E8985, EA55A7CD5C4B718C2693AA39B151D7A0F8D1272E47DD13F1136F9146C938A7BC ] wudfsvc C:\Windows\System32\WUDFSvc.dll
21:46:37.0897 0x0474 wudfsvc - ok
21:46:37.0929 0x0474 [ DD9797B5157EF2CAB24454D0F5A08837, 5F25EA5C5B75E45212D463C59B36A79202DE77DE56B6C63FAF1487860A219CF9 ] WwanSvc C:\Windows\System32\wwansvc.dll
21:46:37.0975 0x0474 WwanSvc - ok
21:46:38.0007 0x0474 ================ Scan global ===============================
21:46:38.0069 0x0474 [ 26E0369D73B00093D046562F22676D70, 96CE28CCD5DF70EEACE9223A9939F8845B93B3F71EAF3215C167A1E8B1FB593E ] C:\Windows\system32\basesrv.dll
21:46:38.0116 0x0474 [ E84549406F758028C87FB4C404AD582B, B512E562763D6E85D17BDDC73213CC292F41134588295B47B1F732B14544776E ] C:\Windows\system32\winsrv.dll
21:46:38.0169 0x0474 [ E1F689E799E6BF3EE078A228E01E6DAB, B51ACDE3A47E02F3D8C7988B21E7B277535C0C102497FBB2C54B8B644DF37EF0 ] C:\Windows\system32\sxssrv.dll
21:46:38.0216 0x0474 [ 0D9642ECA426AB06234E41161BCC9628, DAB7EB1321B7F246878720DD5011D90D57CE5C9F22E4EAA6B450E0F5EE88B0A1 ] C:\Windows\system32\services.exe
21:46:38.0232 0x0474 [ Global ] - ok
21:46:38.0232 0x0474 ================ Scan MBR ==================================
21:46:38.0247 0x0474 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:46:39.0202 0x0474 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
21:46:39.0202 0x0474 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
21:46:41.0699 0x0474 ================ Scan VBR ==================================
21:46:41.0699 0x0474 [ ACF4FFFBB302AD629A0DF9B0851E0D8E ] \Device\Harddisk0\DR0\Partition1
21:46:41.0699 0x0474 \Device\Harddisk0\DR0\Partition1 - ok
21:46:41.0746 0x0474 [ 74D9421ADA4FD2181D471B391C4D34F6 ] \Device\Harddisk0\DR0\Partition2
21:46:41.0761 0x0474 \Device\Harddisk0\DR0\Partition2 - ok
21:46:41.0761 0x0474 Waiting for KSN requests completion. In queue: 85
21:46:42.0775 0x0474 Waiting for KSN requests completion. In queue: 85
21:46:43.0789 0x0474 Waiting for KSN requests completion. In queue: 85
21:46:44.0805 0x0474 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.0.9200.16384 ), 0x60100 ( disabled : updated )
21:46:44.0805 0x0474 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
21:46:44.0821 0x0474 Win FW state via NFP2: enabled
21:46:47.0317 0x0474 ============================================================
21:46:47.0317 0x0474 Scan finished
21:46:47.0317 0x0474 ============================================================
21:46:47.0348 0x1104 Detected object count: 1
21:46:47.0348 0x1104 Actual detected object count: 1
21:47:07.0378 0x1104 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
21:47:07.0378 0x1104 \Device\Harddisk0\DR0\TDLFS\vbr - copied to quarantine
21:47:07.0378 0x1104 \Device\Harddisk0\DR0\TDLFS\bid - copied to quarantine
21:47:07.0394 0x1104 \Device\Harddisk0\DR0\TDLFS\affid - copied to quarantine
21:47:07.0643 0x1104 \Device\Harddisk0\DR0\TDLFS\boot - copied to quarantine
21:47:07.0643 0x1104 \Device\Harddisk0\DR0\TDLFS\cmd32 - copied to quarantine
21:47:07.0659 0x1104 \Device\Harddisk0\DR0\TDLFS\cmd64 - copied to quarantine
21:47:07.0674 0x1104 \Device\Harddisk0\DR0\TDLFS\dbg32 - copied to quarantine
21:47:07.0690 0x1104 \Device\Harddisk0\DR0\TDLFS\dbg64 - copied to quarantine
21:47:07.0737 0x1104 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:47:07.0752 0x1104 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
21:47:07.0768 0x1104 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:47:07.0768 0x1104 \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:47:07.0784 0x1104 \Device\Harddisk0\DR0\TDLFS\subid - copied to quarantine
21:47:07.0784 0x1104 \Device\Harddisk0\DR0\TDLFS\info - copied to quarantine
21:47:07.0799 0x1104 \Device\Harddisk0\DR0\TDLFS\mainfb.script - copied to quarantine
21:47:07.0830 0x1104 \Device\Harddisk0\DR0\TDLFS\com64 - copied to quarantine
21:47:07.0830 0x1104 \Device\Harddisk0\DR0\TDLFS\serf_conf - copied to quarantine
21:47:07.0862 0x1104 \Device\Harddisk0\DR0\TDLFS\bbr232 - copied to quarantine
21:47:07.0893 0x1104 \Device\Harddisk0\DR0\TDLFS\bbr264 - copied to quarantine
21:47:07.0986 0x1104 \Device\Harddisk0\DR0\TDLFS\serf332 - copied to quarantine
21:47:08.0018 0x1104 \Device\Harddisk0\DR0\TDLFS\serf364 - copied to quarantine
21:47:08.0049 0x1104 \Device\Harddisk0\DR0\TDLFS\bbr_conf - copied to quarantine
21:47:08.0049 0x1104 \Device\Harddisk0\DR0\TDLFS\main - copied to quarantine
21:47:08.0049 0x1104 \Device\Harddisk0\DR0\TDLFS - deleted
21:47:08.0049 0x1104 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
21:47:40.0103 0x0020 Deinitialize success
Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by Markus (administrator) on 25-10-2013 at 21:56:46
Windows 8 (X64)
Running From: C:\Users\Markus\Desktop
Language: 0409
************************************************************
========================= Memory info ======================
Percentage of memory in use: 29%
Total physical RAM: 4060.93 MB
Available physical RAM: 2877.73 MB
Total Pagefile: 7644.93 MB
Available Pagefile: 6305.61 MB
Total Virtual: 8192 MB
Available Virtual: 8191.88 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:284.99 GB) (Free:267.47 GB) NTFS
2 Drive d: (HRM_CCSA_X64CHK_EN-US_DV5) (CDROM) (Total:3.46 GB) (Free:0 GB) UDF
Disk ### Status Size Free Dyn Gpt
-------- ------------- ------- ------- --- ---
Disk 0 Online 298 GB 0 B
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition ### Type Size Offset
------------- ---------------- ------- -------
Partition 1 Recovery 13 GB 1024 KB
Partition 2 Primary 100 MB 13 GB
Partition 3 Primary 284 GB 13 GB
======================================================================================================
Disk: 0
Partition 1
Type : 27
Hidden: Yes
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 NTFS Partition 13 GB Healthy Hidden
======================================================================================================
Disk: 0
Partition 2
Type : 07
Hidden: No
Active: Yes
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 NTFS Partition 100 MB Healthy System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Type : 07
Hidden: No
Active: No
Volume ### Ltr Label Fs Type Size Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C NTFS Partition 284 GB Healthy Boot
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: D5EB9B58
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=285 GB) - (Type=07 NTFS)
****** End Of Log ******
|
|
25.10.2013, 21:06
| #7 |
| /// TB-Ausbilder | Bootsektorvirus BOO/TDss.o So das sollte somit erledigt sein. Lass zur Kontrolle nochmals Avira scannen. Meldet es immer noch was?
__________________ cheers, Leo |
|
25.10.2013, 21:41
| #8 |
| | Bootsektorvirus BOO/TDss.o Ich habe jetzt noch 9 Viren gefunden und mit Antivir in Quarantäne verschoben. Der Bootsektorvirus ist aber weg! Ansonsten Vielen Dank für die Hilfe! Großes Lob ans Forum! hier noch der Log von Antivir Code:
ATTFilter
Avira Free Antivirus
Erstellungsdatum der Reportdatei: Freitag, 25. Oktober 2013 22:12
Das Programm läuft als uneingeschränkte Vollversion.
Online-Dienste stehen zur Verfügung.
Lizenznehmer : Avira Free Antivirus
Seriennummer : 0000149996-ADJIE-0000001
Plattform : Windows 8 Pro
Windowsversion : (plain) [6.2.9200]
Boot Modus : Normal gebootet
Benutzername : SYSTEM
Computername : MARKUS
Versionsinformationen:
BUILD.DAT : 14.0.0.411 55393 Bytes 10.10.2013 19:14:00
AVSCAN.EXE : 14.0.0.383 968776 Bytes 10.10.2013 17:14:05
AVSCANRC.DLL : 14.0.0.225 62024 Bytes 10.10.2013 17:14:05
LUKE.DLL : 14.0.0.383 65096 Bytes 10.10.2013 17:14:07
AVSCPLR.DLL : 14.0.0.383 92232 Bytes 10.10.2013 17:14:05
AVREG.DLL : 14.0.0.383 250440 Bytes 10.10.2013 17:14:05
avlode.dll : 14.0.0.383 512584 Bytes 10.10.2013 17:14:05
avlode.rdf : 13.0.1.42 26846 Bytes 10.10.2013 17:14:05
VBASE000.VDF : 7.11.70.0 66736640 Bytes 04.04.2013 17:14:08
VBASE001.VDF : 7.11.74.226 2201600 Bytes 30.04.2013 17:14:08
VBASE002.VDF : 7.11.80.60 2751488 Bytes 28.05.2013 17:14:08
VBASE003.VDF : 7.11.85.214 2162688 Bytes 21.06.2013 17:14:08
VBASE004.VDF : 7.11.91.176 3903488 Bytes 23.07.2013 17:14:08
VBASE005.VDF : 7.11.98.186 6822912 Bytes 29.08.2013 17:14:08
VBASE006.VDF : 7.11.103.230 2293248 Bytes 24.09.2013 17:14:08
VBASE007.VDF : 7.11.103.231 2048 Bytes 24.09.2013 17:14:08
VBASE008.VDF : 7.11.103.232 2048 Bytes 24.09.2013 17:14:08
VBASE009.VDF : 7.11.103.233 2048 Bytes 24.09.2013 17:14:08
VBASE010.VDF : 7.11.103.234 2048 Bytes 24.09.2013 17:14:08
VBASE011.VDF : 7.11.103.235 2048 Bytes 24.09.2013 17:14:08
VBASE012.VDF : 7.11.103.236 2048 Bytes 24.09.2013 17:14:08
VBASE013.VDF : 7.11.103.237 2048 Bytes 24.09.2013 17:14:08
VBASE014.VDF : 7.11.104.123 282112 Bytes 26.09.2013 17:14:08
VBASE015.VDF : 7.11.104.237 359424 Bytes 28.09.2013 17:14:08
VBASE016.VDF : 7.11.105.103 195072 Bytes 02.10.2013 17:14:08
VBASE017.VDF : 7.11.105.243 571904 Bytes 07.10.2013 17:14:08
VBASE018.VDF : 7.11.106.91 185856 Bytes 08.10.2013 17:14:08
VBASE019.VDF : 7.11.106.167 183296 Bytes 09.10.2013 17:54:50
VBASE020.VDF : 7.11.107.5 236544 Bytes 11.10.2013 17:54:50
VBASE021.VDF : 7.11.107.85 178688 Bytes 13.10.2013 17:54:50
VBASE022.VDF : 7.11.107.163 276992 Bytes 15.10.2013 17:54:50
VBASE023.VDF : 7.11.108.15 308224 Bytes 17.10.2013 17:54:51
VBASE024.VDF : 7.11.108.79 190464 Bytes 18.10.2013 17:54:51
VBASE025.VDF : 7.11.108.159 245248 Bytes 20.10.2013 17:54:51
VBASE026.VDF : 7.11.109.41 454144 Bytes 23.10.2013 17:54:51
VBASE027.VDF : 7.11.109.42 2048 Bytes 23.10.2013 17:54:52
VBASE028.VDF : 7.11.109.43 2048 Bytes 23.10.2013 17:54:52
VBASE029.VDF : 7.11.109.44 2048 Bytes 23.10.2013 17:54:52
VBASE030.VDF : 7.11.109.45 2048 Bytes 23.10.2013 17:54:52
VBASE031.VDF : 7.11.109.114 296448 Bytes 25.10.2013 17:54:52
Engineversion : 8.2.12.134
AEVDF.DLL : 8.1.3.4 102774 Bytes 10.10.2013 17:14:02
AESCRIPT.DLL : 8.1.4.160 516478 Bytes 25.10.2013 17:54:55
AESCN.DLL : 8.1.10.4 131446 Bytes 10.10.2013 17:14:02
AESBX.DLL : 8.2.16.26 1245560 Bytes 10.10.2013 17:14:02
AERDL.DLL : 8.2.0.128 688504 Bytes 10.10.2013 17:14:02
AEPACK.DLL : 8.3.3.4 758136 Bytes 25.10.2013 17:54:55
AEOFFICE.DLL : 8.1.2.76 205181 Bytes 10.10.2013 17:14:02
AEHEUR.DLL : 8.1.4.716 6209914 Bytes 25.10.2013 17:54:54
AEHELP.DLL : 8.1.27.6 266617 Bytes 10.10.2013 17:14:02
AEGEN.DLL : 8.1.7.14 446839 Bytes 10.10.2013 17:14:02
AEEXP.DLL : 8.4.1.84 344439 Bytes 25.10.2013 17:54:55
AEEMU.DLL : 8.1.3.2 393587 Bytes 10.10.2013 17:14:02
AECORE.DLL : 8.1.32.0 201081 Bytes 10.10.2013 17:14:02
AEBB.DLL : 8.1.1.4 53619 Bytes 10.10.2013 17:14:02
AVWINLL.DLL : 14.0.0.225 23624 Bytes 10.10.2013 17:14:05
AVPREF.DLL : 14.0.0.225 48712 Bytes 10.10.2013 17:14:05
AVREP.DLL : 14.0.0.225 175688 Bytes 10.10.2013 17:14:05
AVARKT.DLL : 14.0.0.225 257096 Bytes 10.10.2013 17:14:03
AVEVTLOG.DLL : 14.0.0.383 165960 Bytes 10.10.2013 17:14:03
SQLITE3.DLL : 3.7.0.1 394824 Bytes 10.10.2013 17:14:07
AVSMTP.DLL : 14.0.0.225 60488 Bytes 10.10.2013 17:14:05
NETNT.DLL : 14.0.0.225 13384 Bytes 10.10.2013 17:14:07
RCIMAGE.DLL : 14.0.0.225 4786760 Bytes 10.10.2013 17:14:07
RCTEXT.DLL : 14.0.0.225 67144 Bytes 10.10.2013 17:14:07
Konfiguration für den aktuellen Suchlauf:
Job Name..............................: Vollständige Systemprüfung
Konfigurationsdatei...................: C:\Program Files (x86)\Avira\AntiVir Desktop\sysscan.avp
Protokollierung.......................: standard
Primäre Aktion........................: Interaktiv
Sekundäre Aktion......................: Ignorieren
Durchsuche Masterbootsektoren.........: ein
Durchsuche Bootsektoren...............: ein
Bootsektoren..........................: C:,
Durchsuche aktive Programme...........: ein
Laufende Programme erweitert..........: ein
Durchsuche Registrierung..............: ein
Suche nach Rootkits...................: ein
Integritätsprüfung von Systemdateien..: aus
Prüfe alle Dateien....................: Alle Dateien
Durchsuche Archive....................: ein
Rekursionstiefe einschränken..........: 20
Archiv Smart Extensions...............: ein
Makrovirenheuristik...................: ein
Dateiheuristik........................: erweitert
Beginn des Suchlaufs: Freitag, 25. Oktober 2013 22:12
Der Suchlauf über die Bootsektoren wird begonnen:
Bootsektor 'HDD0(C:)'
[INFO] Es wurde kein Virus gefunden!
Der Suchlauf nach versteckten Objekten wird begonnen.
Der Suchlauf über gestartete Prozesse wird begonnen:
Durchsuche Prozess 'svchost.exe' - '39' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '96' Modul(e) wurden durchsucht
Durchsuche Prozess 'dwm.exe' - '37' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '177' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '62' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '99' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '60' Modul(e) wurden durchsucht
Durchsuche Prozess 'spoolsv.exe' - '68' Modul(e) wurden durchsucht
Durchsuche Prozess 'sched.exe' - '55' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'armsvc.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'avguard.exe' - '102' Modul(e) wurden durchsucht
Durchsuche Prozess 'taskhostex.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'Explorer.EXE' - '199' Modul(e) wurden durchsucht
Durchsuche Prozess 'avshadow.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '48' Modul(e) wurden durchsucht
Durchsuche Prozess 'LiveComm.exe' - '82' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchIndexer.exe' - '57' Modul(e) wurden durchsucht
Durchsuche Prozess 'RuntimeBroker.exe' - '35' Modul(e) wurden durchsucht
Durchsuche Prozess 'dashost.exe' - '53' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '51' Modul(e) wurden durchsucht
Durchsuche Prozess 'firefox.exe' - '111' Modul(e) wurden durchsucht
Durchsuche Prozess 'avgnt.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'DllHost.exe' - '25' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '16' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmpnetwk.exe' - '75' Modul(e) wurden durchsucht
Durchsuche Prozess 'plugin-container.exe' - '73' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_9_900_117.exe' - '46' Modul(e) wurden durchsucht
Durchsuche Prozess 'FlashPlayerPlugin_11_9_900_117.exe' - '56' Modul(e) wurden durchsucht
Durchsuche Prozess 'avcenter.exe' - '90' Modul(e) wurden durchsucht
Durchsuche Prozess 'avscan.exe' - '110' Modul(e) wurden durchsucht
Durchsuche Prozess 'vssvc.exe' - '36' Modul(e) wurden durchsucht
Durchsuche Prozess 'svchost.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '26' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchProtocolHost.exe' - '29' Modul(e) wurden durchsucht
Durchsuche Prozess 'SearchFilterHost.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'wmiprvse.exe' - '42' Modul(e) wurden durchsucht
Durchsuche Prozess 'TrustedInstaller.exe' - '23' Modul(e) wurden durchsucht
Durchsuche Prozess 'TiWorker.exe' - '50' Modul(e) wurden durchsucht
Durchsuche Prozess 'smss.exe' - '2' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'csrss.exe' - '11' Modul(e) wurden durchsucht
Durchsuche Prozess 'wininit.exe' - '15' Modul(e) wurden durchsucht
Durchsuche Prozess 'winlogon.exe' - '27' Modul(e) wurden durchsucht
Durchsuche Prozess 'services.exe' - '24' Modul(e) wurden durchsucht
Durchsuche Prozess 'lsass.exe' - '59' Modul(e) wurden durchsucht
Der Suchlauf auf Verweise zu ausführbaren Dateien (Registry) wird begonnen:
Die Registry wurde durchsucht ( '1117' Dateien ).
Der Suchlauf über die ausgewählten Dateien wird begonnen:
Beginne mit der Suche in 'C:\'
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0016.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
Beginne mit der Desinfektion:
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0016.dta
[FUND] Ist das Trojanische Pferd TR/Offend.6788456
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '558d76a3.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0012.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4d1a5904.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0011.dta
[FUND] Ist das Trojanische Pferd TR/ATRAPS.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '1f4503ec.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0010.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '79724c2e.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0009.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '3cf66110.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0008.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '43ed5371.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0007.dta
[FUND] Ist das Trojanische Pferd TR/Rootkit.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '0f557f3b.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0006.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.XPACK.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '734d3f6b.qua' verschoben!
C:\TDSSKiller_Quarantine\25.10.2013_21.45.02\tdlfs0000\tsk0005.dta
[FUND] Ist das Trojanische Pferd TR/Crypt.ZPACK.Gen2
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '5e171026.qua' verschoben!
Ende des Suchlaufs: Freitag, 25. Oktober 2013 22:38
Benötigte Zeit: 25:15 Minute(n)
Der Suchlauf wurde vollständig durchgeführt.
19192 Verzeichnisse wurden überprüft
117416 Dateien wurden geprüft
9 Viren bzw. unerwünschte Programme wurden gefunden
0 Dateien wurden als verdächtig eingestuft
0 Dateien wurden gelöscht
0 Viren bzw. unerwünschte Programme wurden repariert
9 Dateien wurden in die Quarantäne verschoben
0 Dateien wurden umbenannt
0 Dateien konnten nicht durchsucht werden
117407 Dateien ohne Befall
582 Archive wurden durchsucht
0 Warnungen
9 Hinweise
424617 Objekte wurden beim Rootkitscan durchsucht
0 Versteckte Objekte wurden gefunden
|
|
25.10.2013, 23:34
| #9 | |
| /// TB-Ausbilder | Bootsektorvirus BOO/TDss.oZitat:
Die Malware hatte dein bootrec /fixmbr und anschliessende Neu-Installation nicht überlebt. Avira hat nur noch eine übriggebliebene kleine Malwarepartition gesehen und gemeldet, der Bootsektorvirus selbst war aber schon tot.
__________________ cheers, Leo |
|
17.11.2013, 22:08
| #10 |
| /// TB-Ausbilder | Bootsektorvirus BOO/TDss.o Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
Linear-Darstellung
