Hallo Schrauber,
es wurden 3 threats gefunden.
hier das Log: Code:
23:01:11.0539 0x17b8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
23:01:21.0612 0x17b8 ============================================================
23:01:21.0613 0x17b8 Current date / time: 2014/08/07 23:01:21.0612
23:01:21.0613 0x17b8 SystemInfo:
23:01:21.0613 0x17b8
23:01:21.0615 0x17b8 OS Version: 6.0.6002 ServicePack: 2.0
23:01:21.0615 0x17b8 Product type: Workstation
23:01:21.0615 0x17b8 ComputerName: C-NOTEBOOK
23:01:21.0617 0x17b8 UserName: ********************
23:01:21.0617 0x17b8 Windows directory: C:\Windows
23:01:21.0617 0x17b8 System windows directory: C:\Windows
23:01:21.0617 0x17b8 Processor architecture: Intel x86
23:01:21.0617 0x17b8 Number of processors: 2
23:01:21.0617 0x17b8 Page size: 0x1000
23:01:21.0617 0x17b8 Boot type: Normal boot
23:01:21.0617 0x17b8 ============================================================
23:01:22.0032 0x17b8 KLMD registered as C:\Windows\system32\drivers\09278041.sys
23:01:22.0489 0x17b8 System UUID: {6C8A1B6B-9CE8-2C1D-B0BF-C248C8B2BB4B}
23:01:23.0519 0x17b8 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
23:01:23.0521 0x17b8 ============================================================
23:01:23.0521 0x17b8 \Device\Harddisk0\DR0:
23:01:23.0522 0x17b8 MBR partitions:
23:01:23.0522 0x17b8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x1202E000
23:01:23.0522 0x17b8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1342E800, BlocksNum 0x11FFF800
23:01:23.0522 0x17b8 ============================================================
23:01:23.0619 0x17b8 C: <-> \Device\Harddisk0\DR0\Partition1
23:01:23.0694 0x17b8 D: <-> \Device\Harddisk0\DR0\Partition2
23:01:23.0695 0x17b8 ============================================================
23:01:23.0695 0x17b8 Initialize success
23:01:23.0695 0x17b8 ============================================================
23:02:14.0780 0x0874 ============================================================
23:02:14.0780 0x0874 Scan started
23:02:14.0780 0x0874 Mode: Manual; SigCheck; TDLFS;
23:02:14.0780 0x0874 ============================================================
23:02:14.0780 0x0874 KSN ping started
23:02:28.0428 0x0874 KSN ping finished: true
23:02:41.0829 0x0874 ================ Scan system memory ========================
23:02:41.0830 0x0874 System memory - ok
23:02:41.0831 0x0874 ================ Scan services =============================
23:02:42.0066 0x0874 [ 7EEB488346FBFA3731276C3EE8A8FD9E, 97D2E49C2E615E38E8176F1C1551BF452CC6A00787FF90845EFF27A4E6E20B1F ] AAV UpdateService C:\Program Files\Akademische Arbeitsgemeinschaft\AAVUpdateManager\aavus.exe
23:02:42.0477 0x0874 AAV UpdateService - ok
23:02:42.0915 0x0874 [ 82B296AE1892FE3DBEE00C9CF92F8AC7, 54B22BA63E1DA616B546992141B0C3117BA057283B8F60CB9BECE203661FEBF3 ] ACPI C:\Windows\system32\drivers\acpi.sys
23:02:42.0951 0x0874 ACPI - ok
23:02:43.0153 0x0874 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
23:02:43.0176 0x0874 AdobeARMservice - ok
23:02:43.0331 0x0874 [ 04F0FCAC69C7C71A3AC4EB97FAFC8303, FBBDD38574A1F66A5AA12B82E34FDE60B870180C4B7100C15757539DC869ED4B ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
23:02:43.0463 0x0874 adp94xx - ok
23:02:43.0561 0x0874 [ 60505E0041F7751BDBB80F88BF45C2CE, 1DE16042B8ABD7B643189E836DE273832EE743FD66AFBB641E8049C4E0CD04D8 ] adpahci C:\Windows\system32\drivers\adpahci.sys
23:02:43.0724 0x0874 adpahci - ok
23:02:43.0757 0x0874 [ 8A42779B02AEC986EAB64ECFC98F8BD7, B89938EFF4E81FA44197D2D839EBD3340DDE01FBC79605049C088621784C1B91 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
23:02:43.0815 0x0874 adpu160m - ok
23:02:43.0882 0x0874 [ 241C9E37F8CE45EF51C3DE27515CA4E5, 1A03E93DD8C1F3640C96124A14A3D0F4E349B06CCA2118CE40B8AE201A4030A7 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
23:02:43.0941 0x0874 adpu320 - ok
23:02:44.0023 0x0874 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
23:02:44.0304 0x0874 AeLookupSvc - ok
23:02:44.0393 0x0874 [ F5272A105F59A7B3B345D9D6D87DA7AD, 9E84776994D04240BF2537330DBB555EDE16DFCFC59DEDCBA05A44ED7F70BEFA ] AFD C:\Windows\system32\drivers\afd.sys
23:02:44.0496 0x0874 AFD - ok
23:02:44.0619 0x0874 [ CE91B158FA490CF4C4D487A4130F4660, C343AEB125B15E6FC8428499E1C48390EF5073FACB0DC9BAB9040EFB170D04A5 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
23:02:44.0926 0x0874 AgereSoftModem - ok
23:02:44.0991 0x0874 [ 13F9E33747E6B41A3FF305C37DB0D360, 066DD6060B1CF93F85BBAAA52848C801128CD294E8B7EACD912E0EF219DBFBC2 ] agp440 C:\Windows\system32\drivers\agp440.sys
23:02:45.0013 0x0874 agp440 - ok
23:02:45.0064 0x0874 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
23:02:45.0102 0x0874 aic78xx - ok
23:02:45.0136 0x0874 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
23:02:45.0277 0x0874 ALG - ok
23:02:45.0302 0x0874 [ 9EAEF5FC9B8E351AFA7E78A6FAE91F91, 0EADB6AE21FEDAB55D41F41B638198B556CC2BE2EE57F6C8B40EB044A318319F ] aliide C:\Windows\system32\drivers\aliide.sys
23:02:45.0360 0x0874 aliide - ok
23:02:45.0390 0x0874 [ C47344BC706E5F0B9DCE369516661578, 689C9CDAF6F38227F1C34359CAEB3C7798F318EDFD4B7FE532FBE3C8E4EE3DC8 ] amdagp C:\Windows\system32\drivers\amdagp.sys
23:02:45.0414 0x0874 amdagp - ok
23:02:45.0450 0x0874 [ 9B78A39A4C173FDBC1321E0DD659B34C, 2CA66EB68AD7A317D91C13B8CFD4E8CA985926A610D19595B613F5553B145C7B ] amdide C:\Windows\system32\drivers\amdide.sys
23:02:45.0488 0x0874 amdide - ok
23:02:45.0554 0x0874 [ 18F29B49AD23ECEE3D2A826C725C8D48, 0FA08882301D218E367E63E1966B6406220EE94BAE7E7DAD6E55EB70BF6FED7F ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
23:02:45.0618 0x0874 AmdK7 - ok
23:02:45.0638 0x0874 [ 93AE7F7DD54AB986A6F1A1B37BE7442D, ECE0ABA2DECEED94AC678240A4B604F04022F0740F2295CBD07D25F5917E878A ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
23:02:45.0802 0x0874 AmdK8 - ok
23:02:46.0015 0x0874 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
23:02:46.0052 0x0874 AntiVirSchedulerService - ok
23:02:46.0142 0x0874 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files\Avira\AntiVir Desktop\avguard.exe
23:02:46.0190 0x0874 AntiVirService - ok
23:02:46.0233 0x0874 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
23:02:46.0312 0x0874 Appinfo - ok
23:02:46.0342 0x0874 [ 5D2888182FB46632511ACEE92FDAD522, 2E53231ACAF9B2FB7993DBC1CD15C06D7B0CCE0D08DAFF7B0CC13A2040028A75 ] arc C:\Windows\system32\drivers\arc.sys
23:02:46.0366 0x0874 arc - ok
23:02:46.0402 0x0874 [ 5E2A321BD7C8B3624E41FDEC3E244945, 9D47FF6C823868F2267FEFAB5851D3CD2BC3F619A2D6EFF803EA22DB0509C450 ] arcsas C:\Windows\system32\drivers\arcsas.sys
23:02:46.0426 0x0874 arcsas - ok
23:02:46.0787 0x0874 [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
23:02:46.0885 0x0874 aspnet_state - ok
23:02:46.0949 0x0874 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
23:02:47.0000 0x0874 AsyncMac - ok
23:02:47.0048 0x0874 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
23:02:47.0088 0x0874 atapi - ok
23:02:47.0163 0x0874 [ 91E15B0A1D6F7B99ACE55D04C6D1544A, 23988261D07D009437F6AD78641E44E690058E85A5C81568DAE999679EE58112 ] athr C:\Windows\system32\DRIVERS\athr.sys
23:02:47.0268 0x0874 athr - ok
23:02:47.0344 0x0874 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
23:02:47.0400 0x0874 AudioEndpointBuilder - ok
23:02:47.0414 0x0874 [ 68E2A1A0407A66CF50DA0300852424AB, 5FFDAE4E477C90A855081B5120582810471F67D3E9C343779A7AFB8D684D16F8 ] Audiosrv C:\Windows\System32\Audiosrv.dll
23:02:47.0447 0x0874 Audiosrv - ok
23:02:47.0529 0x0874 [ B0A63DD71CB0CB597D8BD5C364E73F7C, 572B31F3FC962F50110D42A08CDD0614323E18C213575710CEEFA35EE7CAE8C5 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
23:02:47.0607 0x0874 avgntflt - ok
23:02:47.0654 0x0874 [ 05AF7CBF0BDA1571BBADC36703EB9CA4, 3925AD58053769D317D3CF0DDDF7371B010F2F4C839CF7B44F327AE9D0AB5442 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
23:02:47.0679 0x0874 avipbb - ok
23:02:47.0795 0x0874 [ 8F9FB2E345549C1432249BDB8B9C1C0A, 337370238116022987D3CA957CFDAC9D953990F2AC513ACBFBA2D05E35A5F400 ] Avira.OE.ServiceHost C:\Program Files\Avira\My Avira\Avira.OE.ServiceHost.exe
23:02:47.0817 0x0874 Avira.OE.ServiceHost - ok
23:02:47.0874 0x0874 [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
23:02:47.0905 0x0874 avkmgr - ok
23:02:47.0996 0x0874 [ 08015D34F6FDD0B355805BAD978497C3, AAD5F919215B8630DCCADF2AC8DC82BAA543C52B1682B476093E014532B20EBD ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
23:02:48.0263 0x0874 bcm4sbxp - ok
23:02:48.0429 0x0874 [ 6163664C7E9CD110AF70180C126C3FDC, 9A801295CDE2BDE4EE0E96C610E4C01F6915DBDA2104D0E8873AFF1BC34A0FA1 ] BcmSqlStartupSvc C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe
23:02:48.0448 0x0874 BcmSqlStartupSvc - ok
23:02:48.0471 0x0874 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
23:02:48.0557 0x0874 Beep - ok
23:02:48.0648 0x0874 [ C789AF0F724FDA5852FB9A7D3A432381, 4B0F7A3A8F2D45E49630D24F2630B8014BCDB793B9C6E83FD2B2863A54F62BF5 ] BFE C:\Windows\System32\bfe.dll
23:02:48.0733 0x0874 BFE - ok
23:02:48.0998 0x0874 [ 93952506C6D67330367F7E7934B6A02F, 1D9A6B10B9489C1A32F730E22CC399BFF0796E3FCB3BA52BE45ED487CAC59EBD ] BITS C:\Windows\System32\qmgr.dll
23:02:49.0169 0x0874 BITS - ok
23:02:49.0225 0x0874 [ D4DF28447741FD3D953526E33A617397, E7239BA432090F8AC7DF453DB876507CD4419ECA964D289408A1B2B353618693 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
23:02:49.0296 0x0874 blbdrive - ok
23:02:49.0367 0x0874 [ 35F376253F687BDE63976CCB3F2108CA, C5EF6301D7BC067050038DB75D961681D1CBE418285AD60167C1334B0B54DFE9 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
23:02:49.0445 0x0874 bowser - ok
23:02:49.0484 0x0874 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
23:02:49.0545 0x0874 BrFiltLo - ok
23:02:49.0561 0x0874 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
23:02:49.0623 0x0874 BrFiltUp - ok
23:02:49.0652 0x0874 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
23:02:49.0720 0x0874 Browser - ok
23:02:49.0783 0x0874 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
23:02:49.0882 0x0874 Brserid - ok
23:02:49.0897 0x0874 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
23:02:49.0962 0x0874 BrSerWdm - ok
23:02:49.0973 0x0874 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
23:02:50.0033 0x0874 BrUsbMdm - ok
23:02:50.0085 0x0874 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
23:02:50.0154 0x0874 BrUsbSer - ok
23:02:50.0237 0x0874 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
23:02:50.0289 0x0874 BthEnum - ok
23:02:50.0342 0x0874 [ AD07C1EC6665B8B35741AB91200C6B68, DCE1305A30D6713222A01C1F1D03ED0ADABE23C742CE1E82BB142531B82A3FF7 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
23:02:50.0404 0x0874 BTHMODEM - ok
23:02:50.0422 0x0874 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
23:02:50.0481 0x0874 BthPan - ok
23:02:50.0544 0x0874 [ 671134053D59E23704F08DB19F11E10B, 7AFE5B6646B9A38EFAF127B7C820463CC06C4B8B82BC76259DA346B51377EA0B ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
23:02:50.0646 0x0874 BTHPORT - ok
23:02:50.0724 0x0874 [ A4C8377FA4A994E07075107DBE2E3DCE, C3CDAA7B83D130100044341C23897CC6C257FA075A8D08B8551F4A28AE8CE6C4 ] BthServ C:\Windows\System32\bthserv.dll
23:02:50.0759 0x0874 BthServ - ok
23:02:50.0775 0x0874 [ 93D7007E2C660DFCCA6AE72622740B14, 3483FD5060CE7FB9208A8016D5D79EC88DA63BF6C656EFC476AAA3D912DB451F ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
23:02:50.0843 0x0874 BTHUSB - ok
23:02:50.0932 0x0874 [ 3EA1A20DC0CA1AD23E7AA8C37A91BCD1, 4AF75222BF49EBFA93C98DF206D715DFE2B5EB742BDE06622256F628A756AAD6 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
23:02:50.0953 0x0874 btwaudio - ok
23:02:51.0003 0x0874 [ 195872E48A7FB01F8BC9B800F70F4054, 5F37D7CE44F00791241911BA1E77AD5DAD22C08584F19367BBE27BBFA3484616 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
23:02:51.0033 0x0874 btwavdt - ok
23:02:51.0358 0x0874 [ 0724E7D6C9B6A289EDDDA33FA8176E80, 836BFED3A4A374AB1C699D950D87A0709F529FD65B860890699584640490DBE8 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
23:02:51.0379 0x0874 btwrchid - ok
23:02:51.0547 0x0874 catchme - ok
23:02:51.0575 0x0874 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
23:02:51.0640 0x0874 cdfs - ok
23:02:51.0691 0x0874 [ 6B4BFFB9BECD728097024276430DB314, 4451EFEAD37B05C8A3CB610B6D72E73B55D3D1E1CC1B17405598C1EDAA93C2D5 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
23:02:51.0753 0x0874 cdrom - ok
23:02:51.0806 0x0874 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] CertPropSvc C:\Windows\System32\certprop.dll
23:02:51.0869 0x0874 CertPropSvc - ok
23:02:51.0972 0x0874 [ E5D4133F37219DBCFE102BC61072589D, 74C7F8C53D9C71CE3C8B33BC0331948571318402B0A8E1AC4552360504092A46 ] circlass C:\Windows\system32\drivers\circlass.sys
23:02:52.0084 0x0874 circlass - ok
23:02:52.0162 0x0874 [ D7659D3B5B92C31E84E53C1431F35132, 6BFE644AD9890A8CEEDCC4B97ADD564AD57202FBC5D21599469E0C4B31BB27C6 ] CLFS C:\Windows\system32\CLFS.sys
23:02:52.0195 0x0874 CLFS - ok
23:02:52.0304 0x0874 [ 8EE772032E2FE80A924F3B8DD5082194, B743DF91563A22CC15D9B44105804B5866A29D3DFC156DBE88DFAFEF903B94C0 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
23:02:52.0327 0x0874 clr_optimization_v2.0.50727_32 - ok
23:02:52.0389 0x0874 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
23:02:52.0460 0x0874 clr_optimization_v4.0.30319_32 - ok
23:02:52.0517 0x0874 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
23:02:52.0558 0x0874 CmBatt - ok
23:02:52.0590 0x0874 [ 0CA25E686A4928484E9FDABD168AB629, C2CB2333CAB40CDF93219870E66700F957188C86A1B1A004BC4652953091E5C5 ] cmdide C:\Windows\system32\drivers\cmdide.sys
23:02:52.0611 0x0874 cmdide - ok
23:02:52.0629 0x0874 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
23:02:52.0649 0x0874 Compbatt - ok
23:02:52.0682 0x0874 COMSysApp - ok
23:02:52.0688 0x0874 [ 741E9DFF4F42D2D8477D0FC1DC0DF871, 06EA43D771E3455F943AB624CC00C2259FE5E561164908630755E933EF44A522 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
23:02:52.0716 0x0874 crcdisk - ok
23:02:52.0737 0x0874 [ 1F07BECDCA750766A96CDA811BA86410, F4E36F0003184BCB36D59B23AC903421AD8C0A1FD2D6315E06375235ABC9A0AD ] Crusoe C:\Windows\system32\drivers\crusoe.sys
23:02:52.0786 0x0874 Crusoe - ok
23:02:52.0854 0x0874 [ 684C130BBC6DB681BAD4920A4C944AA5, DDE434B206984808351C98500824A33E6740B4326C455066027F8D549D4C3B92 ] CryptSvc C:\Windows\system32\cryptsvc.dll
23:02:52.0927 0x0874 CryptSvc - ok
23:02:53.0169 0x0874 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] DcomLaunch C:\Windows\system32\rpcss.dll
23:02:53.0281 0x0874 DcomLaunch - ok
23:02:53.0348 0x0874 [ 622C41A07CA7E6DD91770F50D532CB6C, 2A9040949CB45F9970FDE930278F30D2F08E957290CB3D4DC4F2CA94F3D444D2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
23:02:53.0424 0x0874 DfsC - ok
23:02:53.0562 0x0874 [ 2CC3DCFB533A1035B13DCAB6160AB38B, C88C91F662ADE248EEE3B568E70C2BC2D5075B7D9B7D3C63E83D011C5F7812B0 ] DFSR C:\Windows\system32\DFSR.exe
23:02:53.0813 0x0874 DFSR - ok
23:02:53.0887 0x0874 [ 9028559C132146FB75EB7ACF384B086A, 35159D86706441ED94895B4629411B4445FCB4526AFD1F7036EE647931B7A94D ] Dhcp C:\Windows\System32\dhcpcsvc.dll
23:02:53.0981 0x0874 Dhcp - ok
23:02:54.0033 0x0874 [ 5D4AEFC3386920236A548271F8F1AF6A, 11B74D6800EC6F7AAEFB0B6A9F2E8376C7C3B8DB677F03AC3743CB004CA96B08 ] disk C:\Windows\system32\drivers\disk.sys
23:02:54.0056 0x0874 disk - ok
23:02:54.0150 0x0874 [ 57D762F6F5974AF0DA2BE88A3349BAAA, D9E7DC8F9FB7837F88BBB95B52147AA80E688FB9762EEA99B8046D9C6AD48F3C ] Dnscache C:\Windows\System32\dnsrslvr.dll
23:02:54.0217 0x0874 Dnscache - ok
23:02:54.0262 0x0874 [ 324FD74686B1EF5E7C19A8AF49E748F6, DC6EB4304555B60DD17E04D20DFE4E279718E4041A9310DE29E678834BB22C5B ] dot3svc C:\Windows\System32\dot3svc.dll
23:02:54.0314 0x0874 dot3svc - ok
23:02:54.0343 0x0874 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
23:02:54.0422 0x0874 DPS - ok
23:02:54.0451 0x0874 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
23:02:54.0520 0x0874 drmkaud - ok
23:02:54.0647 0x0874 [ 988670D8343EF9835FB3659DB71B2EFA, 5F5370FDD08C4BFF0828341952E98E95F722CB779EEC08C9DD6212C4DF3CD33B ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
23:02:54.0775 0x0874 DXGKrnl - ok
23:02:54.0811 0x0874 [ 5425F74AC0C1DBD96A1E04F17D63F94C, AD133CEDCDEA75420C75A91BB4CF7152475D46ED7B7703E3BAE5F9946D610292 ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
23:02:54.0852 0x0874 E1G60 - ok
23:02:54.0904 0x0874 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
23:02:55.0050 0x0874 EapHost - ok
23:02:55.0106 0x0874 [ 7F64EA048DCFAC7ACF8B4D7B4E6FE371, F3E9CF5D8E9124CB06F08454C5F0E510DE19A92780151FB2F8A58A0905D59B8F ] Ecache C:\Windows\system32\drivers\ecache.sys
23:02:55.0138 0x0874 Ecache - ok
23:02:55.0280 0x0874 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
23:02:55.0350 0x0874 ehRecvr - ok
23:02:55.0370 0x0874 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
23:02:55.0419 0x0874 ehSched - ok
23:02:55.0436 0x0874 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
23:02:55.0465 0x0874 ehstart - ok
23:02:55.0518 0x0874 [ 23B62471681A124889978F6295B3F4C6, A90C521F06125B86A26EA625B0E7F811AF7D328E1313165E7AD4A83596A23819 ] elxstor C:\Windows\system32\drivers\elxstor.sys
23:02:55.0574 0x0874 elxstor - ok
23:02:55.0684 0x0874 [ 4E6B23DFC917EA39306B529B773950F4, C4BA77632B4BD46C4C1797F7F57399DB506D3EB6E5A0A36C269A793DAA3445C2 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
23:02:55.0851 0x0874 EMDMgmt - ok
23:02:55.0899 0x0874 [ 3DB974F3935483555D7148663F726C61, C288CFC04213B0340ABEC752C0A7B308B29122B5F51E68387BA1D9E9D7166FDD ] ErrDev C:\Windows\system32\drivers\errdev.sys
23:02:55.0947 0x0874 ErrDev - ok
23:02:56.0003 0x0874 [ 67058C46504BC12D821F38CF99B7B28F, E8D19F305F78BCA1DA8425315F2C77A377CD51E3CC54323DC2FF355120EA097D ] EventSystem C:\Windows\system32\es.dll
23:02:56.0070 0x0874 EventSystem - ok
23:02:56.0182 0x0874 [ 87BFD4EF2F43399DA37B48B42A84A749, DCD62246CBD60708C0F97F403F557410FBD09E726A1FA2F87351EB38F5A32CC8 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
23:02:56.0283 0x0874 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
23:02:58.0791 0x0874 Detect skipped due to KSN trusted
23:02:58.0791 0x0874 EvtEng - ok
23:02:58.0869 0x0874 [ 22B408651F9123527BCEE54B4F6C5CAE, 31AF9649333A9496A9224001266D1B68CE2A31B9FB182A755D127FC5492AA6B2 ] exfat C:\Windows\system32\drivers\exfat.sys
23:02:58.0928 0x0874 exfat - ok
23:02:58.0971 0x0874 [ 1E9B9A70D332103C52995E957DC09EF8, 7E709D545D4025A2E9F3489CF2A231040904CB53E3E4EEAC15A22468FAB2A5B3 ] fastfat C:\Windows\system32\drivers\fastfat.sys
23:02:59.0006 0x0874 fastfat - ok
23:02:59.0076 0x0874 [ AFE1E8B9782A0DD7FB46BBD88E43F89A, B4CBE1DC3430F2F3485F49007C71293D5B86E9C405741EA00A67B00A38BE1F8D ] fdc C:\Windows\system32\DRIVERS\fdc.sys
23:02:59.0124 0x0874 fdc - ok
23:02:59.0167 0x0874 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
23:02:59.0224 0x0874 fdPHost - ok
23:02:59.0249 0x0874 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
23:02:59.0330 0x0874 FDResPub - ok
23:02:59.0353 0x0874 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
23:02:59.0377 0x0874 FileInfo - ok
23:02:59.0387 0x0874 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
23:02:59.0428 0x0874 Filetrace - ok
23:02:59.0449 0x0874 [ 85B7CF99D532820495D68D747FDA9EBD, 682D35D219D1AFBE51CF0AB03F2D3E15C940F5AF291C1A611A19F4D279143F3C ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
23:02:59.0483 0x0874 flpydisk - ok
23:02:59.0543 0x0874 [ 01334F9EA68E6877C4EF05D3EA8ABB05, 82F8AA6AD2B5077898773D4A5814819EAF0E872FFD95894E06FEDAB6EE92CF99 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
23:02:59.0591 0x0874 FltMgr - ok
23:02:59.0681 0x0874 [ 2AFA3A46986AE935DAECEBC7E66314CF, 747FAF9B7F8291B83EE44B91E5708395E749DC87BD42CC3BF2CD41209C298F4D ] FontCache C:\Windows\system32\FntCache.dll
23:02:59.0815 0x0874 FontCache - ok
23:02:59.0939 0x0874 [ C7FBDD1ED42F82BFA35167A5C9803EA3, 372FF71070D5ECE17342466A690737A0622E93C98DBED8172C49B0854F0012B7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
23:02:59.0964 0x0874 FontCache3.0.0.0 - ok
23:03:00.0011 0x0874 [ B972A66758577E0BFD1DE0F91AAA27B5, E934034F3F740A83D4E7ABCD2C581845AC2945B0BCCAACF65CC3F99A1DBDE455 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
23:03:00.0078 0x0874 Fs_Rec - ok
23:03:00.0129 0x0874 [ 34582A6E6573D54A07ECE5FE24A126B5, 5F45DC38F8015AD90616EAD3B57820CCD284938A96B2C4E1FF5FC7BDEE8A848D ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
23:03:00.0152 0x0874 gagp30kx - ok
23:03:00.0253 0x0874 [ CD5D0AEEE35DFD4E986A5AA1500A6E66, DCED5126837292593F1C1B35DF18E3B631D6C0C6D0742B77C7B7742C55A7825F ] gpsvc C:\Windows\System32\gpsvc.dll
23:03:00.0382 0x0874 gpsvc - ok
23:03:00.0432 0x0874 [ 3F90E001369A07243763BD5A523D8722, 25907F85787D879E75C3FE74C93567382AFB2D528BEEC61D71E3A6BE2D71DFBE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
23:03:00.0479 0x0874 HdAudAddService - ok
23:03:00.0553 0x0874 [ 062452B7FFD68C8C042A6261FE8DFF4A, DD9873502456D3C058C6177AC223B28C71370E624FA0814C17EA3D93201F2B56 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
23:03:00.0676 0x0874 HDAudBus - ok
23:03:00.0711 0x0874 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
23:03:00.0765 0x0874 HidBth - ok
23:03:00.0788 0x0874 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
23:03:00.0861 0x0874 HidIr - ok
23:03:00.0900 0x0874 [ 84067081F3318162797385E11A8F0582, 11E32E3800CFCA37354388243F88D0239D622891BAC5483518A2BE5D1CA19015 ] hidserv C:\Windows\System32\hidserv.dll
23:03:00.0947 0x0874 hidserv - ok
23:03:00.0989 0x0874 [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
23:03:01.0036 0x0874 HidUsb - ok
23:03:01.0079 0x0874 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
23:03:01.0147 0x0874 hkmsvc - ok
23:03:01.0170 0x0874 [ 16EE7B23A009E00D835CDB79574A91A6, 964AFE7D2F7E48C7DE7FDAB48F57ADC4AD44A0B2A9A03071E0E8D334007E5572 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
23:03:01.0192 0x0874 HpCISSs - ok
23:03:01.0244 0x0874 [ F870AA3E254628EBEAFE754108D664DE, B0444E7D246AA1982094030ACB991690F6A7DD3FB07B1BB6A1BC0F3AA9718A70 ] HTTP C:\Windows\system32\drivers\HTTP.sys
23:03:01.0361 0x0874 HTTP - ok
23:03:01.0437 0x0874 [ 1720966D9C7EA5E2D78B6DB92D2F9171, B43521949F0557C9DC1DEC23A4A31D293FFBE721A937C90A2BCF6FCD1A216ADE ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
23:03:01.0515 0x0874 hwdatacard - ok
23:03:01.0637 0x0874 [ C6B032D69650985468160FC9937CF5B4, 4D5A944C70037F35A9DBA4F49F174455FA80ED7EAEDAA143F0A2C0E05AE585D8 ] i2omp C:\Windows\system32\drivers\i2omp.sys
23:03:01.0659 0x0874 i2omp - ok
23:03:01.0794 0x0874 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
23:03:01.0861 0x0874 i8042prt - ok
23:03:01.0995 0x0874 [ 496DB78E6A0C4C44023D9A92B4A7AC31, 2B44213C39F05090D2057E3A21C1718DFC4478E976D44255B6FA5C3B8CF20FFF ] ialm C:\Windows\system32\DRIVERS\igdkmd32.sys
23:03:02.0223 0x0874 ialm - ok
23:03:02.0296 0x0874 [ F263A9036F8897FFA2AE54685E03AD60, 8286D4BE1F684E2B0DB5258ADBBD679A9A9D95CC435FA6B7D394A9E94B0FBE89 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
23:03:02.0335 0x0874 iaStor - ok
23:03:02.0363 0x0874 [ 54155EA1B0DF185878E0FC9EC3AC3A14, 344A0793499261D2E4FF2FCCC70501329485F8E299EBC68953D07BA86F0D4729 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
23:03:02.0420 0x0874 iaStorV - ok
23:03:02.0529 0x0874 [ 98477B08E61945F974ED9FDC4CB6BDAB, C7E8F661F6FBF6AB493E950D2E70363496E155B1838CE7B490B981BD840B04FC ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
23:03:02.0650 0x0874 idsvc - ok
23:03:02.0685 0x0874 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
23:03:02.0706 0x0874 iirsp - ok
23:03:02.0900 0x0874 [ 4687EE0C0DD2CE5F7AAA9C2E33C1DC78, FA8EBED2778D9F7560ADC1B563954EEF98AAE651C0553F2803372B37B122AEB3 ] IKEEXT C:\Windows\System32\ikeext.dll
23:03:02.0979 0x0874 IKEEXT - ok
23:03:03.0096 0x0874 [ FFD2B3BC042596ABE785D3C15F51AB46, C2CA6E15FE95ADE211325CA907FBC213DB3B5E871DBD22CC485837FAB4E9BCEC ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
23:03:03.0301 0x0874 IntcAzAudAddService - ok
23:03:03.0367 0x0874 [ 83AA759F3189E6370C30DE5DC5590718, 7406FE41EA8FB80052517318CB72E2641E92E579FAFAF5E8DDDFF0BF8DAE773A ] intelide C:\Windows\system32\drivers\intelide.sys
23:03:03.0389 0x0874 intelide - ok
23:03:03.0409 0x0874 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
23:03:03.0456 0x0874 intelppm - ok
23:03:03.0488 0x0874 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
23:03:03.0569 0x0874 IPBusEnum - ok
23:03:03.0606 0x0874 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
23:03:03.0673 0x0874 IpFilterDriver - ok
23:03:03.0716 0x0874 [ 1998BD97F950680BB55F55A7244679C2, A4E8BB4C6B2AF4800BD5E0BA8725FD0927F8FB6751AEBF6DD16B59C414CCB9D8 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
23:03:03.0789 0x0874 iphlpsvc - ok
23:03:03.0794 0x0874 IpInIp - ok
23:03:03.0812 0x0874 [ B25AAF203552B7B3491139D582B39AD1, EA9C38F512F40FF12975A6719E6FE4D7EA93A4B2497103E0FDA5A4CD6033C0A6 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
23:03:03.0850 0x0874 IPMIDRV - ok
23:03:03.0898 0x0874 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
23:03:03.0937 0x0874 IPNAT - ok
23:03:03.0960 0x0874 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
23:03:03.0994 0x0874 IRENUM - ok
23:03:04.0011 0x0874 [ 6C70698A3E5C4376C6AB5C7C17FB0614, 10FBCBA5A74AF5D136B152FD4D3DFA2A1F2CEBC3F979D5BA6DB98B3DCB2F7A07 ] isapnp C:\Windows\system32\drivers\isapnp.sys
23:03:04.0035 0x0874 isapnp - ok
23:03:04.0117 0x0874 [ 232FA340531D940AAC623B121A595034, 90C93F04D8A0094EEBD118F10223605B8169DA5F24C466F503CED5C014BD17B1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
23:03:04.0146 0x0874 iScsiPrt - ok
23:03:04.0192 0x0874 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
23:03:04.0225 0x0874 iteatapi - ok
23:03:04.0280 0x0874 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
23:03:04.0324 0x0874 iteraid - ok
23:03:04.0349 0x0874 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
23:03:04.0371 0x0874 kbdclass - ok
23:03:04.0379 0x0874 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
23:03:04.0430 0x0874 kbdhid - ok
23:03:04.0469 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] KeyIso C:\Windows\system32\lsass.exe
23:03:04.0514 0x0874 KeyIso - ok
23:03:04.0561 0x0874 [ EBC507F129DF8F0E0CA270DCFC0CF87F, 232E2C4118A3177019E111E23D02F669338AE251308DE9BEDE3869C1208D7F0B ] KMDFMEMIO C:\Windows\system32\DRIVERS\kmdfmemio.sys
23:03:04.0598 0x0874 KMDFMEMIO - ok
23:03:04.0657 0x0874 [ 4A1445EFA932A3BAF5BDB02D7131EE20, 9DD262ED72DF268FE024063788F54124E320D0775D8DC0C5CAD099CD5F655DA2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
23:03:04.0708 0x0874 KSecDD - ok
23:03:04.0741 0x0874 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
23:03:04.0793 0x0874 KtmRm - ok
23:03:04.0832 0x0874 [ 1BF5EEBFD518DD7298434D8C862F825D, F41C79410345C40B346EB5EDEA397ECD29ECB9B921AC3E19F9453E52A7B9288A ] LanmanServer C:\Windows\System32\srvsvc.dll
23:03:04.0909 0x0874 LanmanServer - ok
23:03:04.0965 0x0874 [ 1DB69705B695B987082C8BAEC0C6B34F, D395B272F6B69D4A9FC3CDEFD812EF0DBFECF3C1B1C787C7CC1E1A1B091B8DB3 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
23:03:05.0037 0x0874 LanmanWorkstation - ok
23:03:05.0117 0x0874 [ C215E09622118383B236DD56C2065183, AF5F7C8806BF9C203DB8AD9DA2062E31FF9A2282B5FE1222A3B9DEEB435EBAB4 ] LightScribeService C:\Program Files\Common Files\LightScribe\LSSrvc.exe
23:03:05.0163 0x0874 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
23:03:07.0526 0x0874 Detect skipped due to KSN trusted
23:03:07.0526 0x0874 LightScribeService - ok
23:03:07.0564 0x0874 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
23:03:07.0630 0x0874 lltdio - ok
23:03:07.0670 0x0874 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
23:03:07.0727 0x0874 lltdsvc - ok
23:03:07.0748 0x0874 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
23:03:07.0816 0x0874 lmhosts - ok
23:03:07.0855 0x0874 [ C7E15E82879BF3235B559563D4185365, 98C9268ADF6BAEB0522BB84BE6C98D0D6D5EB4BD27BB61412D208232164C8435 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
23:03:07.0880 0x0874 LSI_FC - ok
23:03:07.0910 0x0874 [ EE01EBAE8C9BF0FA072E0FF68718920A, 655924440E611278998226299645BC72B3627A8A057286DC8D65A162CFBBE484 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
23:03:07.0934 0x0874 LSI_SAS - ok
23:03:07.0958 0x0874 [ 912A04696E9CA30146A62AFA1463DD5C, 1D336D47B9D1C8449F29CDB776C092235E3D70CE53D9440970533E376EB004D3 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
23:03:07.0983 0x0874 LSI_SCSI - ok
23:03:08.0011 0x0874 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
23:03:08.0075 0x0874 luafv - ok
23:03:08.0091 0x0874 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
23:03:08.0159 0x0874 Mcx2Svc - ok
23:03:08.0202 0x0874 [ 0001CE609D66632FA17B84705F658879, D5F9758BDC2B733307B565A74B33F5581FB425A5A9F32CCFA307DA1569EBD6CD ] megasas C:\Windows\system32\drivers\megasas.sys
23:03:08.0224 0x0874 megasas - ok
23:03:08.0267 0x0874 [ C252F32CD9A49DBFC25ECF26EBD51A99, 47EC8F475AB62A00FAF989CD2C3ABDF2922588F75CC15C83CD99A62EF6400FB0 ] MegaSR C:\Windows\system32\drivers\megasr.sys
23:03:08.0372 0x0874 MegaSR - ok
23:03:08.0412 0x0874 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
23:03:08.0465 0x0874 MMCSS - ok
23:03:08.0494 0x0874 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
23:03:08.0541 0x0874 Modem - ok
23:03:08.0574 0x0874 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
23:03:08.0632 0x0874 monitor - ok
23:03:08.0655 0x0874 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
23:03:08.0677 0x0874 mouclass - ok
23:03:08.0703 0x0874 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
23:03:08.0736 0x0874 mouhid - ok
23:03:08.0767 0x0874 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
23:03:08.0800 0x0874 MountMgr - ok
23:03:08.0851 0x0874 [ F60E017313E0F1EEB21D87C434CF538D, 5418A716AD23E21FFF7CDACD0C4EF2CD7F1D45E391E72196B4D036DBF9E9559C ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
23:03:08.0879 0x0874 MozillaMaintenance - ok
23:03:08.0909 0x0874 [ 511D011289755DD9F9A7579FB0B064E6, 1FD0D0D5B6E08FE06F7A5D0821BCD859B0F98A6DEA58AAB7FB6C95B64212FFC8 ] mpio C:\Windows\system32\drivers\mpio.sys
23:03:08.0944 0x0874 mpio - ok
23:03:09.0028 0x0874 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
23:03:09.0058 0x0874 mpsdrv - ok
23:03:09.0103 0x0874 [ 5DE62C6E9108F14F6794060A9BDECAEC, 655E6645CC4A1EDBE5F51F5F80C7B504DD956851E788A6E4E4E08CDCDCE160D9 ] MpsSvc C:\Windows\system32\mpssvc.dll
23:03:09.0214 0x0874 MpsSvc - ok
23:03:09.0233 0x0874 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
23:03:09.0253 0x0874 Mraid35x - ok
23:03:09.0290 0x0874 [ 82CEA0395524AACFEB58BA1448E8325C, 16E37990A291C848DE35F48EA7E09AE5B258AE589EB08A3FA2C60DC1278DE182 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
23:03:09.0340 0x0874 MRxDAV - ok
23:03:09.0396 0x0874 [ 1E94971C4B446AB2290DEB71D01CF0C2, 4701AA1B419AEF735CB2DA34532B0F1844433272C36D79F4EB55807E39B923D1 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
23:03:09.0434 0x0874 mrxsmb - ok
23:03:09.0492 0x0874 [ 4FCCB34D793B116423209C0F8B7A3B03, 7A483AEB691ADBE82779F12F0BB1CCCBFFD7E92902EC1ADC99AB7D129F887143 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
23:03:09.0544 0x0874 mrxsmb10 - ok
23:03:09.0557 0x0874 [ C3CB1B40AD4A0124D617A1199B0B9D7C, B975A39DE6D324C6274B6E3B883F36082A958F028335CEB3A37F44481EB284B3 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
23:03:09.0582 0x0874 mrxsmb20 - ok
23:03:09.0618 0x0874 [ 28023E86F17001F7CD9B15A5BC9AE07D, FC7EAA592C5F796E3BCD7F7EF261709CD899B33FC8486E594A480F143D0D6320 ] msahci C:\Windows\system32\drivers\msahci.sys
23:03:09.0648 0x0874 msahci - ok
23:03:09.0699 0x0874 [ 4468B0F385A86ECDDAF8D3CA662EC0E7, EAEDC9CDD2EEC5000AF8190A4BE7729282576C3F88E64FDF57F455F5CECC81C9 ] msdsm C:\Windows\system32\drivers\msdsm.sys
23:03:09.0742 0x0874 msdsm - ok
23:03:09.0786 0x0874 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
23:03:09.0855 0x0874 MSDTC - ok
23:03:09.0900 0x0874 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
23:03:09.0953 0x0874 Msfs - ok
23:03:09.0992 0x0874 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
23:03:10.0014 0x0874 msisadrv - ok
23:03:10.0036 0x0874 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
23:03:10.0096 0x0874 MSiSCSI - ok
23:03:10.0121 0x0874 msiserver - ok
23:03:10.0149 0x0874 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
23:03:10.0250 0x0874 MSKSSRV - ok
23:03:10.0276 0x0874 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
23:03:10.0310 0x0874 MSPCLOCK - ok
23:03:10.0357 0x0874 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
23:03:10.0402 0x0874 MSPQM - ok
23:03:10.0445 0x0874 [ B49456D70555DE905C311BCDA6EC6ADB, 8E40586B3A1FAE9996459E0261726C9DD6A8D5F575604868C45604613385C92F ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
23:03:10.0474 0x0874 MsRPC - ok
23:03:10.0618 0x0874 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
23:03:10.0640 0x0874 mssmbios - ok
23:03:10.0715 0x0874 MSSQL$MSSMLBIZ - ok
23:03:10.0742 0x0874 [ 1D89EB4E2A99CABD4E81225F4F4C4B25, B9C4D956E3F74CB463A1A14287F4B550381FBB3E4B2DF9418E041E02A159E31E ] MSSQLServerADHelper C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe
23:03:10.0764 0x0874 MSSQLServerADHelper - ok
23:03:10.0807 0x0874 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
23:03:10.0868 0x0874 MSTEE - ok
23:03:10.0901 0x0874 [ 6A57B5733D4CB702C8EA4542E836B96C, 080FB0B01E949D24CDD6876125B3A72DA9F88845D8B9A1A425BCA99E7ACF6821 ] Mup C:\Windows\system32\Drivers\mup.sys
23:03:10.0934 0x0874 Mup - ok
23:03:10.0990 0x0874 [ E4EAF0C5C1B41B5C83386CF212CA9584, 5946C3DCE65A0DB164169A1775DFCA544AF4E1895ADF6916BB1653F373F8D9AF ] napagent C:\Windows\system32\qagentRT.dll
23:03:11.0074 0x0874 napagent - ok
23:03:11.0152 0x0874 [ 85C44FDFF9CF7E72A40DCB7EC06A4416, DC37C99C458CA69B33BFD3894187089E947F4F9C01EC2ED024FA8614989E0956 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
23:03:11.0193 0x0874 NativeWifiP - ok
23:03:11.0237 0x0874 [ 1357274D1883F68300AEADD15D7BBB42, EE6352CBF0D9D633816F338159CDA27F1A805C3DDC3402D8605B50D8F3CD3300 ] NDIS C:\Windows\system32\drivers\ndis.sys
23:03:11.0295 0x0874 NDIS - ok
23:03:11.0345 0x0874 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
23:03:11.0410 0x0874 NdisTapi - ok
23:03:11.0441 0x0874 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
23:03:11.0485 0x0874 Ndisuio - ok
23:03:11.0526 0x0874 [ 818F648618AE34F729FDB47EC68345C3, 5FC8F9237BD7FCE3C62D5BDDD49DC104BE2BECDC2FA8CDC1DB8F1891CBAA9140 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
23:03:11.0568 0x0874 NdisWan - ok
23:03:11.0582 0x0874 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
23:03:11.0615 0x0874 NDProxy - ok
23:03:11.0653 0x0874 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
23:03:11.0718 0x0874 NetBIOS - ok
23:03:11.0759 0x0874 [ ECD64230A59CBD93C85F1CD1CAB9F3F6, 83650D756C1F2768A2AAAFC7924F2A4316ABAEB1708F4B05803CDDD699B5AB6F ] netbt C:\Windows\system32\DRIVERS\netbt.sys
23:03:11.0818 0x0874 netbt - ok
23:03:11.0847 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] Netlogon C:\Windows\system32\lsass.exe
23:03:11.0864 0x0874 Netlogon - ok
23:03:11.0929 0x0874 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
23:03:11.0997 0x0874 Netman - ok
23:03:12.0045 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0112 0x0874 NetMsmqActivator - ok
23:03:12.0121 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0142 0x0874 NetPipeActivator - ok
23:03:12.0179 0x0874 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
23:03:12.0234 0x0874 netprofm - ok
23:03:12.0243 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0264 0x0874 NetTcpActivator - ok
23:03:12.0272 0x0874 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
23:03:12.0293 0x0874 NetTcpPortSharing - ok
23:03:12.0426 0x0874 [ 35D5458D9A1B26B2005ABFFBF4C1C5E7, EE044FB7A49336FEDA1BDBBD2AD7A4A163C780A6A464B7712688E0BA0B4E6C40 ] NETw3v32 C:\Windows\system32\DRIVERS\NETw3v32.sys
23:03:12.0697 0x0874 NETw3v32 - ok
23:03:12.0890 0x0874 [ 0B214C6A4728F085FB64A29ED9C4DE94, 5AB06F2D2826482BCD72A9D7574C1DD86FDE68DD67E7D4435F94B86817D4BC40 ] NETw5v32 C:\Windows\system32\DRIVERS\NETw5v32.sys
23:03:13.0432 0x0874 NETw5v32 - ok
23:03:13.0466 0x0874 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
23:03:13.0488 0x0874 nfrd960 - ok
23:03:13.0515 0x0874 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
23:03:13.0556 0x0874 NlaSvc - ok
23:03:13.0593 0x0874 [ D36F239D7CCE1931598E8FB90A0DBC26, DF9397411D0CE5A87E3346D4E6E25BEC537A21BCE196CC55FD999CD08FC4A637 ] Npfs C:\Windows\system32\drivers\Npfs.sys
23:03:13.0660 0x0874 Npfs - ok
23:03:13.0694 0x0874 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
23:03:13.0734 0x0874 nsi - ok
23:03:13.0782 0x0874 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
23:03:13.0831 0x0874 nsiproxy - ok
23:03:13.0942 0x0874 [ 2C1121F2B87E9A6B12485DF53CD848C7, E580428F3BA7B201C6C7CFADF1F44A6ECA4F589EDB034DA14260136236195936 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
23:03:14.0163 0x0874 Ntfs - ok
23:03:14.0187 0x0874 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
23:03:14.0249 0x0874 ntrigdigi - ok
23:03:14.0282 0x0874 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
23:03:14.0332 0x0874 Null - ok
23:03:15.0397 0x0874 [ 440690DA4358D9682DBCC56DA7D419AB, C6958DF3769665DCF59B39B499AE110253E2482B9E4F3C7A2BC3A75776E4E3EA ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
23:03:17.0728 0x0874 nvlddmkm - ok
23:03:17.0778 0x0874 [ 2EDF9E7751554B42CBB60116DE727101, 37A0AA78E83DBB5A788F7F067EB71DDF6CCC72A66BB41B209E1A5E2F68F8AF9B ] nvraid C:\Windows\system32\drivers\nvraid.sys
23:03:17.0834 0x0874 nvraid - ok
23:03:17.0864 0x0874 [ ABED0C09758D1D97DB0042DBB2688177, 84B9BF886EF9181915E8AB6D971446BC681E6DE4485DBECD62838EAFA10E7F46 ] nvstor C:\Windows\system32\drivers\nvstor.sys
23:03:17.0922 0x0874 nvstor - ok
23:03:18.0010 0x0874 [ 11E1DC466C3E384C1A697B95DC5AA785, F411BB0554A2F19252A4E2B32113C6E9836DFC56C6E856FAEB1A44F562309F98 ] nvsvc C:\Windows\system32\nvvsvc.exe
23:03:18.0113 0x0874 nvsvc - ok
23:03:18.0147 0x0874 [ 18BBDF913916B71BD54575BDB6EEAC0B, 5FBA165149AB09E869DCE35622E91CFC964BDD22B31A5E76CF12F1565402B207 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
23:03:18.0229 0x0874 nv_agp - ok
23:03:18.0234 0x0874 NwlnkFlt - ok
23:03:18.0240 0x0874 NwlnkFwd - ok
23:03:18.0559 0x0874 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
23:03:18.0854 0x0874 odserv - ok
23:03:18.0889 0x0874 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
23:03:19.0035 0x0874 ohci1394 - ok
23:03:19.0153 0x0874 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
23:03:19.0310 0x0874 ose - ok
23:03:19.0534 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2pimsvc C:\Windows\system32\p2psvc.dll
23:03:19.0805 0x0874 p2pimsvc - ok
23:03:19.0912 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] p2psvc C:\Windows\system32\p2psvc.dll
23:03:19.0998 0x0874 p2psvc - ok
23:03:20.0058 0x0874 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
23:03:20.0114 0x0874 Parport - ok
23:03:20.0182 0x0874 [ B9C2B89F08670E159F7181891E449CD9, BD48CE95CF4B75D1FD5FD379B2A8727BC000F2B6748B77636C6BDB0B37B0344A ] partmgr C:\Windows\system32\drivers\partmgr.sys
23:03:20.0216 0x0874 partmgr - ok
23:03:20.0253 0x0874 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
23:03:20.0382 0x0874 Parvdm - ok
23:03:20.0422 0x0874 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
23:03:20.0483 0x0874 PcaSvc - ok
23:03:20.0547 0x0874 [ 941DC1D19E7E8620F40BBC206981EFDB, 156142A8B587131D2D47074CBFD0A31F69B3C27A8C74C8C4F29DFE7B53BBA802 ] pci C:\Windows\system32\drivers\pci.sys
23:03:20.0576 0x0874 pci - ok
23:03:20.0633 0x0874 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
23:03:20.0736 0x0874 pciide - ok
23:03:20.0774 0x0874 [ B7C5A8769541900F6DFA6FE0C5E4D513, 1885FE8AE9D6929E8B43D674B43B7B3FEAA25AF6E45973A0B49CBA7B9CBA34C4 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
23:03:20.0804 0x0874 pcmcia - ok
23:03:20.0865 0x0874 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
23:03:21.0033 0x0874 PEAUTH - ok
23:03:21.0179 0x0874 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
23:03:21.0395 0x0874 pla - ok
23:03:21.0442 0x0874 [ C5E7F8A996EC0A82D508FD9064A5569E, 416A93816CDF12DD42DEA796D37E6E2000D3172AAAB20D3EAD3B715DACD4B61F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
23:03:21.0505 0x0874 PlugPlay - ok
23:03:21.0614 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
23:03:21.0670 0x0874 PNRPAutoReg - ok
23:03:21.0699 0x0874 [ 0C8E8E61AD1EB0B250B846712C917506, 8F23657B90BFFCD7273B93EDA2D3768F35C1C5A313F22AE33452BE3B2A550649 ] PNRPsvc C:\Windows\system32\p2psvc.dll
23:03:21.0752 0x0874 PNRPsvc - ok
23:03:21.0796 0x0874 [ D0494460421A03CD5225CCA0059AA146, FC30E90522C63F2A66D89381705712D2CDF07B2E029DF40C2DEBB2353E763E90 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
23:03:21.0888 0x0874 PolicyAgent - ok
23:03:21.0927 0x0874 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
23:03:22.0007 0x0874 PptpMiniport - ok
23:03:22.0025 0x0874 [ 2027293619DD0F047C584CF2E7DF4FFD, B7C172CCD08D8A30483D27536355ED1E5009B33629355B426470AFBA8542B394 ] Processor C:\Windows\system32\drivers\processr.sys
23:03:22.0098 0x0874 Processor - ok
23:03:22.0144 0x0874 [ 0508FAA222D28835310B7BFCA7A77346, 3AE2340C6E365F137CC00D9560069501DD2724756EA9EBF7A6CDFFC91B43709C ] ProfSvc C:\Windows\system32\profsvc.dll
23:03:22.0181 0x0874 ProfSvc - ok
23:03:22.0204 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] ProtectedStorage C:\Windows\system32\lsass.exe
23:03:22.0249 0x0874 ProtectedStorage - ok
23:03:22.0290 0x0874 [ 99514FAA8DF93D34B5589187DB3AA0BA, 4DDE5EC0C721B22E1D7D55ED3514B60EA07435C232A3A931BB49C7F486B52C18 ] PSched C:\Windows\system32\DRIVERS\pacer.sys
23:03:22.0336 0x0874 PSched - ok
23:03:22.0414 0x0874 [ 0A6DB55AFB7820C99AA1F3A1D270F4F6, 8B7D44A7698B95FE34CBBE4FAB2F01EC1F5BA86C2B19672F99767E650E99BF1C ] ql2300 C:\Windows\system32\drivers\ql2300.sys
23:03:22.0560 0x0874 ql2300 - ok
23:03:22.0602 0x0874 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
23:03:22.0627 0x0874 ql40xx - ok
23:03:22.0664 0x0874 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
23:03:22.0699 0x0874 QWAVE - ok
23:03:22.0723 0x0874 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
23:03:22.0777 0x0874 QWAVEdrv - ok
23:03:22.0800 0x0874 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
23:03:22.0844 0x0874 RasAcd - ok
23:03:22.0858 0x0874 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
23:03:22.0922 0x0874 RasAuto - ok
23:03:22.0953 0x0874 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
23:03:23.0024 0x0874 Rasl2tp - ok
23:03:23.0082 0x0874 [ 75D47445D70CA6F9F894B032FBC64FCF, 9112EA5D25F867136858524C7965ACCEDC02675D1E2985B950598D89CCF25E14 ] RasMan C:\Windows\System32\rasmans.dll
23:03:23.0161 0x0874 RasMan - ok
23:03:23.0215 0x0874 [ 509A98DD18AF4375E1FC40BC175F1DEF, CC7C278CA298CE102D871E34C176E73F903D6687D1E8B5AFAB8772C7DE1A60B1 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
23:03:23.0250 0x0874 RasPppoe - ok
23:03:23.0288 0x0874 [ 2005F4A1E05FA09389AC85840F0A9E4D, D8A664073FDE82F9AB324347024CDB7043635C84EB11C24C59AB384C52F0FD94 ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
23:03:23.0324 0x0874 RasSstp - ok
23:03:23.0367 0x0874 [ B14C9D5B9ADD2F84F70570BBBFAA7935, 3D533767A50554B86C769DF4D8841B3EA680B3807E85EA3533BDA9B649548269 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
23:03:23.0441 0x0874 rdbss - ok
23:03:23.0464 0x0874 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
23:03:23.0509 0x0874 RDPCDD - ok
23:03:23.0537 0x0874 [ FBC0BACD9C3D7F6956853F64A66E252D, 7672B10C7039295B152C02C96903E869FF2C0A88A2C3FA89BAE9F1D593B43569 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
23:03:23.0585 0x0874 rdpdr - ok
23:03:23.0590 0x0874 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
23:03:23.0626 0x0874 RDPENCDD - ok
23:03:23.0662 0x0874 [ C127EBD5AFAB31524662C48DFCEB773A, 40A6B88FEAFF02D1B5C0CA32F290CF3D9B48B85D248C7532F30CC5C09BAA4D89 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
23:03:23.0744 0x0874 RDPWD - ok
23:03:23.0798 0x0874 [ 3C109EFD0CEF1B540ED3C7F573594BFD, 3AAC865732972E19CD2583209D047D176259A7CB0E8ACEB1E6D91DB82A58DCA7 ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
23:03:23.0865 0x0874 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
23:03:26.0366 0x0874 Detect skipped due to KSN trusted
23:03:26.0366 0x0874 RegSrvc - ok
23:03:26.0411 0x0874 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
23:03:26.0480 0x0874 RemoteAccess - ok
23:03:26.0531 0x0874 [ 9E6894EA18DAFF37B63E1005F83AE4AB, 5D6DF994D297C875D547C7B111A571AA90D582DAECADE18A53F65AD988819E67 ] RemoteRegistry C:\Windows\system32\regsvc.dll
23:03:26.0605 0x0874 RemoteRegistry - ok
23:03:26.0643 0x0874 [ 10536B0AD6F416FC7F1149977C28CCDC, F0CE929BBA996762D59570338AC2E7DCC920E76E2E945FEB629E8EBE1B311D19 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
23:03:26.0681 0x0874 RFCOMM - ok
23:03:26.0748 0x0874 [ 4D05898896EC49CF663DDA61041AB096, 1218A0AD84946F2555773D529F3D55D7B675780EC1E79A634ED0FECF8D5C9C6D ] RichVideo C:\Program Files\CyberLink\Shared Files\RichVideo.exe
23:03:26.0790 0x0874 RichVideo - ok
23:03:26.0816 0x0874 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
23:03:26.0853 0x0874 RpcLocator - ok
23:03:26.0928 0x0874 [ 3B5B4D53FEC14F7476CA29A20CC31AC9, EC02A412DA5FDE2C759A4A2C5904579E1CE7C4999CE87145812F354FC8F5E183 ] RpcSs C:\Windows\system32\rpcss.dll
23:03:27.0014 0x0874 RpcSs - ok
23:03:27.0048 0x0874 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
23:03:27.0090 0x0874 rspndr - ok
23:03:27.0127 0x0874 [ A3E186B4B935905B829219502557314E, 7F58EAC6C12208D792C77014AC9D37AD1A7B2E73863C914F5DA831A72E1D52BB ] SamSs C:\Windows\system32\lsass.exe
23:03:27.0144 0x0874 SamSs - ok
23:03:27.0271 0x0874 [ A9D840FA78F65857EB554229914F855C, AC3BD980ABDAECFE7D824DF71CCBA7D84749B9AD51460D130A9AA9C7B2DE3D3E ] Samsung Update Plus C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe
23:03:27.0326 0x0874 Samsung Update Plus - detected UnsignedFile.Multi.Generic ( 1 )
23:03:37.0431 0x0874 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - warning
23:03:37.0431 0x0874 Force sending object to P2P due to detect: Samsung Update Plus
23:03:41.0833 0x0874 Object send P2P result: true
23:03:44.0260 0x0874 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
23:03:44.0282 0x0874 sbp2port - ok
23:03:44.0323 0x0874 [ 77B7A11A0C3D78D3386398FBBEA1B632, A3D290AB793BDC2F84C7B963300DFCE81CFE082A0FFF7489E8E5B14714892C00 ] SCardSvr C:\Windows\System32\SCardSvr.dll
23:03:44.0372 0x0874 SCardSvr - ok
23:03:44.0491 0x0874 [ 1A58069DB21D05EB2AB58EE5753EBE8D, EED8111EB613F4C93D1638C74FDB0A6DC6694E1B108DCD0D794B5B5F9B8C6EE4 ] Schedule C:\Windows\system32\schedsvc.dll
23:03:44.0659 0x0874 Schedule - ok
23:03:44.0679 0x0874 [ 312EC3E37A0A1F2006534913E37B4423, 81B8F462336791D162DAFA8092C1F437638DA3022CA24A2458B9FE183FC18C5D ] SCPolicySvc C:\Windows\System32\certprop.dll
23:03:44.0706 0x0874 SCPolicySvc - ok
23:03:45.0125 0x0874 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
23:03:45.0235 0x0874 sdbus - ok
23:03:45.0267 0x0874 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
23:03:45.0476 0x0874 SDRSVC - ok
23:03:45.0500 0x0874 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
23:03:45.0597 0x0874 secdrv - ok
23:03:45.0621 0x0874 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
23:03:45.0661 0x0874 seclogon - ok
23:03:45.0690 0x0874 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\System32\sens.dll
23:03:45.0824 0x0874 SENS - ok
23:03:45.0849 0x0874 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
23:03:45.0907 0x0874 Serenum - ok
23:03:45.0932 0x0874 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
23:03:46.0426 0x0874 Serial - ok
23:03:46.0460 0x0874 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
23:03:46.0500 0x0874 sermouse - ok
23:03:46.0613 0x0874 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
23:03:46.0685 0x0874 SessionEnv - ok
23:03:46.0699 0x0874 [ 3EFA810BDCA87F6ECC24F9832243FE86, E50FEA94DB9851A46A8A71A8C061AC953A9D5B14585382B3F0FFC84931A0A68F ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
23:03:46.0760 0x0874 sffdisk - ok
23:03:46.0779 0x0874 [ E95D451F7EA3E583AEC75F3B3EE42DC5, B014BE4F9B0C79ECCE2537D1CF4AAD48ACB4C5AD3DACAC4444F0F465B9689921 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
23:03:46.0835 0x0874 sffp_mmc - ok
23:03:46.0848 0x0874 [ 3D0EA348784B7AC9EA9BD9F317980979, 2500CE188C9B71C50E966FA575303AEFE50934E376C530AECEC7C7533C15EF08 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
23:03:46.0909 0x0874 sffp_sd - ok
23:03:46.0930 0x0874 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
23:03:47.0031 0x0874 sfloppy - ok
23:03:47.0235 0x0874 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
23:03:47.0384 0x0874 SharedAccess - ok
23:03:47.0527 0x0874 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
23:03:47.0600 0x0874 ShellHWDetection - ok
23:03:47.0636 0x0874 [ 1D76624A09A054F682D746B924E2DBC3, DC903DD466AB8899883253F09477B02E4E93A31C8B279F9F02BD555F1AA083B7 ] sisagp C:\Windows\system32\drivers\sisagp.sys
23:03:47.0662 0x0874 sisagp - ok
23:03:47.0687 0x0874 [ 43CB7AA756C7DB280D01DA9B676CFDE2, 08484CAEA0518C0A4CCCD292D8C803B27FEC453537EE1E4CEE74A7208356A474 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
23:03:47.0711 0x0874 SiSRaid2 - ok
23:03:47.0745 0x0874 [ A99C6C8B0BAA970D8AA59DDC50B57F94, 97AC9DD6DC4F58AC60E819B999BB157663EE7C1739521D16768AA9AC00DAD012 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
23:03:48.0079 0x0874 SiSRaid4 - ok
23:03:48.0687 0x0874 [ 862BB4CBC05D80C5B45BE430E5EF872F, F4961B22C93E472C8C862421AA231CDDA9E40D3958741A1D666357F22CC3143D ] slsvc C:\Windows\system32\SLsvc.exe
23:03:52.0426 0x0874 slsvc - ok
23:03:52.0485 0x0874 [ 6EDC422215CD78AA8A9CDE6B30ABBD35, D8342BC3152859F4F7512E85ABEC61147DBCAB515458644728874E42F639D6CA ] SLUINotify C:\Windows\system32\SLUINotify.dll
23:03:52.0542 0x0874 SLUINotify - ok
23:03:52.0589 0x0874 [ 7B75299A4D201D6A6533603D6914AB04, 172BE3951F06B1991EF70B71EB91786D1EFC4E381C22BCA3A5F622CD59F3227E ] Smb C:\Windows\system32\DRIVERS\smb.sys
23:03:52.0645 0x0874 Smb - ok
23:03:52.0688 0x0874 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
23:03:52.0710 0x0874 SNMPTRAP - ok
23:03:52.0750 0x0874 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
23:03:52.0772 0x0874 spldr - ok
23:03:52.0836 0x0874 [ 8554097E5136C3BF9F69FE578A1B35F4, 2578545CFD647FB18F217B33C8CB4F0184A35F548659494056E455020CC15FB0 ] Spooler C:\Windows\System32\spoolsv.exe
23:03:52.0951 0x0874 Spooler - ok
23:03:53.0034 0x0874 [ 86EBD8B1F23E743AAD21F4D5B4D40985, 8FA4DFDAE15712266B878C364FEFDB63CB30A3DCC25F83CDFE8C8AB3AE864BE6 ] SQLBrowser C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe
23:03:53.0060 0x0874 SQLBrowser - ok
23:03:53.0152 0x0874 [ D89083C4EB02DACA8F944B0E05E57F9D, F96416B5877C280B4EE088A83956E0202F82DC5EACDEEFF06D5979FFFAA9FA74 ] SQLWriter C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
23:03:53.0176 0x0874 SQLWriter - ok
23:03:53.0220 0x0874 [ 41987F9FC0E61ADF54F581E15029AD91, A46E718648C2DD3B43FC3798932C966315893A59442A0686CE46C605B9E4641E ] srv C:\Windows\system32\DRIVERS\srv.sys
23:03:53.0296 0x0874 srv - ok
23:03:53.0341 0x0874 [ FF33AFF99564B1AA534F58868CBE41EF, EFBB005DA19E5B320009CBF93E686D8BFA6A50A23B5A5001C7C84C7D85EF7D49 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
23:03:53.0387 0x0874 srv2 - ok
23:03:53.0409 0x0874 [ 7605C0E1D01A08F3ECD743F38B834A44, 83A77E31004BCF83443F30EFC290E04BB1A2F332E8DFD614AB6E25B527C92299 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
23:03:53.0472 0x0874 srvnet - ok
23:03:53.0519 0x0874 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
23:03:53.0587 0x0874 SSDPSRV - ok
23:03:53.0613 0x0874 [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv C:\Windows\system32\DRIVERS\ssmdrv.sys
23:03:53.0629 0x0874 ssmdrv - ok
23:03:53.0680 0x0874 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
23:03:53.0720 0x0874 SstpSvc - ok
23:03:53.0789 0x0874 [ 5DE7D67E49B88F5F07F3E53C4B92A352, 6930A598C35646646ED0E91633797EFE139AE6CDD0012335BD1340754A22F997 ] stisvc C:\Windows\System32\wiaservc.dll
23:03:53.0904 0x0874 stisvc - ok
23:03:53.0940 0x0874 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
23:03:53.0962 0x0874 swenum - ok
23:03:54.0008 0x0874 [ F21FD248040681CCA1FB6C9A03AAA93D, 32FE765841A183A1F2C1ACACBBF8CDB11E7D4D4396F9C9F6CFF1B51C9B620ED3 ] swprv C:\Windows\System32\swprv.dll
23:03:54.0082 0x0874 swprv - ok
23:03:54.0101 0x0874 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
23:03:54.0123 0x0874 Symc8xx - ok
23:03:54.0138 0x0874 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
23:03:54.0162 0x0874 Sym_hi - ok
23:03:54.0179 0x0874 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
23:03:54.0205 0x0874 Sym_u3 - ok
23:03:54.0247 0x0874 [ 451E8037E2EB6DA6BDF0A66F65D1810B, 98E94486560A00B33E19902BB1B5CE51168E583E9303B3A2F7337D3501887B34 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
23:03:54.0285 0x0874 SynTP - ok
23:03:54.0357 0x0874 [ 9A51B04E9886AA4EE90093586B0BA88D, 1666C29FBFA34174B506678C920636519051D03456A6DDCCD6FF708CAE5D9962 ] SysMain C:\Windows\system32\sysmain.dll
23:03:54.0524 0x0874 SysMain - ok
23:03:54.0616 0x0874 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
23:03:54.0676 0x0874 TabletInputService - ok
23:03:54.0730 0x0874 [ D7673E4B38CE21EE54C59EEEB65E2483, 330D0AD13F5008D8569CE8E5EA0BBD69F54F59FEB54FD903FA18D2849CEC6AF0 ] TapiSrv C:\Windows\System32\tapisrv.dll
23:03:54.0782 0x0874 TapiSrv - ok
23:03:54.0814 0x0874 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
23:03:54.0872 0x0874 TBS - ok
23:03:54.0961 0x0874 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
23:03:55.0076 0x0874 Tcpip - ok
23:03:55.0163 0x0874 [ C7B0746FCD576D7EEBA6A2530B0B2966, F8ADAED40AA12BF8427482A00CCF8374458FEA95C3C381AEF59EC057A2791550 ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
23:03:55.0220 0x0874 Tcpip6 - ok
23:03:55.0396 0x0874 [ 608C345A255D82A6289C2D468EB41FD7, 74ECFDD45DC3EB3AFAEF9C42B546241AA1D6ACB2F6591A76DDB8BB1768545889 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
23:03:55.0542 0x0874 tcpipreg - ok
23:03:55.0618 0x0874 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
23:03:55.0667 0x0874 TDPIPE - ok
23:03:55.0694 0x0874 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
23:03:55.0742 0x0874 TDTCP - ok
23:03:55.0805 0x0874 [ 76B06EB8A01FC8624D699E7045303E54, EC30F244B48A35622ED3EE91792F6A1517C5A50770FAB3945E7A945EB7AF28A8 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
23:03:55.0847 0x0874 tdx - ok
23:03:55.0929 0x0874 [ 3CAD38910468EAB9A6479E2F01DB43C7, 9D18C71EDF39743A0A592BC0873909D2B75B5B177B2672A865D1EEC0BFD2F61C ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
23:03:55.0955 0x0874 TermDD - ok
23:03:56.0014 0x0874 [ BB95DA09BEF6E7A131BFF3BA5032090D, BAF6997F8D944F85F0553957677866C7F22E72AA434BA45FFFB6CC41041070DC ] TermService C:\Windows\System32\termsrv.dll
23:03:56.0340 0x0874 TermService - ok
23:03:56.0374 0x0874 [ C7230FBEE14437716701C15BE02C27B8, 8221DE73D77CF71C2857D78829E807D015D9CB8BDEE4BAFD6950BF0C718CC774 ] Themes C:\Windows\system32\shsvcs.dll
23:03:56.0421 0x0874 Themes - ok
23:03:56.0462 0x0874 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
23:03:56.0497 0x0874 THREADORDER - ok
23:03:56.0634 0x0874 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
23:03:56.0706 0x0874 TrkWks - ok
23:03:56.0868 0x0874 [ 97D9D6A04E3AD9B6C626B9931DB78DBA, 8E42133ED5EE5EEC414A8B11C1035385C6141E445EA9677F947D20768F25A877 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
23:03:56.0902 0x0874 TrustedInstaller - ok
23:03:56.0958 0x0874 [ F4EAA7ECBCB25DE901C9B7F2CDCDA0B3, 1CBB5106A32362ABDEE73BF170E205FE64DDBF826C5F6DFFCCD229F220B9C85E ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
23:03:57.0036 0x0874 tssecsrv - ok
23:03:57.0105 0x0874 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
23:03:57.0173 0x0874 tunmp - ok
23:03:57.0265 0x0874 [ 300DB877AC094FEAB0BE7688C3454A9C, 3B36AA191FBE25B1A61150EAA2BDF8BA286DC4C052F6E98B0ED8202135553D8C ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
23:03:57.0696 0x0874 tunnel - ok
23:03:57.0770 0x0874 [ 7D33C4DB2CE363C8518D2DFCF533941F, C6A539AD31B0BD9F895E0A537783AA75D5760C8590D83BA832D59A9B090CA0E9 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
23:03:57.0806 0x0874 uagp35 - ok
23:03:57.0886 0x0874 [ D9728AF68C4C7693CB100B8441CBDEC6, A2CEE1EE4EF17106349F4E6967F504354801934179FBB3F10B9A4E3C30BC28CE ] udfs C:\Windows\system32\DRIVERS\udfs.sys
23:03:57.0930 0x0874 udfs - ok
23:03:58.0037 0x0874 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
23:03:58.0107 0x0874 UI0Detect - ok
23:03:58.0193 0x0874 [ B0ACFDC9E4AF279E9116C03E014B2B27, 455D30859E381361FF6EE8B01EDC22A2E66CD5EC22CA9F314E88009DB77A8BAF ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
23:03:58.0224 0x0874 uliagpkx - ok
23:03:58.0301 0x0874 [ 9224BB254F591DE4CA8D572A5F0D635C, C5E7B24587AC5A28ECA63300307AD95B8A846833340126AE378840A40E53C056 ] uliahci C:\Windows\system32\drivers\uliahci.sys
23:03:58.0336 0x0874 uliahci - ok
23:03:58.0449 0x0874 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
23:03:58.0487 0x0874 UlSata - ok
23:03:58.0552 0x0874 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
23:03:58.0585 0x0874 ulsata2 - ok
23:03:58.0647 0x0874 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
23:03:58.0745 0x0874 umbus - ok
23:03:58.0807 0x0874 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
23:03:58.0952 0x0874 upnphost - ok
23:03:59.0021 0x0874 [ AAB0B5F72D2D726FBFDC895A2902DE1D, 7824AF6E2ADEA23F208526F3A62AD1BACDBBDB23E58EB5806890B0761529C50F ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
23:03:59.0049 0x0874 usbccgp - ok
23:03:59.0108 0x0874 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
23:03:59.0199 0x0874 usbcir - ok
23:03:59.0291 0x0874 [ 153E8515CB86F8BB5D1A8B478EBF4BB2, 0F1F79BA7C32ACAAE69184A56E67D6E18E2E2F07E0BE23F266401431169DAE14 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
23:03:59.0381 0x0874 usbehci - ok
23:03:59.0444 0x0874 [ 2AE6BCEBD85D31317E433733DAF25888, 7B2C0E8703D0275A620160E479166EB7AA31B0F146507603535CEBF0BA4684A4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
23:03:59.0526 0x0874 usbhub - ok
23:03:59.0570 0x0874 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
23:03:59.0733 0x0874 usbohci - ok
23:03:59.0769 0x0874 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
23:03:59.0839 0x0874 usbprint - ok
23:03:59.0932 0x0874 [ 1D714B8497CD68307806D5D3F60A5169, 1914D92ECE39995168E3C8F5A7694B7A94954DB299410A2781D1321C8E60C3D9 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
23:04:00.0020 0x0874 usbscan - ok
23:04:00.0109 0x0874 [ BE3DA31C191BC222D9AD503C5224F2AD, 201FB0FDBF423342202686DC0D8A3221B7798AE04C04A649D3441C257C733CE8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
23:04:00.0192 0x0874 USBSTOR - ok
23:04:00.0249 0x0874 [ 44056325428A8E4C755830426E29878F, 95F182047746D352B7DC2B22298D5E58738E1B787C110D1DE841C026FB8A67EB ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
23:04:00.0283 0x0874 usbuhci - ok
23:04:00.0334 0x0874 [ E67998E8F14CB0627A769F6530BCB352, 60982F168E9BF13954328C728F55F4D3ADDC572CACB65289B0E895A63DAA08C1 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
23:04:00.0419 0x0874 usbvideo - ok
23:04:00.0465 0x0874 [ 1509E705F3AC1D474C92454A5C2DD81F, 7F525921A3513224F8B093A16E19B4235B300349A14B0B86EE11B7473BA53337 ] UxSms C:\Windows\System32\uxsms.dll
23:04:00.0559 0x0874 UxSms - ok
23:04:00.0619 0x0874 [ CD88D1B7776DC17A119049742EC07EB4, 6B68B9EDB8C6BCB2644F1F004D5743E928509D12107D996F390A24A72E0AA528 ] vds C:\Windows\System32\vds.exe
23:04:00.0811 0x0874 vds - ok
23:04:00.0849 0x0874 [ 87B06E1F30B749A114F74622D013F8D4, 06C06EF87F7DC668D23B50AA5F419F62474ACF90E325E167491BF290286D6594 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
23:04:00.0906 0x0874 vga - ok
23:04:00.0935 0x0874 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
23:04:00.0998 0x0874 VgaSave - ok
23:04:01.0040 0x0874 [ 5D7159DEF58A800D5781BA3A879627BC, 499A8E51FDE61AE0D7C1812D1E5B331211A36BD095A4992C629B93DE6D80F4E6 ] viaagp C:\Windows\system32\drivers\viaagp.sys
23:04:01.0078 0x0874 viaagp - ok
23:04:01.0177 0x0874 [ C4F3A691B5BAD343E6249BD8C2D45DEE, 19DE07AD6CD51036FA8A6B8EE82F34D7F5264FF3A12CBE6E52BD036D0303E319 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
23:04:01.0230 0x0874 ViaC7 - ok
23:04:01.0271 0x0874 [ AADF5587A4063F52C2C3FED7887426FC, 0A74791A236FDAFCD045CFB79A159245B94F7C2033E0CD830C1B76F0F994E06D ] viaide C:\Windows\system32\drivers\viaide.sys
23:04:01.0299 0x0874 viaide - ok
23:04:01.0398 0x0874 [ 2B0970A8C0A65874EFF4AA436E651D85, 5674DB79019960E527CE7AE79F7866AFFAA5AE9DAB625EB8987CF17A977C3433 ] VMC302 C:\Windows\system32\Drivers\VMC302.sys
23:04:01.0474 0x0874 VMC302 - ok
23:04:01.0512 0x0874 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
23:04:01.0537 0x0874 volmgr - ok
23:04:01.0675 0x0874 [ 23E41B834759917BFD6B9A0D625D0C28, 9F60992805262F936E8DA33610FDF60A191ECAFC08BBF657C8F9A21833C8EFC5 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
23:04:01.0830 0x0874 volmgrx - ok
23:04:02.0011 0x0874 [ 786DB5771F05EF300390399F626BF30A, 4A07BE5AEDBA4C15C2F9A91250F0488A0B0305C67BB7A037508D5CBF86D4E1B7 ] volsnap C:\Windows\system32\drivers\volsnap.sys
23:04:02.0146 0x0874 volsnap - ok
23:04:02.0199 0x0874 [ 587253E09325E6BF226B299774B728A9, C9F46197819C2A095456393C518A9B00B59ECDC54F464D038AA7F8DCCDB93CCF ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
23:04:02.0226 0x0874 vsmraid - ok
23:04:02.0511 0x0874 [ DB3D19F850C6EB32BDCB9BC0836ACDDB, D81FF1CDA87A2FE83EFD5B3FE01EFF940952F8BAEE70BEA3B2F6EF30E2121704 ] VSS C:\Windows\system32\vssvc.exe
23:04:03.0227 0x0874 VSS - ok
23:04:03.0309 0x0874 [ 96EA68B9EB310A69C25EBB0282B2B9DE, C76D3427F8A2953CB4D96BBA1523679CBE1BBF7FA821A35D2FBEB3E67AC6A10B ] W32Time C:\Windows\system32\w32time.dll
23:04:03.0373 0x0874 W32Time - ok
23:04:03.0416 0x0874 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
23:04:03.0471 0x0874 WacomPen - ok
23:04:03.0518 0x0874 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
23:04:03.0597 0x0874 Wanarp - ok
23:04:03.0602 0x0874 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
23:04:03.0651 0x0874 Wanarpv6 - ok
23:04:03.0797 0x0874 [ A3CD60FD826381B49F03832590E069AF, 213C5DB5E5D828264286FD7548527566D6160CCA780BC6853B7B28CECF329674 ] wcncsvc C:\Windows\System32\wcncsvc.dll
23:04:03.0898 0x0874 wcncsvc - ok
23:04:04.0094 0x0874 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
23:04:04.0233 0x0874 WcsPlugInService - ok
23:04:04.0286 0x0874 [ 78FE9542363F297B18C027B2D7E7C07F, 6BC3ED2A48EF41E1EE597FD58271DB12256EC013518663331CD0FBCB3FC415EE ] Wd C:\Windows\system32\drivers\wd.sys
23:04:04.0306 0x0874 Wd - ok
23:04:04.0366 0x0874 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
23:04:04.0495 0x0874 Wdf01000 - ok
23:04:04.0537 0x0874 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
23:04:04.0585 0x0874 WdiServiceHost - ok
23:04:04.0592 0x0874 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
23:04:04.0627 0x0874 WdiSystemHost - ok
23:04:04.0702 0x0874 [ 04C37D8107320312FBAE09926103D5E2, 1C6726A9871CBACB240AFA93E57781515F01758D43693DDA395EA683D97234F0 ] WebClient C:\Windows\System32\webclnt.dll
23:04:04.0816 0x0874 WebClient - ok
23:04:04.0865 0x0874 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
23:04:04.0967 0x0874 Wecsvc - ok
23:04:05.0023 0x0874 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
23:04:05.0089 0x0874 wercplsupport - ok
23:04:05.0144 0x0874 [ 32B88481D3B326DA6DEB07B1D03481E7, 821FBAF147E525ED15EB9391B16A96C6D5464841258B11F277EFB57A3BD50E37 ] WerSvc C:\Windows\System32\WerSvc.dll
23:04:05.0185 0x0874 WerSvc - ok
23:04:05.0240 0x0874 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
23:04:05.0303 0x0874 WinDefend - ok
23:04:05.0312 0x0874 WinHttpAutoProxySvc - ok
23:04:05.0409 0x0874 [ 6B2A1D0E80110E3D04E6863C6E62FD8A, EE8BC7C378993EFE90273764C83119EBF331768CD7B24DE949233C74A51306C2 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
23:04:05.0448 0x0874 Winmgmt - ok
23:04:05.0568 0x0874 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
23:04:05.0726 0x0874 WinRM - ok
23:04:05.0858 0x0874 [ C008405E4FEEB069E30DA1D823910234, C392A7B5FEACB7D11A3A231C1AD65D533984E6E7429ECD3BFBF90A27E8DEB157 ] Wlansvc C:\Windows\System32\wlansvc.dll
23:04:06.0033 0x0874 Wlansvc - ok
23:04:06.0067 0x0874 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
23:04:06.0157 0x0874 WmiAcpi - ok
23:04:06.0224 0x0874 [ 43BE3875207DCB62A85C8C49970B66CC, 27169F2E8A30807794407DA8F80611E4287F940AAE2A1F00F547901872FB9703 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
23:04:06.0314 0x0874 wmiApSrv - ok
23:04:06.0419 0x0874 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
23:04:06.0693 0x0874 WMPNetworkSvc - ok
23:04:06.0760 0x0874 [ CFC5A04558F5070CEE3E3A7809F3FF52, 45899E04000E21C4E009BE8B6149F199A5B2E0512C657A525770BF9DBFED7D2B ] WPCSvc C:\Windows\System32\wpcsvc.dll
23:04:06.0883 0x0874 WPCSvc - ok
23:04:06.0943 0x0874 [ 801FBDB89D472B3C467EB112A0FC9246, C24053FA12732089384D3AF06C676FF201D282FC5AD56A42B6EE8BAED4379CB2 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
23:04:07.0085 0x0874 WPDBusEnum - ok
23:04:07.0211 0x0874 [ F8D3544ACBCE9110362119F7C10D848E, 31C49201A931751A36286874AC0B929D886F490D7CE48CCC9283850A56AD9FD9 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
23:04:07.0373 0x0874 WPFFontCache_v0400 - ok
23:04:07.0399 0x0874 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
23:04:07.0437 0x0874 ws2ifsl - ok
23:04:07.0486 0x0874 [ 1CA6C40261DDC0425987980D0CD2AAAB, 727C1E3A170316641F832A8D197EDA6D6EE1206E4ED7B741E5A4017B7F2F7B88 ] wscsvc C:\Windows\system32\wscsvc.dll
23:04:07.0521 0x0874 wscsvc - ok
23:04:07.0532 0x0874 WSearch - ok
23:04:07.0653 0x0874 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
23:04:08.0088 0x0874 wuauserv - ok
23:04:08.0136 0x0874 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
23:04:08.0209 0x0874 WudfPf - ok
23:04:08.0242 0x0874 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
23:04:08.0313 0x0874 WUDFRd - ok
23:04:08.0351 0x0874 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
23:04:08.0378 0x0874 wudfsvc - ok
23:04:08.0445 0x0874 [ 04E268ADFC81964C49DC0C082D520F7E, 7D2574E366636AB1D59A08FE3038268095D627C39636C6ED6BCE1D5ACB44A179 ] yukonwlh C:\Windows\system32\DRIVERS\yk60x86.sys
23:04:08.0521 0x0874 yukonwlh - ok
23:04:08.0566 0x0874 ================ Scan global ===============================
23:04:08.0586 0x0874 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
23:04:08.0675 0x0874 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:04:08.0792 0x0874 [ A508314231C49AEE86987CEA3EAECAD1, D29BCFA967C23C7264592576D62D95FA8C687E8662D19DCCC73653A9EFB6340D ] C:\Windows\system32\winsrv.dll
23:04:08.0896 0x0874 [ D4E6D91C1349B7BFB3599A6ADA56851B, 8748091BF27F05D28D45688E04DD9229A4B2E159209A64F457703F66A8CECE4D ] C:\Windows\system32\services.exe
23:04:08.0919 0x0874 [ Global ] - ok
23:04:08.0920 0x0874 ================ Scan MBR ==================================
23:04:08.0939 0x0874 [ 61A349592C4728853F4A90FF78F7628E ] \Device\Harddisk0\DR0
23:04:18.0425 0x0874 \Device\Harddisk0\DR0 - ok
23:04:18.0433 0x0874 ================ Scan VBR ==================================
23:04:18.0447 0x0874 [ 92662BA4944BDDB29F269A6305E6DC4A ] \Device\Harddisk0\DR0\Partition1
23:04:18.0490 0x0874 \Device\Harddisk0\DR0\Partition1 - detected Rootkit.Boot.Cidox.b ( 0 )
23:04:18.0490 0x0874 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - infected
23:04:20.0957 0x0874 [ 0B745129D14217F6C7E838A788B3FDA7 ] \Device\Harddisk0\DR0\Partition2
23:04:21.0047 0x0874 \Device\Harddisk0\DR0\Partition2 - ok
23:04:21.0047 0x0874 ================ Scan generic autorun ======================
23:04:21.0106 0x0874 [ 0D392EDE3B97E0B3131B2F63EF1DB94E, 3EDA280F91097293E00BF984D377E1111CFDE1FC81B30A3FDEB38F321EF82BB6 ] C:\Program Files\Windows Defender\MSASCui.exe
23:04:21.0225 0x0874 Windows Defender - ok
23:04:21.0230 0x0874 NvCplDaemon - ok
23:04:21.0234 0x0874 NvMediaCenter - ok
23:04:21.0730 0x0874 [ EB57A9927A39EB86194D664E781633B7, 673F5A8D2ACFE11CAA95FBDDB4962445CCFBBBF3547DDFFB820A335F4F6B1D13 ] C:\Windows\RtHDVCpl.exe
23:04:22.0889 0x0874 RtHDVCpl - ok
23:04:23.0276 0x0874 [ A37B2AB33BFF3C6705DC2C016328DD2F, C6F14E81FD9001048B178576FA01A4F77BF3F0A05DE443EB6AAC4982EE763D69 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
23:04:23.0413 0x0874 SynTPEnh - ok
23:04:23.0456 0x0874 [ B2B2FE2671DD98A322B0AD7079C0B2B2, A9148336C9A6E44A089514C9BDA22704EB5EFC4069F07ED31E75330D48B4DF97 ] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
23:04:23.0477 0x0874 RemoteControl - ok
23:04:23.0518 0x0874 [ A4E85BDA66CF4DE8070D6F744D181C12, ACF577B0CE6EA1E167389BB32E7F07E0D8CF487B22828455698B042A37CF15B4 ] C:\Program Files\CyberLink\PowerDVD\Language\Language.exe
23:04:23.0551 0x0874 LanguageShortcut - detected UnsignedFile.Multi.Generic ( 1 )
23:04:26.0029 0x0874 Detect skipped due to KSN trusted
23:04:26.0029 0x0874 LanguageShortcut - ok
23:04:26.0779 0x0874 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
23:04:26.0877 0x0874 avgnt - ok
23:04:27.0188 0x0874 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
23:04:27.0344 0x0874 Adobe ARM - ok
23:04:27.0622 0x0874 [ 1E873743DEC469609C35275C5557B34D, EC8952601B4643B9B82DA5B7C5A85DD19CC1F07889A2B69E4FCCDCAC296A9FA1 ] C:\Program Files\Avira\My Avira\Avira.OE.Systray.exe
23:04:27.0670 0x0874 Avira Systray - ok
23:04:28.0074 0x0874 [ 9E35FF7F943AE0FB89192BFE058B7FD4, 54712A4FA296AE28CF834F90B77B2EEB69020E3D5B5CF24674BD8DACA25195B9 ] C:\Program Files\Windows Sidebar\sidebar.exe
23:04:28.0896 0x0874 Sidebar - ok
23:04:29.0140 0x0874 [ 6DE8F3D91387412AC2E869FFA0F6ABA6, 68202B155995F14471377E1F0080916B31D6F99F7DA9E5E147399B2E1BA933CE ] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
23:04:30.0720 0x0874 LightScribe Control Panel - detected UnsignedFile.Multi.Generic ( 1 )
23:04:33.0095 0x0874 Detect skipped due to KSN trusted
23:04:33.0095 0x0874 LightScribe Control Panel - ok
23:04:33.0159 0x0874 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
23:04:33.0186 0x0874 ehTray.exe - ok
23:04:33.0344 0x0874 [ C08A050F4DC32F8BD1C49D8741A4B795, 855A63C0BF09287861B01B09AB62686F6224913386B19D43A7AF39942CF95B24 ] C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe
23:04:33.0355 0x0874 Suspicious file ( NoAccess ): C:\Users\********************\AppData\Roaming\Nawuka\yvigi.exe. md5: C08A050F4DC32F8BD1C49D8741A4B795, sha256: 855A63C0BF09287861B01B09AB62686F6224913386B19D43A7AF39942CF95B24
23:04:33.0356 0x0874 Ryagyna - detected LockedFile.Multi.Generic ( 1 )
23:04:35.0773 0x0874 Ryagyna ( LockedFile.Multi.Generic ) - warning
23:04:38.0232 0x0874 AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
23:04:38.0278 0x0874 Win FW state via NFP2: enabled
23:04:40.0678 0x0874 ============================================================
23:04:40.0678 0x0874 Scan finished
23:04:40.0678 0x0874 ============================================================
23:04:40.0690 0x0974 Detected object count: 3
23:04:40.0690 0x0974 Actual detected object count: 3
23:07:27.0553 0x0974 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - skipped by user
23:07:27.0553 0x0974 Samsung Update Plus ( UnsignedFile.Multi.Generic ) - User select action: Skip
23:07:27.0553 0x0974 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - skipped by user
23:07:27.0553 0x0974 \Device\Harddisk0\DR0\Partition1 ( Rootkit.Boot.Cidox.b ) - User select action: Skip
23:07:27.0555 0x0974 Ryagyna ( LockedFile.Multi.Generic ) - skipped by user
23:07:27.0556 0x0974 Ryagyna ( LockedFile.Multi.Generic ) - User select action: Skip Noch während des Scans und bevor von TDSSKiller gefunden hat Avira eine Bedrohung namens "TR/PSW.Zbot.trz" in einem Programm namens yvigi.exe gefunden und die Datei in die Quarantäne verschoben. Wenn ich in den Task-Manager schau, finde ich yvigi.exe dort trotzdem laufen - neben inzwischen 10 iexplore.exe u.a.
Gruß,
Heinz
Pardon,
der letzte Satz hat nicht gestimmt. Avira hat yvigi.exe zum Verschieben in die Quarantäne vorgeschlagen. Das habe ich erst nach dem letzten Eintrag hier gemacht. Das Programm taucht nun nicht mehr im Task-Manager auf. Die vielen iexplore.exe sind jedoch auch nach Neustart wieder da.
Gruß,
Heinz. |