| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhandenWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
31.10.2013, 15:57
| #1 |
| |  BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Hallo Zusammen, seit einiger Zeit habe ich den Virus BOO/Tdss.O in meinem Masterbootsektor C: . Da es eh Zeit war und dies anscheinend der einzige Weg ist dem Virus beizukommen, habe ich Windows bereits neu installiert. Wie auch schon andere User hier, habe ich das Problem das Antivir mir aber immernoch die Meldung anzeigt. Ich hoffe nun, dass Antivir mir auch nurnoch die inaktiven Reste meldet. Ich würde mich wirklich sehr freuen, wenn Ihr mir bei meinem Problem helfen könnt. Mit freundlichen Grüßen minifabse |
|
31.10.2013, 16:40
| #2 | |
| /// TB-Ausbilder   | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Hallo,
__________________Zitat:
Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Schritt 2 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
31.10.2013, 23:10
| #3 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden So...
__________________TDSSKiller Code:
ATTFilter 22:53:13.0368 4276 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
22:53:15.0818 4276 ============================================================
22:53:15.0818 4276 Current date / time: 2013/10/31 22:53:15.0818
22:53:15.0818 4276 SystemInfo:
22:53:15.0818 4276
22:53:15.0818 4276 OS Version: 6.1.7600 ServicePack: 0.0
22:53:15.0818 4276 Product type: Workstation
22:53:15.0818 4276 ComputerName: FR-PC
22:53:15.0819 4276 UserName: FR
22:53:15.0819 4276 Windows directory: C:\Windows
22:53:15.0819 4276 System windows directory: C:\Windows
22:53:15.0819 4276 Running under WOW64
22:53:15.0819 4276 Processor architecture: Intel x64
22:53:15.0819 4276 Number of processors: 4
22:53:15.0819 4276 Page size: 0x1000
22:53:15.0819 4276 Boot type: Normal boot
22:53:15.0819 4276 ============================================================
22:53:17.0380 4276 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:53:17.0403 4276 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
22:53:17.0440 4276 ============================================================
22:53:17.0440 4276 \Device\Harddisk0\DR0:
22:53:17.0440 4276 MBR partitions:
22:53:17.0440 4276 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
22:53:17.0440 4276 \Device\Harddisk1\DR1:
22:53:17.0441 4276 MBR partitions:
22:53:17.0441 4276 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
22:53:17.0441 4276 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
22:53:17.0441 4276 ============================================================
22:53:17.0454 4276 C: <-> \Device\Harddisk1\DR1\Partition2
22:53:17.0469 4276 D: <-> \Device\Harddisk1\DR1\Partition1
22:53:17.0495 4276 K: <-> \Device\Harddisk0\DR0\Partition1
22:53:17.0495 4276 ============================================================
22:53:17.0495 4276 Initialize success
22:53:17.0495 4276 ============================================================
22:53:35.0634 4884 ============================================================
22:53:35.0634 4884 Scan started
22:53:35.0634 4884 Mode: Manual; SigCheck; TDLFS;
22:53:35.0634 4884 ============================================================
22:53:36.0343 4884 ================ Scan system memory ========================
22:53:36.0343 4884 System memory - ok
22:53:36.0343 4884 ================ Scan services =============================
22:53:36.0756 4884 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
22:53:36.0863 4884 1394ohci - ok
22:53:36.0899 4884 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
22:53:36.0913 4884 ACPI - ok
22:53:36.0939 4884 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
22:53:36.0957 4884 AcpiPmi - ok
22:53:37.0056 4884 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
22:53:37.0074 4884 AdobeARMservice - ok
22:53:37.0330 4884 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:53:37.0341 4884 AdobeFlashPlayerUpdateSvc - ok
22:53:37.0384 4884 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
22:53:37.0410 4884 adp94xx - ok
22:53:37.0428 4884 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
22:53:37.0449 4884 adpahci - ok
22:53:37.0466 4884 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
22:53:37.0484 4884 adpu320 - ok
22:53:37.0502 4884 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
22:53:37.0547 4884 AeLookupSvc - ok
22:53:37.0608 4884 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
22:53:37.0686 4884 AFD - ok
22:53:37.0707 4884 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
22:53:37.0726 4884 agp440 - ok
22:53:37.0741 4884 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
22:53:37.0808 4884 ALG - ok
22:53:37.0833 4884 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
22:53:37.0854 4884 aliide - ok
22:53:37.0860 4884 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
22:53:37.0878 4884 amdide - ok
22:53:37.0887 4884 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
22:53:37.0922 4884 AmdK8 - ok
22:53:37.0943 4884 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
22:53:37.0954 4884 AmdPPM - ok
22:53:37.0960 4884 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
22:53:37.0977 4884 amdsata - ok
22:53:37.0987 4884 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
22:53:38.0005 4884 amdsbs - ok
22:53:38.0010 4884 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
22:53:38.0024 4884 amdxata - ok
22:53:38.0180 4884 [ 3478F48B23A0D9F6EADD4A2405BA70EF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:53:38.0254 4884 AntiVirSchedulerService - ok
22:53:38.0398 4884 [ AFFE7C21A4FCA1963371F10066911D3A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:53:38.0418 4884 AntiVirService - ok
22:53:38.0466 4884 [ 59A16E5DEA0EDBEF76EA40C4E6FE597D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
22:53:38.0557 4884 AntiVirWebService - ok
22:53:38.0606 4884 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
22:53:38.0710 4884 AppID - ok
22:53:38.0746 4884 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
22:53:38.0805 4884 AppIDSvc - ok
22:53:38.0810 4884 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
22:53:38.0847 4884 Appinfo - ok
22:53:38.0867 4884 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
22:53:38.0884 4884 arc - ok
22:53:38.0918 4884 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
22:53:38.0937 4884 arcsas - ok
22:53:39.0195 4884 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:53:39.0210 4884 aspnet_state - ok
22:53:39.0243 4884 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
22:53:39.0282 4884 AsyncMac - ok
22:53:39.0301 4884 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
22:53:39.0312 4884 atapi - ok
22:53:39.0347 4884 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
22:53:39.0393 4884 AudioEndpointBuilder - ok
22:53:39.0402 4884 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
22:53:39.0436 4884 AudioSrv - ok
22:53:39.0474 4884 [ 29F9901C22E7BFE23DF8389AFC530D3D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
22:53:39.0495 4884 avgntflt - ok
22:53:39.0532 4884 [ 033CA7F2EABD7EFDC482FE45DD7E1B60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
22:53:39.0550 4884 avipbb - ok
22:53:39.0556 4884 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
22:53:39.0571 4884 avkmgr - ok
22:53:39.0594 4884 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
22:53:39.0611 4884 avnetflt - ok
22:53:39.0649 4884 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
22:53:39.0695 4884 AxInstSV - ok
22:53:39.0759 4884 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
22:53:39.0835 4884 b06bdrv - ok
22:53:39.0858 4884 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
22:53:39.0895 4884 b57nd60a - ok
22:53:39.0919 4884 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
22:53:39.0970 4884 BDESVC - ok
22:53:39.0976 4884 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
22:53:40.0029 4884 Beep - ok
22:53:40.0072 4884 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
22:53:40.0127 4884 BFE - ok
22:53:40.0172 4884 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
22:53:40.0229 4884 BITS - ok
22:53:40.0259 4884 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
22:53:40.0273 4884 blbdrive - ok
22:53:40.0297 4884 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
22:53:40.0313 4884 bowser - ok
22:53:40.0328 4884 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
22:53:40.0342 4884 BrFiltLo - ok
22:53:40.0346 4884 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
22:53:40.0371 4884 BrFiltUp - ok
22:53:40.0397 4884 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
22:53:40.0461 4884 Browser - ok
22:53:40.0491 4884 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
22:53:40.0570 4884 Brserid - ok
22:53:40.0597 4884 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
22:53:40.0630 4884 BrSerWdm - ok
22:53:40.0644 4884 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
22:53:40.0659 4884 BrUsbMdm - ok
22:53:40.0664 4884 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
22:53:40.0678 4884 BrUsbSer - ok
22:53:40.0685 4884 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
22:53:40.0703 4884 BTHMODEM - ok
22:53:40.0759 4884 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
22:53:40.0840 4884 bthserv - ok
22:53:40.0846 4884 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
22:53:40.0883 4884 cdfs - ok
22:53:40.0894 4884 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
22:53:40.0913 4884 cdrom - ok
22:53:40.0924 4884 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
22:53:40.0963 4884 CertPropSvc - ok
22:53:40.0968 4884 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
22:53:40.0986 4884 circlass - ok
22:53:40.0999 4884 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
22:53:41.0022 4884 CLFS - ok
22:53:41.0114 4884 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:53:41.0161 4884 clr_optimization_v2.0.50727_32 - ok
22:53:41.0267 4884 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:53:41.0301 4884 clr_optimization_v2.0.50727_64 - ok
22:53:41.0540 4884 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:53:41.0566 4884 clr_optimization_v4.0.30319_32 - ok
22:53:41.0573 4884 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:53:41.0589 4884 clr_optimization_v4.0.30319_64 - ok
22:53:41.0636 4884 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
22:53:41.0675 4884 CmBatt - ok
22:53:41.0683 4884 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
22:53:41.0700 4884 cmdide - ok
22:53:41.0740 4884 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
22:53:41.0832 4884 CNG - ok
22:53:41.0847 4884 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
22:53:41.0865 4884 Compbatt - ok
22:53:41.0890 4884 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
22:53:41.0924 4884 CompositeBus - ok
22:53:41.0935 4884 COMSysApp - ok
22:53:41.0957 4884 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
22:53:41.0975 4884 crcdisk - ok
22:53:42.0023 4884 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
22:53:42.0089 4884 CryptSvc - ok
22:53:42.0127 4884 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
22:53:42.0193 4884 DcomLaunch - ok
22:53:42.0214 4884 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
22:53:42.0262 4884 defragsvc - ok
22:53:42.0282 4884 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
22:53:42.0310 4884 DfsC - ok
22:53:42.0341 4884 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
22:53:42.0379 4884 Dhcp - ok
22:53:42.0411 4884 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
22:53:42.0452 4884 discache - ok
22:53:42.0504 4884 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
22:53:42.0524 4884 Disk - ok
22:53:42.0559 4884 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
22:53:42.0588 4884 Dnscache - ok
22:53:42.0610 4884 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
22:53:42.0663 4884 dot3svc - ok
22:53:42.0679 4884 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
22:53:42.0721 4884 DPS - ok
22:53:42.0768 4884 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
22:53:42.0783 4884 drmkaud - ok
22:53:42.0831 4884 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
22:53:42.0866 4884 DXGKrnl - ok
22:53:42.0889 4884 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
22:53:42.0927 4884 EapHost - ok
22:53:43.0036 4884 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
22:53:43.0179 4884 ebdrv - ok
22:53:43.0205 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
22:53:43.0244 4884 EFS - ok
22:53:43.0393 4884 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
22:53:43.0513 4884 ehRecvr - ok
22:53:43.0545 4884 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
22:53:43.0619 4884 ehSched - ok
22:53:43.0683 4884 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
22:53:43.0722 4884 elxstor - ok
22:53:43.0726 4884 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
22:53:43.0757 4884 ErrDev - ok
22:53:43.0789 4884 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
22:53:43.0831 4884 EventSystem - ok
22:53:43.0860 4884 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
22:53:43.0898 4884 exfat - ok
22:53:43.0905 4884 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
22:53:43.0963 4884 fastfat - ok
22:53:43.0989 4884 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
22:53:44.0022 4884 Fax - ok
22:53:44.0047 4884 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
22:53:44.0062 4884 fdc - ok
22:53:44.0119 4884 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
22:53:44.0161 4884 fdPHost - ok
22:53:44.0165 4884 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
22:53:44.0195 4884 FDResPub - ok
22:53:44.0200 4884 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
22:53:44.0216 4884 FileInfo - ok
22:53:44.0221 4884 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
22:53:44.0262 4884 Filetrace - ok
22:53:44.0266 4884 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
22:53:44.0280 4884 flpydisk - ok
22:53:44.0296 4884 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
22:53:44.0319 4884 FltMgr - ok
22:53:44.0371 4884 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
22:53:44.0437 4884 FontCache - ok
22:53:44.0482 4884 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:53:44.0496 4884 FontCache3.0.0.0 - ok
22:53:44.0501 4884 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
22:53:44.0547 4884 FsDepends - ok
22:53:44.0588 4884 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
22:53:44.0604 4884 Fs_Rec - ok
22:53:44.0669 4884 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
22:53:44.0685 4884 fvevol - ok
22:53:44.0730 4884 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
22:53:44.0746 4884 gagp30kx - ok
22:53:44.0781 4884 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
22:53:44.0811 4884 gpsvc - ok
22:53:44.0837 4884 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
22:53:44.0896 4884 hcw85cir - ok
22:53:44.0939 4884 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
22:53:44.0960 4884 HdAudAddService - ok
22:53:44.0990 4884 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
22:53:45.0003 4884 HDAudBus - ok
22:53:45.0007 4884 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
22:53:45.0058 4884 HidBatt - ok
22:53:45.0063 4884 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
22:53:45.0098 4884 HidBth - ok
22:53:45.0104 4884 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
22:53:45.0122 4884 HidIr - ok
22:53:45.0157 4884 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
22:53:45.0191 4884 hidserv - ok
22:53:45.0208 4884 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
22:53:45.0223 4884 HidUsb - ok
22:53:45.0237 4884 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
22:53:45.0281 4884 hkmsvc - ok
22:53:45.0308 4884 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
22:53:45.0361 4884 HomeGroupListener - ok
22:53:45.0407 4884 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
22:53:45.0440 4884 HomeGroupProvider - ok
22:53:45.0474 4884 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
22:53:45.0491 4884 HpSAMD - ok
22:53:45.0552 4884 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
22:53:45.0605 4884 HTTP - ok
22:53:45.0611 4884 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
22:53:45.0625 4884 hwpolicy - ok
22:53:45.0656 4884 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
22:53:45.0674 4884 i8042prt - ok
22:53:45.0683 4884 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
22:53:45.0708 4884 iaStorV - ok
22:53:45.0813 4884 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:53:45.0854 4884 idsvc - ok
22:53:45.0859 4884 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
22:53:45.0874 4884 iirsp - ok
22:53:45.0902 4884 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
22:53:45.0948 4884 IKEEXT - ok
22:53:45.0956 4884 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
22:53:45.0971 4884 intelide - ok
22:53:45.0987 4884 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
22:53:46.0012 4884 intelppm - ok
22:53:46.0029 4884 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
22:53:46.0083 4884 IPBusEnum - ok
22:53:46.0089 4884 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
22:53:46.0126 4884 IpFilterDriver - ok
22:53:46.0143 4884 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
22:53:46.0182 4884 iphlpsvc - ok
22:53:46.0187 4884 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
22:53:46.0204 4884 IPMIDRV - ok
22:53:46.0209 4884 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
22:53:46.0251 4884 IPNAT - ok
22:53:46.0266 4884 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
22:53:46.0283 4884 IRENUM - ok
22:53:46.0288 4884 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
22:53:46.0303 4884 isapnp - ok
22:53:46.0332 4884 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
22:53:46.0353 4884 iScsiPrt - ok
22:53:46.0376 4884 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
22:53:46.0391 4884 kbdclass - ok
22:53:46.0395 4884 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
22:53:46.0410 4884 kbdhid - ok
22:53:46.0451 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
22:53:46.0462 4884 KeyIso - ok
22:53:46.0497 4884 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
22:53:46.0510 4884 KSecDD - ok
22:53:46.0538 4884 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
22:53:46.0549 4884 KSecPkg - ok
22:53:46.0554 4884 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
22:53:46.0594 4884 ksthunk - ok
22:53:46.0626 4884 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
22:53:46.0756 4884 KtmRm - ok
22:53:46.0797 4884 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
22:53:46.0838 4884 LanmanServer - ok
22:53:46.0875 4884 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
22:53:46.0911 4884 LanmanWorkstation - ok
22:53:46.0961 4884 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
22:53:47.0052 4884 lltdio - ok
22:53:47.0067 4884 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
22:53:47.0123 4884 lltdsvc - ok
22:53:47.0137 4884 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
22:53:47.0166 4884 lmhosts - ok
22:53:47.0195 4884 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
22:53:47.0211 4884 LSI_FC - ok
22:53:47.0233 4884 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
22:53:47.0250 4884 LSI_SAS - ok
22:53:47.0259 4884 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
22:53:47.0275 4884 LSI_SAS2 - ok
22:53:47.0287 4884 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
22:53:47.0304 4884 LSI_SCSI - ok
22:53:47.0314 4884 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
22:53:47.0350 4884 luafv - ok
22:53:47.0404 4884 [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa C:\Windows\system32\drivers\Lycosa.sys
22:53:47.0438 4884 Lycosa - ok
22:53:47.0473 4884 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
22:53:47.0512 4884 Mcx2Svc - ok
22:53:47.0541 4884 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
22:53:47.0555 4884 megasas - ok
22:53:47.0563 4884 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
22:53:47.0583 4884 MegaSR - ok
22:53:47.0618 4884 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
22:53:47.0653 4884 MMCSS - ok
22:53:47.0657 4884 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
22:53:47.0690 4884 Modem - ok
22:53:47.0718 4884 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
22:53:47.0745 4884 monitor - ok
22:53:47.0769 4884 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
22:53:47.0784 4884 mouclass - ok
22:53:47.0832 4884 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
22:53:47.0872 4884 mouhid - ok
22:53:47.0883 4884 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
22:53:47.0912 4884 mountmgr - ok
22:53:47.0986 4884 [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:53:48.0043 4884 MozillaMaintenance - ok
22:53:48.0049 4884 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
22:53:48.0074 4884 mpio - ok
22:53:48.0079 4884 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
22:53:48.0113 4884 mpsdrv - ok
22:53:48.0149 4884 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
22:53:48.0195 4884 MpsSvc - ok
22:53:48.0200 4884 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
22:53:48.0233 4884 MRxDAV - ok
22:53:48.0261 4884 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
22:53:48.0278 4884 mrxsmb - ok
22:53:48.0293 4884 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
22:53:48.0313 4884 mrxsmb10 - ok
22:53:48.0335 4884 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
22:53:48.0364 4884 mrxsmb20 - ok
22:53:48.0377 4884 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
22:53:48.0391 4884 msahci - ok
22:53:48.0415 4884 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
22:53:48.0433 4884 msdsm - ok
22:53:48.0463 4884 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
22:53:48.0482 4884 MSDTC - ok
22:53:48.0515 4884 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
22:53:48.0550 4884 Msfs - ok
22:53:48.0594 4884 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
22:53:48.0730 4884 mshidkmdf - ok
22:53:48.0734 4884 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
22:53:48.0748 4884 msisadrv - ok
22:53:48.0785 4884 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
22:53:48.0825 4884 MSiSCSI - ok
22:53:48.0829 4884 msiserver - ok
22:53:48.0850 4884 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
22:53:48.0890 4884 MSKSSRV - ok
22:53:48.0894 4884 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
22:53:48.0944 4884 MSPCLOCK - ok
22:53:48.0948 4884 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
22:53:48.0983 4884 MSPQM - ok
22:53:48.0991 4884 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
22:53:49.0014 4884 MsRPC - ok
22:53:49.0021 4884 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
22:53:49.0031 4884 mssmbios - ok
22:53:49.0036 4884 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
22:53:49.0088 4884 MSTEE - ok
22:53:49.0092 4884 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
22:53:49.0124 4884 MTConfig - ok
22:53:49.0139 4884 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
22:53:49.0155 4884 Mup - ok
22:53:49.0191 4884 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
22:53:49.0225 4884 napagent - ok
22:53:49.0269 4884 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
22:53:49.0333 4884 NativeWifiP - ok
22:53:49.0359 4884 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
22:53:49.0386 4884 NDIS - ok
22:53:49.0392 4884 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
22:53:49.0472 4884 NdisCap - ok
22:53:49.0482 4884 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
22:53:49.0527 4884 NdisTapi - ok
22:53:49.0531 4884 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
22:53:49.0583 4884 Ndisuio - ok
22:53:49.0588 4884 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
22:53:49.0624 4884 NdisWan - ok
22:53:49.0629 4884 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
22:53:49.0662 4884 NDProxy - ok
22:53:49.0667 4884 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
22:53:49.0699 4884 NetBIOS - ok
22:53:49.0711 4884 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
22:53:49.0750 4884 NetBT - ok
22:53:49.0765 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
22:53:49.0776 4884 Netlogon - ok
22:53:49.0833 4884 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
22:53:49.0920 4884 Netman - ok
22:53:49.0976 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:50.0026 4884 NetMsmqActivator - ok
22:53:50.0040 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:50.0055 4884 NetPipeActivator - ok
22:53:50.0082 4884 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
22:53:50.0126 4884 netprofm - ok
22:53:50.0131 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:50.0140 4884 NetTcpActivator - ok
22:53:50.0144 4884 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:53:50.0154 4884 NetTcpPortSharing - ok
22:53:50.0183 4884 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
22:53:50.0198 4884 nfrd960 - ok
22:53:50.0216 4884 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
22:53:50.0252 4884 NlaSvc - ok
22:53:50.0279 4884 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
22:53:50.0312 4884 Npfs - ok
22:53:50.0334 4884 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
22:53:50.0372 4884 nsi - ok
22:53:50.0377 4884 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
22:53:50.0418 4884 nsiproxy - ok
22:53:50.0468 4884 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
22:53:50.0523 4884 Ntfs - ok
22:53:50.0544 4884 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
22:53:50.0576 4884 Null - ok
22:53:50.0619 4884 [ 554964B900AE2954B8B589B6287034AC ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
22:53:50.0674 4884 NVHDA - ok
22:53:50.0940 4884 [ E71E299FF15390E585BACF2C18F55078 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
22:53:51.0348 4884 nvlddmkm - ok
22:53:51.0372 4884 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
22:53:51.0390 4884 nvraid - ok
22:53:51.0417 4884 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
22:53:51.0435 4884 nvstor - ok
22:53:51.0808 4884 [ 99BC3E05B906F359901647EF852EF353 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
22:53:52.0131 4884 NvStreamSvc - ok
22:53:52.0204 4884 [ 415695F5A54E91E869EEBFEA261361A6 ] nvsvc C:\Windows\system32\nvvsvc.exe
22:53:52.0271 4884 nvsvc - ok
22:53:52.0362 4884 [ 10DEF604B1929D9515969E1CAE7D250A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
22:53:52.0407 4884 nvUpdatusService - ok
22:53:52.0461 4884 [ 31B16657118E439B77B0A527F7EA66CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
22:53:52.0476 4884 nvvad_WaveExtensible - ok
22:53:52.0520 4884 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
22:53:52.0560 4884 nv_agp - ok
22:53:52.0584 4884 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
22:53:52.0601 4884 ohci1394 - ok
22:53:52.0649 4884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
22:53:52.0717 4884 p2pimsvc - ok
22:53:52.0780 4884 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
22:53:52.0819 4884 p2psvc - ok
22:53:52.0873 4884 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
22:53:52.0911 4884 Parport - ok
22:53:52.0944 4884 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
22:53:52.0971 4884 partmgr - ok
22:53:52.0979 4884 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
22:53:53.0004 4884 PcaSvc - ok
22:53:53.0029 4884 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
22:53:53.0059 4884 pci - ok
22:53:53.0065 4884 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
22:53:53.0085 4884 pciide - ok
22:53:53.0091 4884 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
22:53:53.0111 4884 pcmcia - ok
22:53:53.0116 4884 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
22:53:53.0131 4884 pcw - ok
22:53:53.0141 4884 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
22:53:53.0211 4884 PEAUTH - ok
22:53:53.0452 4884 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
22:53:53.0505 4884 PerfHost - ok
22:53:53.0580 4884 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
22:53:53.0677 4884 pla - ok
22:53:53.0741 4884 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
22:53:53.0905 4884 PlugPlay - ok
22:53:53.0974 4884 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
22:53:54.0058 4884 PNRPAutoReg - ok
22:53:54.0068 4884 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
22:53:54.0088 4884 PNRPsvc - ok
22:53:54.0107 4884 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
22:53:54.0147 4884 PolicyAgent - ok
22:53:54.0162 4884 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
22:53:54.0192 4884 Power - ok
22:53:54.0235 4884 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
22:53:54.0271 4884 PptpMiniport - ok
22:53:54.0278 4884 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
22:53:54.0314 4884 Processor - ok
22:53:54.0351 4884 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
22:53:54.0374 4884 ProfSvc - ok
22:53:54.0394 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
22:53:54.0404 4884 ProtectedStorage - ok
22:53:54.0445 4884 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
22:53:54.0510 4884 Psched - ok
22:53:54.0543 4884 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
22:53:54.0609 4884 ql2300 - ok
22:53:54.0631 4884 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
22:53:54.0649 4884 ql40xx - ok
22:53:54.0686 4884 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
22:53:54.0715 4884 QWAVE - ok
22:53:54.0720 4884 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
22:53:54.0756 4884 QWAVEdrv - ok
22:53:54.0760 4884 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
22:53:54.0791 4884 RasAcd - ok
22:53:54.0814 4884 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
22:53:54.0848 4884 RasAgileVpn - ok
22:53:54.0872 4884 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
22:53:54.0932 4884 RasAuto - ok
22:53:54.0953 4884 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
22:53:54.0989 4884 Rasl2tp - ok
22:53:55.0011 4884 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
22:53:55.0071 4884 RasMan - ok
22:53:55.0097 4884 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
22:53:55.0133 4884 RasPppoe - ok
22:53:55.0143 4884 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
22:53:55.0199 4884 RasSstp - ok
22:53:55.0235 4884 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
22:53:55.0295 4884 rdbss - ok
22:53:55.0299 4884 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
22:53:55.0316 4884 rdpbus - ok
22:53:55.0320 4884 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
22:53:55.0351 4884 RDPCDD - ok
22:53:55.0368 4884 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
22:53:55.0404 4884 RDPENCDD - ok
22:53:55.0410 4884 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
22:53:55.0441 4884 RDPREFMP - ok
22:53:55.0465 4884 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
22:53:55.0498 4884 RDPWD - ok
22:53:55.0516 4884 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
22:53:55.0535 4884 rdyboost - ok
22:53:55.0576 4884 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
22:53:55.0665 4884 RemoteAccess - ok
22:53:55.0705 4884 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
22:53:55.0754 4884 RemoteRegistry - ok
22:53:55.0765 4884 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
22:53:55.0807 4884 RpcEptMapper - ok
22:53:55.0832 4884 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
22:53:55.0846 4884 RpcLocator - ok
22:53:55.0863 4884 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
22:53:55.0897 4884 RpcSs - ok
22:53:55.0945 4884 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
22:53:56.0039 4884 rspndr - ok
22:53:56.0097 4884 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
22:53:56.0158 4884 RTL8167 - ok
22:53:56.0176 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
22:53:56.0185 4884 SamSs - ok
22:53:56.0191 4884 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
22:53:56.0208 4884 sbp2port - ok
22:53:56.0232 4884 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
22:53:56.0274 4884 SCardSvr - ok
22:53:56.0279 4884 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
22:53:56.0321 4884 scfilter - ok
22:53:56.0351 4884 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
22:53:56.0380 4884 Schedule - ok
22:53:56.0400 4884 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
22:53:56.0429 4884 SCPolicySvc - ok
22:53:56.0444 4884 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
22:53:56.0496 4884 SDRSVC - ok
22:53:56.0551 4884 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
22:53:56.0604 4884 secdrv - ok
22:53:56.0619 4884 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
22:53:56.0658 4884 seclogon - ok
22:53:56.0672 4884 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
22:53:56.0714 4884 SENS - ok
22:53:56.0725 4884 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
22:53:56.0770 4884 SensrSvc - ok
22:53:56.0774 4884 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
22:53:56.0804 4884 Serenum - ok
22:53:56.0829 4884 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
22:53:56.0864 4884 Serial - ok
22:53:56.0869 4884 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
22:53:56.0883 4884 sermouse - ok
22:53:56.0908 4884 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
22:53:56.0938 4884 SessionEnv - ok
22:53:56.0963 4884 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
22:53:56.0985 4884 sffdisk - ok
22:53:57.0011 4884 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
22:53:57.0024 4884 sffp_mmc - ok
22:53:57.0034 4884 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
22:53:57.0060 4884 sffp_sd - ok
22:53:57.0080 4884 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
22:53:57.0110 4884 sfloppy - ok
22:53:57.0126 4884 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
22:53:57.0173 4884 SharedAccess - ok
22:53:57.0202 4884 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
22:53:57.0234 4884 ShellHWDetection - ok
22:53:57.0242 4884 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
22:53:57.0257 4884 SiSRaid2 - ok
22:53:57.0283 4884 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
22:53:57.0299 4884 SiSRaid4 - ok
22:53:57.0389 4884 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
22:53:57.0434 4884 SkypeUpdate - ok
22:53:57.0478 4884 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
22:53:57.0574 4884 Smb - ok
22:53:57.0616 4884 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
22:53:57.0646 4884 SNMPTRAP - ok
22:53:57.0669 4884 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
22:53:57.0686 4884 spldr - ok
22:53:57.0719 4884 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
22:53:57.0747 4884 Spooler - ok
22:53:57.0820 4884 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
22:53:57.0917 4884 sppsvc - ok
22:53:57.0927 4884 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
22:53:57.0959 4884 sppuinotify - ok
22:53:57.0979 4884 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
22:53:58.0015 4884 srv - ok
22:53:58.0037 4884 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
22:53:58.0063 4884 srv2 - ok
22:53:58.0092 4884 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
22:53:58.0111 4884 srvnet - ok
22:53:58.0151 4884 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
22:53:58.0196 4884 SSDPSRV - ok
22:53:58.0218 4884 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
22:53:58.0247 4884 SstpSvc - ok
22:53:58.0341 4884 [ DB0768632C680B7C0D3AA92D80416893 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
22:53:58.0370 4884 Steam Client Service - ok
22:53:58.0446 4884 [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
22:53:58.0475 4884 Stereo Service - ok
22:53:58.0524 4884 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
22:53:58.0543 4884 stexstor - ok
22:53:58.0586 4884 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
22:53:58.0607 4884 stisvc - ok
22:53:58.0612 4884 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
22:53:58.0625 4884 swenum - ok
22:53:58.0652 4884 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
22:53:58.0687 4884 swprv - ok
22:53:58.0720 4884 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
22:53:58.0787 4884 SysMain - ok
22:53:58.0805 4884 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
22:53:58.0845 4884 TabletInputService - ok
22:53:58.0873 4884 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
22:53:58.0926 4884 TapiSrv - ok
22:53:58.0938 4884 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
22:53:58.0968 4884 TBS - ok
22:53:59.0042 4884 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
22:53:59.0140 4884 Tcpip - ok
22:53:59.0200 4884 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
22:53:59.0240 4884 TCPIP6 - ok
22:53:59.0275 4884 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
22:53:59.0308 4884 tcpipreg - ok
22:53:59.0314 4884 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
22:53:59.0373 4884 TDPIPE - ok
22:53:59.0407 4884 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
22:53:59.0436 4884 TDTCP - ok
22:53:59.0463 4884 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
22:53:59.0535 4884 tdx - ok
22:53:59.0539 4884 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
22:53:59.0555 4884 TermDD - ok
22:53:59.0600 4884 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
22:53:59.0700 4884 TermService - ok
22:53:59.0726 4884 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
22:53:59.0777 4884 Themes - ok
22:53:59.0798 4884 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
22:53:59.0840 4884 THREADORDER - ok
22:53:59.0862 4884 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
22:53:59.0912 4884 TrkWks - ok
22:53:59.0960 4884 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
22:53:59.0996 4884 TrustedInstaller - ok
22:54:00.0047 4884 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
22:54:00.0120 4884 tssecsrv - ok
22:54:00.0150 4884 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
22:54:00.0194 4884 tunnel - ok
22:54:00.0218 4884 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
22:54:00.0233 4884 uagp35 - ok
22:54:00.0243 4884 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
22:54:00.0282 4884 udfs - ok
22:54:00.0322 4884 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
22:54:00.0360 4884 UI0Detect - ok
22:54:00.0365 4884 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
22:54:00.0381 4884 uliagpkx - ok
22:54:00.0385 4884 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
22:54:00.0400 4884 umbus - ok
22:54:00.0405 4884 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
22:54:00.0418 4884 UmPass - ok
22:54:00.0438 4884 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
22:54:00.0471 4884 upnphost - ok
22:54:00.0476 4884 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
22:54:00.0492 4884 usbccgp - ok
22:54:00.0541 4884 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
22:54:00.0625 4884 usbcir - ok
22:54:00.0635 4884 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
22:54:00.0658 4884 usbehci - ok
22:54:00.0666 4884 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
22:54:00.0693 4884 usbhub - ok
22:54:00.0698 4884 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
22:54:00.0712 4884 usbohci - ok
22:54:00.0727 4884 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
22:54:00.0743 4884 usbprint - ok
22:54:00.0748 4884 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
22:54:00.0765 4884 USBSTOR - ok
22:54:00.0769 4884 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
22:54:00.0783 4884 usbuhci - ok
22:54:00.0820 4884 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
22:54:00.0875 4884 UxSms - ok
22:54:00.0896 4884 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
22:54:00.0906 4884 VaultSvc - ok
22:54:00.0910 4884 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
22:54:00.0924 4884 vdrvroot - ok
22:54:00.0951 4884 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
22:54:00.0977 4884 vds - ok
22:54:00.0981 4884 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
22:54:00.0997 4884 vga - ok
22:54:01.0001 4884 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
22:54:01.0041 4884 VgaSave - ok
22:54:01.0064 4884 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
22:54:01.0084 4884 vhdmp - ok
22:54:01.0088 4884 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
22:54:01.0102 4884 viaide - ok
22:54:01.0107 4884 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
22:54:01.0123 4884 volmgr - ok
22:54:01.0131 4884 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
22:54:01.0155 4884 volmgrx - ok
22:54:01.0197 4884 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
22:54:01.0219 4884 volsnap - ok
22:54:01.0240 4884 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
22:54:01.0257 4884 vsmraid - ok
22:54:01.0343 4884 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
22:54:01.0396 4884 VSS - ok
22:54:01.0401 4884 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
22:54:01.0417 4884 vwifibus - ok
22:54:01.0424 4884 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
22:54:01.0458 4884 W32Time - ok
22:54:01.0464 4884 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
22:54:01.0494 4884 WacomPen - ok
22:54:01.0518 4884 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
22:54:01.0559 4884 WANARP - ok
22:54:01.0563 4884 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
22:54:01.0592 4884 Wanarpv6 - ok
22:54:01.0616 4884 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
22:54:01.0683 4884 wbengine - ok
22:54:01.0690 4884 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
22:54:01.0718 4884 WbioSrvc - ok
22:54:01.0745 4884 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
22:54:01.0808 4884 wcncsvc - ok
22:54:01.0834 4884 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
22:54:01.0884 4884 WcsPlugInService - ok
22:54:01.0934 4884 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
22:54:01.0949 4884 Wd - ok
22:54:01.0991 4884 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
22:54:02.0026 4884 Wdf01000 - ok
22:54:02.0046 4884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
22:54:02.0066 4884 WdiServiceHost - ok
22:54:02.0070 4884 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
22:54:02.0085 4884 WdiSystemHost - ok
22:54:02.0116 4884 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
22:54:02.0162 4884 WebClient - ok
22:54:02.0181 4884 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
22:54:02.0230 4884 Wecsvc - ok
22:54:02.0241 4884 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
22:54:02.0280 4884 wercplsupport - ok
22:54:02.0295 4884 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
22:54:02.0324 4884 WerSvc - ok
22:54:02.0359 4884 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
22:54:02.0390 4884 WfpLwf - ok
22:54:02.0414 4884 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
22:54:02.0429 4884 WIMMount - ok
22:54:02.0434 4884 WinDefend - ok
22:54:02.0441 4884 WinHttpAutoProxySvc - ok
22:54:02.0567 4884 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
22:54:02.0617 4884 Winmgmt - ok
22:54:02.0687 4884 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
22:54:02.0772 4884 WinRM - ok
22:54:02.0815 4884 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
22:54:02.0839 4884 Wlansvc - ok
22:54:02.0876 4884 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
22:54:02.0885 4884 WmiAcpi - ok
22:54:02.0932 4884 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
22:54:03.0000 4884 wmiApSrv - ok
22:54:03.0031 4884 WMPNetworkSvc - ok
22:54:03.0056 4884 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
22:54:03.0091 4884 WPCSvc - ok
22:54:03.0101 4884 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
22:54:03.0139 4884 WPDBusEnum - ok
22:54:03.0168 4884 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
22:54:03.0231 4884 ws2ifsl - ok
22:54:03.0255 4884 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
22:54:03.0278 4884 wscsvc - ok
22:54:03.0282 4884 WSearch - ok
22:54:03.0334 4884 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
22:54:03.0396 4884 wuauserv - ok
22:54:03.0431 4884 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
22:54:03.0462 4884 WudfPf - ok
22:54:03.0494 4884 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
22:54:03.0513 4884 WUDFRd - ok
22:54:03.0532 4884 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
22:54:03.0564 4884 wudfsvc - ok
22:54:03.0594 4884 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
22:54:03.0623 4884 WwanSvc - ok
22:54:03.0642 4884 ================ Scan global ===============================
22:54:03.0665 4884 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
22:54:03.0690 4884 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
22:54:03.0696 4884 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
22:54:03.0729 4884 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
22:54:03.0756 4884 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
22:54:03.0760 4884 [Global] - ok
22:54:03.0760 4884 ================ Scan MBR ==================================
22:54:03.0816 4884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:54:04.0024 4884 \Device\Harddisk0\DR0 - ok
22:54:04.0040 4884 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
22:54:04.0235 4884 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
22:54:04.0235 4884 \Device\Harddisk1\DR1 - detected TDSS File System (1)
22:54:04.0236 4884 ================ Scan VBR ==================================
22:54:04.0243 4884 [ F6890B1844799C656F6186F1F106D376 ] \Device\Harddisk0\DR0\Partition1
22:54:04.0246 4884 \Device\Harddisk0\DR0\Partition1 - ok
22:54:04.0288 4884 [ FA422F2A84B55D1A2E0D110F8475A109 ] \Device\Harddisk1\DR1\Partition1
22:54:04.0290 4884 \Device\Harddisk1\DR1\Partition1 - ok
22:54:04.0301 4884 [ BC3004533B711D72802E1E48BAF1803E ] \Device\Harddisk1\DR1\Partition2
22:54:04.0303 4884 \Device\Harddisk1\DR1\Partition2 - ok
22:54:04.0303 4884 ============================================================
22:54:04.0303 4884 Scan finished
22:54:04.0303 4884 ============================================================
22:54:04.0315 4752 Detected object count: 1
22:54:04.0315 4752 Actual detected object count: 1
22:54:16.0664 4752 \Device\Harddisk1\DR1 ( TDSS File System ) - skipped by user
22:54:16.0664 4752 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Skip
22:54:42.0169 3844 Deinitialize success
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-10-2013
Ran by FR at 2013-10-31 22:57:43
Running from C:\Users\FR\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Adobe Flash Player 11 Plugin (x32 Version: 11.9.900.117)
Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Avira Free Antivirus (x32 Version: 14.0.0.411)
BitTorrent (HKCU Version: 7.8.2.30265)
CCleaner (Version: 4.07)
DivX-Setup (x32 Version: 2.6.1.84)
GeForce Experience NvStream Client Components (Version: 1.6.28)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended (Version: 4.0.30319)
Microsoft .NET Framework 4 Extended DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
Mozilla Firefox 25.0 (x86 de) (x32 Version: 25.0)
Mozilla Maintenance Service (x32 Version: 24.1.0)
Mozilla Thunderbird 24.1.0 (x86 de) (x32 Version: 24.1.0)
NVIDIA 3D Vision Controller-Treiber 331.65 (Version: 331.65)
NVIDIA 3D Vision Treiber 331.65 (Version: 331.65)
NVIDIA GeForce Experience 1.7 (Version: 1.7)
NVIDIA Grafiktreiber 331.65 (Version: 331.65)
NVIDIA HD-Audiotreiber 1.3.26.4 (Version: 1.3.26.4)
NVIDIA Install Application (Version: 2.1002.140.952)
NVIDIA LED Visualizer 1.0 (Version: 1.0)
NVIDIA Optimus 9.3.16 (Version: 9.3.16)
NVIDIA PhysX (x32 Version: 9.12.1031)
NVIDIA ShadowPlay 9.3.16 (Version: 9.3.16)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3165)
NVIDIA Systemsteuerung 331.65 (Version: 331.65)
NVIDIA Update 9.3.16 (Version: 9.3.16)
NVIDIA Update Components (Version: 9.3.16)
NVIDIA Virtual Audio 1.2.9 (Version: 1.2.9)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
SHIELD Streaming (Version: 1.6.34)
Skype™ 6.10 (x32 Version: 6.10.104)
Steam (x32 Version: 1.0.0.0)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0)
==================== Restore Points =========================
31-10-2013 10:48:23 Windows Update
31-10-2013 10:53:35 Windows Update
31-10-2013 11:18:17 Windows Update
31-10-2013 11:24:45 Windows Update
31-10-2013 11:58:28 Windows Update
31-10-2013 13:23:06 Windows Update
31-10-2013 13:44:05 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
31-10-2013 13:45:30 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
31-10-2013 13:46:48 OpenOffice 4.0.1 wird installiert
31-10-2013 15:16:19 DirectX wurde installiert
==================== Hosts content: ==========================
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: {245C15B2-FB08-44F7-B663-CF94D0D489A6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-22] (Piriform Ltd)
Task: {36900367-C339-475F-9E20-9B70867F5E9C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-31] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Loaded Modules (whitelisted) =============
2013-10-31 12:04 - 2013-10-10 19:14 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-24 09:45 - 2013-10-24 18:45 - 00691200 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2013-10-30 11:25 - 2013-10-30 20:25 - 01123240 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2013-10-23 12:07 - 2013-10-23 21:07 - 20625832 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 01100800 _____ () C:\Program Files (x86)\Steam\bin\avcodec-53.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00124416 _____ () C:\Program Files (x86)\Steam\bin\avutil-51.dll
2013-06-14 15:49 - 2013-06-15 00:49 - 00192000 _____ () C:\Program Files (x86)\Steam\bin\avformat-53.dll
2013-08-29 01:25 - 2013-08-29 01:25 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2013-10-31 11:58 - 2013-10-26 02:53 - 03368048 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2013-10-31 15:15 - 2013-10-31 15:15 - 16233864 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"1".
Die abhängige Assemblierung "Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"" konnte nicht gefunden werden.
Verwenden Sie für eine detaillierte Diagnose das Programm "sxstrace.exe".
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (10/31/2013 01:38:32 PM) (Source: MsiInstaller) (User: FR-PC)
Description: Produkt: Adobe Reader XI (11.0.04) - Deutsch - Update "Adobe Reader XI (11.0.04)" konnte nicht installiert werden. Fehlercode 1603. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (10/31/2013 01:33:05 PM) (Source: MsiInstaller) (User: FR-PC)
Description: Produkt: Adobe Reader XI (11.0.04) - Deutsch -- Fehler 1935. An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BA35C93D}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32"
Error: (10/31/2013 00:42:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: sched.exe, Version: 14.0.0.335, Zeitstempel: 0x523c403b
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x75006a64
ID des fehlerhaften Prozesses: 0x98c
Startzeit der fehlerhaften Anwendung: 0xsched.exe0
Pfad der fehlerhaften Anwendung: sched.exe1
Pfad des fehlerhaften Moduls: sched.exe2
Berichtskennung: sched.exe3
Error: (10/31/2013 00:42:27 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: daemonu.exe, Version: 9.3.16.0, Zeitstempel: 0x525f66c3
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x75006a64
ID des fehlerhaften Prozesses: 0xb70
Startzeit der fehlerhaften Anwendung: 0xdaemonu.exe0
Pfad der fehlerhaften Anwendung: daemonu.exe1
Pfad des fehlerhaften Moduls: daemonu.exe2
Berichtskennung: daemonu.exe3
System errors:
=============
Error: (10/31/2013 08:32:18 PM) (Source: EventLog) (User: )
Description: Das System wurde zuvor am 31.10.2013 um 20:21:02 unerwartet heruntergefahren.
Error: (10/31/2013 08:29:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:28:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:27:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:26:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:25:32 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:24:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:24:25 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioSrv erreicht.
Error: (10/31/2013 08:23:55 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst eventlog erreicht.
Error: (10/31/2013 08:23:25 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Warten auf eine Transaktionsrückmeldung von Dienst AudioSrv erreicht.
Microsoft Office Sessions:
=========================
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXPropertyHandler.dll
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\DivXThumbnailProvider.dll
Error: (10/31/2013 03:14:40 PM) (Source: SideBySide)(User: )
Description: Microsoft.VC80.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.6195"C:\Program Files\DivX\DivX Plus Media Foundation Components\ACMWrapperDMO.dll
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD initialization failed [6]
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
Error: (10/31/2013 02:16:15 PM) (Source: NvStreamSvc)(User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
Error: (10/31/2013 01:38:32 PM) (Source: MsiInstaller)(User: FR-PC)
Description: Adobe Reader XI (11.0.04) - DeutschAdobe Reader XI (11.0.04)1603(NULL)(NULL)(NULL)
Error: (10/31/2013 01:33:05 PM) (Source: MsiInstaller)(User: FR-PC)
Description: Produkt: Adobe Reader XI (11.0.04) - Deutsch -- Fehler 1935. An error occurred during the installation of assembly component {B708EB72-AA82-3EB7-8BB0-D845BA35C93D}. HRESULT: 0x80070BC9. assembly interface: IAssemblyCacheItem, function: Commit, assembly name: Microsoft.VC90.CRT,version="9.0.21022.8",publicKeyToken="1fc8b3b9a1e18e3b",processorArchitecture="x86",type="win32"(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (10/31/2013 00:42:31 PM) (Source: Application Error)(User: )
Description: sched.exe14.0.0.335523c403bunknown0.0.0.000000000c000000575006a6498c01ced62e48ca840cC:\Program Files (x86)\Avira\AntiVir Desktop\sched.exeunknown86770eec-4221-11e3-81fb-00241ddd799b
Error: (10/31/2013 00:42:27 PM) (Source: Application Error)(User: )
Description: daemonu.exe9.3.16.0525f66c3unknown0.0.0.000000000c000000575006a64b7001ced62c88ab139aC:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exeunknown84076665-4221-11e3-81fb-00241ddd799b
==================== Memory info ===========================
Percentage of memory in use: 21%
Total physical RAM: 8189.55 MB
Available physical RAM: 6446.64 MB
Total Pagefile: 16377.25 MB
Available Pagefile: 14123.13 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.66 GB) (Free:273.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive k: () (Fixed) (Total:931.51 GB) (Free:803.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 1797B102)
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 1BFA1443)
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1040 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3
==================== End Of Log ============================
|
|
31.10.2013, 23:20
| #4 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Das FRST-Logfile ist leider zu groß zum posten, daher habe ich es als .zip angehängt . Mit freundlichen Grüßen, Fabian |
|
31.10.2013, 23:23
| #5 |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Hallo Fabian, dann mach bitte so weiter: Schritt 1 Starte bitte TDSSkiller.exe. Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
Schritt 2 Lade dir ListParts (von Farbar) herunter und speichere es auf den Desktop.
__________________ cheers, Leo |
|
01.11.2013, 11:09
| #6 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden TDSSKiller Code:
ATTFilter 09:54:37.0579 2304 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
09:55:27.0910 2304 ============================================================
09:55:27.0910 2304 Current date / time: 2013/11/01 09:55:27.0910
09:55:27.0910 2304 SystemInfo:
09:55:27.0910 2304
09:55:27.0910 2304 OS Version: 6.1.7600 ServicePack: 0.0
09:55:27.0910 2304 Product type: Workstation
09:55:27.0911 2304 ComputerName: FR-PC
09:55:27.0911 2304 UserName: FR
09:55:27.0911 2304 Windows directory: C:\Windows
09:55:27.0911 2304 System windows directory: C:\Windows
09:55:27.0911 2304 Running under WOW64
09:55:27.0911 2304 Processor architecture: Intel x64
09:55:27.0911 2304 Number of processors: 4
09:55:27.0911 2304 Page size: 0x1000
09:55:27.0911 2304 Boot type: Normal boot
09:55:27.0911 2304 ============================================================
09:55:29.0361 2304 Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:55:29.0428 2304 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xFC59, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xF0, Type 'K0', Flags 0x00000040
09:55:29.0464 2304 ============================================================
09:55:29.0464 2304 \Device\Harddisk0\DR0:
09:55:29.0464 2304 MBR partitions:
09:55:29.0464 2304 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
09:55:29.0465 2304 \Device\Harddisk1\DR1:
09:55:29.0465 2304 MBR partitions:
09:55:29.0465 2304 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:55:29.0465 2304 \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
09:55:29.0465 2304 ============================================================
09:55:29.0496 2304 C: <-> \Device\Harddisk1\DR1\Partition2
09:55:29.0522 2304 D: <-> \Device\Harddisk1\DR1\Partition1
09:55:29.0539 2304 K: <-> \Device\Harddisk0\DR0\Partition1
09:55:29.0540 2304 ============================================================
09:55:29.0540 2304 Initialize success
09:55:29.0540 2304 ============================================================
09:56:12.0861 4900 ============================================================
09:56:12.0861 4900 Scan started
09:56:12.0861 4900 Mode: Manual; SigCheck; TDLFS;
09:56:12.0861 4900 ============================================================
09:56:13.0916 4900 ================ Scan system memory ========================
09:56:13.0917 4900 System memory - ok
09:56:13.0918 4900 ================ Scan services =============================
09:56:14.0348 4900 [ 1B00662092F9F9568B995902F0CC40D5 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
09:56:14.0422 4900 1394ohci - ok
09:56:14.0441 4900 [ 6F11E88748CDEFD2F76AA215F97DDFE5 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
09:56:14.0455 4900 ACPI - ok
09:56:14.0473 4900 [ 63B05A0420CE4BF0E4AF6DCC7CADA254 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
09:56:14.0485 4900 AcpiPmi - ok
09:56:14.0598 4900 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:56:14.0632 4900 AdobeARMservice - ok
09:56:14.0891 4900 [ A283108E14F3970432C21AF4C0CB1BCE ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:56:14.0925 4900 AdobeFlashPlayerUpdateSvc - ok
09:56:14.0981 4900 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
09:56:15.0025 4900 adp94xx - ok
09:56:15.0037 4900 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
09:56:15.0054 4900 adpahci - ok
09:56:15.0060 4900 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
09:56:15.0071 4900 adpu320 - ok
09:56:15.0094 4900 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
09:56:15.0123 4900 AeLookupSvc - ok
09:56:15.0171 4900 [ DB9D6C6B2CD95A9CA414D045B627422E ] AFD C:\Windows\system32\drivers\afd.sys
09:56:15.0206 4900 AFD - ok
09:56:15.0232 4900 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
09:56:15.0245 4900 agp440 - ok
09:56:15.0250 4900 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
09:56:15.0263 4900 ALG - ok
09:56:15.0267 4900 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
09:56:15.0276 4900 aliide - ok
09:56:15.0280 4900 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\DRIVERS\amdide.sys
09:56:15.0290 4900 amdide - ok
09:56:15.0295 4900 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
09:56:15.0304 4900 AmdK8 - ok
09:56:15.0309 4900 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
09:56:15.0319 4900 AmdPPM - ok
09:56:15.0324 4900 [ 7A4B413614C055935567CF88A9734D38 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
09:56:15.0335 4900 amdsata - ok
09:56:15.0341 4900 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
09:56:15.0352 4900 amdsbs - ok
09:56:15.0357 4900 [ B4AD0CACBAB298671DD6F6EF7E20679D ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
09:56:15.0367 4900 amdxata - ok
09:56:15.0500 4900 [ 3478F48B23A0D9F6EADD4A2405BA70EF ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
09:56:15.0535 4900 AntiVirSchedulerService - ok
09:56:15.0581 4900 [ AFFE7C21A4FCA1963371F10066911D3A ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
09:56:15.0593 4900 AntiVirService - ok
09:56:15.0622 4900 [ 59A16E5DEA0EDBEF76EA40C4E6FE597D ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
09:56:15.0643 4900 AntiVirWebService - ok
09:56:15.0682 4900 [ 42FD751B27FA0E9C69BB39F39E409594 ] AppID C:\Windows\system32\drivers\appid.sys
09:56:15.0696 4900 AppID - ok
09:56:15.0722 4900 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
09:56:15.0749 4900 AppIDSvc - ok
09:56:15.0754 4900 [ D065BE66822847B7F127D1F90158376E ] Appinfo C:\Windows\System32\appinfo.dll
09:56:15.0764 4900 Appinfo - ok
09:56:15.0795 4900 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
09:56:15.0805 4900 arc - ok
09:56:15.0810 4900 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
09:56:15.0820 4900 arcsas - ok
09:56:16.0080 4900 [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:56:16.0105 4900 aspnet_state - ok
09:56:16.0136 4900 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
09:56:16.0173 4900 AsyncMac - ok
09:56:16.0185 4900 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\DRIVERS\atapi.sys
09:56:16.0195 4900 atapi - ok
09:56:16.0231 4900 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:56:16.0265 4900 AudioEndpointBuilder - ok
09:56:16.0274 4900 [ 07721A77180EDD4D39CCB865BF63C7FD ] AudioSrv C:\Windows\System32\Audiosrv.dll
09:56:16.0308 4900 AudioSrv - ok
09:56:16.0343 4900 [ 29F9901C22E7BFE23DF8389AFC530D3D ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
09:56:16.0377 4900 avgntflt - ok
09:56:16.0406 4900 [ 033CA7F2EABD7EFDC482FE45DD7E1B60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
09:56:16.0419 4900 avipbb - ok
09:56:16.0432 4900 [ 390184FAD8FCC1B6DA25AEBAE928C3B6 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
09:56:16.0444 4900 avkmgr - ok
09:56:16.0454 4900 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
09:56:16.0467 4900 avnetflt - ok
09:56:16.0501 4900 [ B20B5FA5CA050E9926E4D1DB81501B32 ] AxInstSV C:\Windows\System32\AxInstSV.dll
09:56:16.0519 4900 AxInstSV - ok
09:56:16.0569 4900 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
09:56:16.0595 4900 b06bdrv - ok
09:56:16.0635 4900 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
09:56:16.0649 4900 b57nd60a - ok
09:56:16.0670 4900 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
09:56:16.0680 4900 BDESVC - ok
09:56:16.0684 4900 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
09:56:16.0712 4900 Beep - ok
09:56:16.0742 4900 [ 4992C609A6315671463E30F6512BC022 ] BFE C:\Windows\System32\bfe.dll
09:56:16.0776 4900 BFE - ok
09:56:16.0815 4900 [ 7F0C323FE3DA28AA4AA1BDA3F575707F ] BITS C:\Windows\System32\qmgr.dll
09:56:16.0851 4900 BITS - ok
09:56:16.0868 4900 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
09:56:16.0877 4900 blbdrive - ok
09:56:16.0906 4900 [ 19D20159708E152267E53B66677A4995 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
09:56:16.0928 4900 bowser - ok
09:56:16.0938 4900 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
09:56:16.0957 4900 BrFiltLo - ok
09:56:16.0963 4900 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
09:56:16.0977 4900 BrFiltUp - ok
09:56:16.0998 4900 [ 6B054C67AAA87843504E8E3C09102009 ] Browser C:\Windows\System32\browser.dll
09:56:17.0009 4900 Browser - ok
09:56:17.0033 4900 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
09:56:17.0045 4900 Brserid - ok
09:56:17.0050 4900 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
09:56:17.0062 4900 BrSerWdm - ok
09:56:17.0066 4900 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
09:56:17.0077 4900 BrUsbMdm - ok
09:56:17.0081 4900 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
09:56:17.0091 4900 BrUsbSer - ok
09:56:17.0095 4900 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
09:56:17.0107 4900 BTHMODEM - ok
09:56:17.0126 4900 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
09:56:17.0155 4900 bthserv - ok
09:56:17.0190 4900 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
09:56:17.0218 4900 cdfs - ok
09:56:17.0238 4900 [ 83D2D75E1EFB81B3450C18131443F7DB ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
09:56:17.0248 4900 cdrom - ok
09:56:17.0259 4900 [ 312E2F82AF11E79906898AC3E3D58A1F ] CertPropSvc C:\Windows\System32\certprop.dll
09:56:17.0287 4900 CertPropSvc - ok
09:56:17.0291 4900 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
09:56:17.0303 4900 circlass - ok
09:56:17.0370 4900 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
09:56:17.0414 4900 CLFS - ok
09:56:17.0549 4900 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:56:17.0575 4900 clr_optimization_v2.0.50727_32 - ok
09:56:17.0702 4900 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:56:17.0726 4900 clr_optimization_v2.0.50727_64 - ok
09:56:17.0975 4900 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:56:18.0004 4900 clr_optimization_v4.0.30319_32 - ok
09:56:18.0015 4900 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:56:18.0044 4900 clr_optimization_v4.0.30319_64 - ok
09:56:18.0096 4900 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
09:56:18.0111 4900 CmBatt - ok
09:56:18.0117 4900 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
09:56:18.0132 4900 cmdide - ok
09:56:18.0166 4900 [ CA7720B73446FDDEC5C69519C1174C98 ] CNG C:\Windows\system32\Drivers\cng.sys
09:56:18.0186 4900 CNG - ok
09:56:18.0191 4900 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
09:56:18.0200 4900 Compbatt - ok
09:56:18.0234 4900 [ F26B3A86F6FA87CA360B879581AB4123 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
09:56:18.0264 4900 CompositeBus - ok
09:56:18.0287 4900 COMSysApp - ok
09:56:18.0293 4900 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
09:56:18.0305 4900 crcdisk - ok
09:56:18.0348 4900 [ BAF19B633933A9FB4883D27D66C39E9A ] CryptSvc C:\Windows\system32\cryptsvc.dll
09:56:18.0361 4900 CryptSvc - ok
09:56:18.0395 4900 [ 7266972E86890E2B30C0C322E906B027 ] DcomLaunch C:\Windows\system32\rpcss.dll
09:56:18.0431 4900 DcomLaunch - ok
09:56:18.0457 4900 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
09:56:18.0488 4900 defragsvc - ok
09:56:18.0508 4900 [ 9C253CE7311CA60FC11C774692A13208 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
09:56:18.0518 4900 DfsC - ok
09:56:18.0543 4900 [ CE3B9562D997F69B330D181A8875960F ] Dhcp C:\Windows\system32\dhcpcore.dll
09:56:18.0558 4900 Dhcp - ok
09:56:18.0588 4900 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
09:56:18.0641 4900 discache - ok
09:56:18.0651 4900 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
09:56:18.0661 4900 Disk - ok
09:56:18.0694 4900 [ 85CF424C74A1D5EC33533E1DBFF9920A ] Dnscache C:\Windows\System32\dnsrslvr.dll
09:56:18.0705 4900 Dnscache - ok
09:56:18.0729 4900 [ 14452ACDB09B70964C8C21BF80A13ACB ] dot3svc C:\Windows\System32\dot3svc.dll
09:56:18.0759 4900 dot3svc - ok
09:56:18.0772 4900 [ 8C2BA6BEA949EE6E68385F5692BAFB94 ] DPS C:\Windows\system32\dps.dll
09:56:18.0802 4900 DPS - ok
09:56:18.0845 4900 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
09:56:18.0881 4900 drmkaud - ok
09:56:18.0933 4900 [ 1633B9ABF52784A1331476397A48CBEF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
09:56:18.0976 4900 DXGKrnl - ok
09:56:19.0000 4900 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
09:56:19.0029 4900 EapHost - ok
09:56:19.0136 4900 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
09:56:19.0178 4900 ebdrv - ok
09:56:19.0215 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] EFS C:\Windows\System32\lsass.exe
09:56:19.0236 4900 EFS - ok
09:56:19.0362 4900 [ 47C071994C3F649F23D9CD075AC9304A ] ehRecvr C:\Windows\ehome\ehRecvr.exe
09:56:19.0405 4900 ehRecvr - ok
09:56:19.0439 4900 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
09:56:19.0456 4900 ehSched - ok
09:56:19.0538 4900 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
09:56:19.0569 4900 elxstor - ok
09:56:19.0575 4900 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
09:56:19.0586 4900 ErrDev - ok
09:56:19.0641 4900 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
09:56:19.0673 4900 EventSystem - ok
09:56:19.0706 4900 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
09:56:19.0758 4900 exfat - ok
09:56:19.0764 4900 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
09:56:19.0794 4900 fastfat - ok
09:56:19.0830 4900 [ D607B2F1BEE3992AA6C2C92C0A2F0855 ] Fax C:\Windows\system32\fxssvc.exe
09:56:19.0865 4900 Fax - ok
09:56:19.0872 4900 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
09:56:19.0885 4900 fdc - ok
09:56:19.0930 4900 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
09:56:19.0958 4900 fdPHost - ok
09:56:19.0962 4900 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
09:56:19.0990 4900 FDResPub - ok
09:56:19.0995 4900 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
09:56:20.0005 4900 FileInfo - ok
09:56:20.0009 4900 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
09:56:20.0037 4900 Filetrace - ok
09:56:20.0041 4900 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
09:56:20.0051 4900 flpydisk - ok
09:56:20.0058 4900 [ F7866AF72ABBAF84B1FA5AA195378C59 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
09:56:20.0071 4900 FltMgr - ok
09:56:20.0174 4900 [ BC00505CFDA789ED3BE95D2FF38C4875 ] FontCache C:\Windows\system32\FntCache.dll
09:56:20.0209 4900 FontCache - ok
09:56:20.0251 4900 [ 8D89E3131C27FDD6932189CB785E1B7A ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:56:20.0259 4900 FontCache3.0.0.0 - ok
09:56:20.0263 4900 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
09:56:20.0273 4900 FsDepends - ok
09:56:20.0299 4900 [ D3E3F93D67821A2DB2B3D9FAC2DC2064 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
09:56:20.0309 4900 Fs_Rec - ok
09:56:20.0354 4900 [ 1F44F8559E61A8306ECC67BB1E168B7C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
09:56:20.0391 4900 fvevol - ok
09:56:20.0432 4900 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
09:56:20.0448 4900 gagp30kx - ok
09:56:20.0494 4900 [ FE5AB4525BC2EC68B9119A6E5D40128B ] gpsvc C:\Windows\System32\gpsvc.dll
09:56:20.0520 4900 gpsvc - ok
09:56:20.0548 4900 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
09:56:20.0557 4900 hcw85cir - ok
09:56:20.0599 4900 [ 6410F6F415B2A5A9037224C41DA8BF12 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:56:20.0635 4900 HdAudAddService - ok
09:56:20.0656 4900 [ 0A49913402747A0B67DE940FB42CBDBB ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
09:56:20.0672 4900 HDAudBus - ok
09:56:20.0677 4900 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
09:56:20.0689 4900 HidBatt - ok
09:56:20.0694 4900 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
09:56:20.0706 4900 HidBth - ok
09:56:20.0710 4900 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
09:56:20.0722 4900 HidIr - ok
09:56:20.0743 4900 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\system32\hidserv.dll
09:56:20.0771 4900 hidserv - ok
09:56:20.0808 4900 [ B3BF6B5B50006DEF50B66306D99FCF6F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
09:56:20.0833 4900 HidUsb - ok
09:56:20.0865 4900 [ EFA58EDE58DD74388FFD04CB32681518 ] hkmsvc C:\Windows\system32\kmsvc.dll
09:56:20.0908 4900 hkmsvc - ok
09:56:20.0919 4900 [ 046B2673767CA626E2CFB7FDF735E9E8 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:56:20.0931 4900 HomeGroupListener - ok
09:56:20.0959 4900 [ 06A7422224D9865A5613710A089987DF ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:56:20.0991 4900 HomeGroupProvider - ok
09:56:20.0996 4900 [ 0886D440058F203EBA0E1825E4355914 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
09:56:21.0009 4900 HpSAMD - ok
09:56:21.0068 4900 [ CEE049CAC4EFA7F4E1E4AD014414A5D4 ] HTTP C:\Windows\system32\drivers\HTTP.sys
09:56:21.0160 4900 HTTP - ok
09:56:21.0166 4900 [ F17766A19145F111856378DF337A5D79 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
09:56:21.0177 4900 hwpolicy - ok
09:56:21.0192 4900 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
09:56:21.0202 4900 i8042prt - ok
09:56:21.0211 4900 [ D83EFB6FD45DF9D55E9A1AFC63640D50 ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
09:56:21.0225 4900 iaStorV - ok
09:56:21.0314 4900 [ 2F2BE70D3E02B6FA877921AB9516D43C ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:56:21.0359 4900 idsvc - ok
09:56:21.0364 4900 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
09:56:21.0377 4900 iirsp - ok
09:56:21.0417 4900 [ C5B4683680DF085B57BC53E5EF34861F ] IKEEXT C:\Windows\System32\ikeext.dll
09:56:21.0481 4900 IKEEXT - ok
09:56:21.0487 4900 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\DRIVERS\intelide.sys
09:56:21.0497 4900 intelide - ok
09:56:21.0501 4900 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
09:56:21.0512 4900 intelppm - ok
09:56:21.0523 4900 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
09:56:21.0552 4900 IPBusEnum - ok
09:56:21.0557 4900 [ 722DD294DF62483CECAAE6E094B4D695 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:56:21.0586 4900 IpFilterDriver - ok
09:56:21.0604 4900 [ F8E058D17363EC580E4B7232778B6CB5 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
09:56:21.0638 4900 iphlpsvc - ok
09:56:21.0643 4900 [ E2B4A4494DB7CB9B89B55CA268C337C5 ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
09:56:21.0653 4900 IPMIDRV - ok
09:56:21.0705 4900 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
09:56:21.0762 4900 IPNAT - ok
09:56:21.0767 4900 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
09:56:21.0781 4900 IRENUM - ok
09:56:21.0785 4900 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
09:56:21.0794 4900 isapnp - ok
09:56:21.0818 4900 [ FA4D2557DE56D45B0A346F93564BE6E1 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
09:56:21.0830 4900 iScsiPrt - ok
09:56:21.0853 4900 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
09:56:21.0863 4900 kbdclass - ok
09:56:21.0868 4900 [ 6DEF98F8541E1B5DCEB2C822A11F7323 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
09:56:21.0877 4900 kbdhid - ok
09:56:21.0896 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] KeyIso C:\Windows\system32\lsass.exe
09:56:21.0906 4900 KeyIso - ok
09:56:21.0941 4900 [ 4F4B5FDE429416877DE7143044582EB5 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
09:56:21.0952 4900 KSecDD - ok
09:56:21.0974 4900 [ 6F40465A44ECDC1731BEFAFEC5BDD03C ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
09:56:21.0985 4900 KSecPkg - ok
09:56:21.0989 4900 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
09:56:22.0017 4900 ksthunk - ok
09:56:22.0046 4900 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
09:56:22.0077 4900 KtmRm - ok
09:56:22.0099 4900 [ 81F1D04D4D0E433099365127375FD501 ] LanmanServer C:\Windows\system32\srvsvc.dll
09:56:22.0111 4900 LanmanServer - ok
09:56:22.0144 4900 [ 27026EAC8818E8A6C00A1CAD2F11D29A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:56:22.0174 4900 LanmanWorkstation - ok
09:56:22.0192 4900 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
09:56:22.0222 4900 lltdio - ok
09:56:22.0246 4900 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
09:56:22.0277 4900 lltdsvc - ok
09:56:22.0282 4900 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
09:56:22.0310 4900 lmhosts - ok
09:56:22.0350 4900 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
09:56:22.0361 4900 LSI_FC - ok
09:56:22.0366 4900 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
09:56:22.0377 4900 LSI_SAS - ok
09:56:22.0412 4900 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
09:56:22.0422 4900 LSI_SAS2 - ok
09:56:22.0427 4900 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
09:56:22.0438 4900 LSI_SCSI - ok
09:56:22.0442 4900 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
09:56:22.0472 4900 luafv - ok
09:56:22.0533 4900 [ E5ECF40E5FD459141E5F6685FFD51804 ] Lycosa C:\Windows\system32\drivers\Lycosa.sys
09:56:22.0555 4900 Lycosa - ok
09:56:22.0586 4900 [ F84C8F1000BC11E3B7B23CBD3BAFF111 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
09:56:22.0603 4900 Mcx2Svc - ok
09:56:22.0609 4900 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
09:56:22.0619 4900 megasas - ok
09:56:22.0626 4900 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
09:56:22.0639 4900 MegaSR - ok
09:56:22.0697 4900 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
09:56:22.0756 4900 MMCSS - ok
09:56:22.0762 4900 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
09:56:22.0790 4900 Modem - ok
09:56:22.0805 4900 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
09:56:22.0817 4900 monitor - ok
09:56:22.0821 4900 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
09:56:22.0831 4900 mouclass - ok
09:56:22.0835 4900 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
09:56:22.0845 4900 mouhid - ok
09:56:22.0850 4900 [ 791AF66C4D0E7C90A3646066386FB571 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
09:56:22.0860 4900 mountmgr - ok
09:56:22.0915 4900 [ 5D494509432897338AFC19DB78A76DCB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:56:22.0946 4900 MozillaMaintenance - ok
09:56:22.0954 4900 [ 609D1D87649ECC19796F4D76D4C15CEA ] mpio C:\Windows\system32\DRIVERS\mpio.sys
09:56:22.0972 4900 mpio - ok
09:56:22.0977 4900 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
09:56:23.0006 4900 mpsdrv - ok
09:56:23.0037 4900 [ AECAB449567D1846DAD63ECE49E893E3 ] MpsSvc C:\Windows\system32\mpssvc.dll
09:56:23.0073 4900 MpsSvc - ok
09:56:23.0078 4900 [ 30524261BB51D96D6FCBAC20C810183C ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
09:56:23.0092 4900 MRxDAV - ok
09:56:23.0116 4900 [ 040D62A9D8AD28922632137ACDD984F2 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
09:56:23.0126 4900 mrxsmb - ok
09:56:23.0139 4900 [ F0067552F8F9B33D7C59403AB808A3CB ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:56:23.0151 4900 mrxsmb10 - ok
09:56:23.0164 4900 [ 3C142D31DE9F2F193218A53FE2632051 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:56:23.0174 4900 mrxsmb20 - ok
09:56:23.0179 4900 [ 5C37497276E3B3A5488B23A326A754B7 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
09:56:23.0188 4900 msahci - ok
09:56:23.0194 4900 [ 8D27B597229AED79430FB9DB3BCBFBD0 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
09:56:23.0205 4900 msdsm - ok
09:56:23.0252 4900 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
09:56:23.0280 4900 MSDTC - ok
09:56:23.0292 4900 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
09:56:23.0324 4900 Msfs - ok
09:56:23.0328 4900 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
09:56:23.0356 4900 mshidkmdf - ok
09:56:23.0360 4900 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
09:56:23.0369 4900 msisadrv - ok
09:56:23.0390 4900 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
09:56:23.0419 4900 MSiSCSI - ok
09:56:23.0423 4900 msiserver - ok
09:56:23.0438 4900 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
09:56:23.0466 4900 MSKSSRV - ok
09:56:23.0470 4900 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
09:56:23.0499 4900 MSPCLOCK - ok
09:56:23.0506 4900 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
09:56:23.0534 4900 MSPQM - ok
09:56:23.0541 4900 [ 89CB141AA8616D8C6A4610FA26C60964 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
09:56:23.0555 4900 MsRPC - ok
09:56:23.0562 4900 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
09:56:23.0572 4900 mssmbios - ok
09:56:23.0577 4900 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
09:56:23.0605 4900 MSTEE - ok
09:56:23.0609 4900 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
09:56:23.0618 4900 MTConfig - ok
09:56:23.0642 4900 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
09:56:23.0652 4900 Mup - ok
09:56:23.0687 4900 [ 4987E079A4530FA737A128BE54B63B12 ] napagent C:\Windows\system32\qagentRT.dll
09:56:23.0719 4900 napagent - ok
09:56:23.0768 4900 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
09:56:23.0814 4900 NativeWifiP - ok
09:56:23.0839 4900 [ CAD515DBD07D082BB317D9928CE8962C ] NDIS C:\Windows\system32\drivers\ndis.sys
09:56:23.0873 4900 NDIS - ok
09:56:23.0878 4900 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
09:56:23.0906 4900 NdisCap - ok
09:56:23.0910 4900 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
09:56:23.0938 4900 NdisTapi - ok
09:56:23.0961 4900 [ F105BA1E22BF1F2EE8F005D4305E4BEC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
09:56:23.0989 4900 Ndisuio - ok
09:56:23.0995 4900 [ 557DFAB9CA1FCB036AC77564C010DAD3 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
09:56:24.0025 4900 NdisWan - ok
09:56:24.0029 4900 [ 659B74FB74B86228D6338D643CD3E3CF ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
09:56:24.0058 4900 NDProxy - ok
09:56:24.0062 4900 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
09:56:24.0090 4900 NetBIOS - ok
09:56:24.0099 4900 [ 9162B273A44AB9DCE5B44362731D062A ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
09:56:24.0129 4900 NetBT - ok
09:56:24.0144 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] Netlogon C:\Windows\system32\lsass.exe
09:56:24.0154 4900 Netlogon - ok
09:56:24.0193 4900 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
09:56:24.0225 4900 Netman - ok
09:56:24.0281 4900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:24.0310 4900 NetMsmqActivator - ok
09:56:24.0330 4900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:24.0355 4900 NetPipeActivator - ok
09:56:24.0369 4900 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
09:56:24.0404 4900 netprofm - ok
09:56:24.0409 4900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:24.0418 4900 NetTcpActivator - ok
09:56:24.0422 4900 [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:56:24.0432 4900 NetTcpPortSharing - ok
09:56:24.0445 4900 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
09:56:24.0455 4900 nfrd960 - ok
09:56:24.0510 4900 [ D9A0CE66046D6EFA0C61BAA885CBA0A8 ] NlaSvc C:\Windows\System32\nlasvc.dll
09:56:24.0568 4900 NlaSvc - ok
09:56:24.0572 4900 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
09:56:24.0600 4900 Npfs - ok
09:56:24.0614 4900 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
09:56:24.0642 4900 nsi - ok
09:56:24.0646 4900 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
09:56:24.0674 4900 nsiproxy - ok
09:56:24.0745 4900 [ 9A6089B056EA1B83B36424FC9D0A300E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
09:56:24.0799 4900 Ntfs - ok
09:56:24.0815 4900 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
09:56:24.0843 4900 Null - ok
09:56:24.0890 4900 [ 554964B900AE2954B8B589B6287034AC ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
09:56:24.0902 4900 NVHDA - ok
09:56:25.0153 4900 [ E71E299FF15390E585BACF2C18F55078 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:56:25.0313 4900 nvlddmkm - ok
09:56:25.0335 4900 [ 3E38712941E9BB4DDBEE00AFFE3FED3D ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
09:56:25.0346 4900 nvraid - ok
09:56:25.0351 4900 [ 477DC4D6DEB99BE37084C9AC6D013DA1 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
09:56:25.0362 4900 nvstor - ok
09:56:25.0728 4900 [ 99BC3E05B906F359901647EF852EF353 ] NvStreamSvc C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
09:56:25.0917 4900 NvStreamSvc - ok
09:56:25.0983 4900 [ 415695F5A54E91E869EEBFEA261361A6 ] nvsvc C:\Windows\system32\nvvsvc.exe
09:56:26.0020 4900 nvsvc - ok
09:56:26.0121 4900 [ 10DEF604B1929D9515969E1CAE7D250A ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
09:56:26.0186 4900 nvUpdatusService - ok
09:56:26.0216 4900 [ 31B16657118E439B77B0A527F7EA66CB ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:56:26.0225 4900 nvvad_WaveExtensible - ok
09:56:26.0241 4900 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
09:56:26.0252 4900 nv_agp - ok
09:56:26.0256 4900 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
09:56:26.0267 4900 ohci1394 - ok
09:56:26.0314 4900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
09:56:26.0343 4900 p2pimsvc - ok
09:56:26.0365 4900 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
09:56:26.0387 4900 p2psvc - ok
09:56:26.0420 4900 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
09:56:26.0448 4900 Parport - ok
09:56:26.0474 4900 [ 90061B1ACFE8CCAA5345750FFE08D8B8 ] partmgr C:\Windows\system32\drivers\partmgr.sys
09:56:26.0487 4900 partmgr - ok
09:56:26.0493 4900 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
09:56:26.0513 4900 PcaSvc - ok
09:56:26.0518 4900 [ F36F6504009F2FB0DFD1B17A116AD74B ] pci C:\Windows\system32\DRIVERS\pci.sys
09:56:26.0530 4900 pci - ok
09:56:26.0534 4900 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\DRIVERS\pciide.sys
09:56:26.0543 4900 pciide - ok
09:56:26.0584 4900 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
09:56:26.0612 4900 pcmcia - ok
09:56:26.0618 4900 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
09:56:26.0636 4900 pcw - ok
09:56:26.0648 4900 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
09:56:26.0687 4900 PEAUTH - ok
09:56:26.0974 4900 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
09:56:27.0007 4900 PerfHost - ok
09:56:27.0092 4900 [ 557E9A86F65F0DE18C9B6751DFE9D3F1 ] pla C:\Windows\system32\pla.dll
09:56:27.0153 4900 pla - ok
09:56:27.0211 4900 [ 98B1721B8718164293B9701B98C52D77 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
09:56:27.0240 4900 PlugPlay - ok
09:56:27.0254 4900 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
09:56:27.0266 4900 PNRPAutoReg - ok
09:56:27.0274 4900 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
09:56:27.0290 4900 PNRPsvc - ok
09:56:27.0320 4900 [ 166EB40D1F5B47E615DE3D0FFFE5F243 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
09:56:27.0380 4900 PolicyAgent - ok
09:56:27.0392 4900 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
09:56:27.0426 4900 Power - ok
09:56:27.0465 4900 [ 27CC19E81BA5E3403C48302127BDA717 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
09:56:27.0494 4900 PptpMiniport - ok
09:56:27.0508 4900 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
09:56:27.0524 4900 Processor - ok
09:56:27.0589 4900 [ 97293447431311C06703368AD0F6C4BE ] ProfSvc C:\Windows\system32\profsvc.dll
09:56:27.0623 4900 ProfSvc - ok
09:56:27.0641 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] ProtectedStorage C:\Windows\system32\lsass.exe
09:56:27.0653 4900 ProtectedStorage - ok
09:56:27.0691 4900 [ EE992183BD8EAEFD9973F352E587A299 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
09:56:27.0728 4900 Psched - ok
09:56:27.0765 4900 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
09:56:27.0793 4900 ql2300 - ok
09:56:27.0827 4900 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
09:56:27.0838 4900 ql40xx - ok
09:56:27.0891 4900 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
09:56:27.0928 4900 QWAVE - ok
09:56:27.0934 4900 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
09:56:27.0951 4900 QWAVEdrv - ok
09:56:27.0955 4900 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
09:56:27.0983 4900 RasAcd - ok
09:56:28.0053 4900 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
09:56:28.0106 4900 RasAgileVpn - ok
09:56:28.0127 4900 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
09:56:28.0156 4900 RasAuto - ok
09:56:28.0216 4900 [ 87A6E852A22991580D6D39ADC4790463 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
09:56:28.0281 4900 Rasl2tp - ok
09:56:28.0394 4900 [ 47394ED3D16D053F5906EFE5AB51CC83 ] RasMan C:\Windows\System32\rasmans.dll
09:56:28.0463 4900 RasMan - ok
09:56:28.0468 4900 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
09:56:28.0497 4900 RasPppoe - ok
09:56:28.0516 4900 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
09:56:28.0545 4900 RasSstp - ok
09:56:28.0553 4900 [ 3BAC8142102C15D59A87757C1D41DCE5 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
09:56:28.0583 4900 rdbss - ok
09:56:28.0588 4900 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
09:56:28.0599 4900 rdpbus - ok
09:56:28.0603 4900 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
09:56:28.0632 4900 RDPCDD - ok
09:56:28.0656 4900 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
09:56:28.0684 4900 RDPENCDD - ok
09:56:28.0690 4900 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
09:56:28.0719 4900 RDPREFMP - ok
09:56:28.0745 4900 [ 447DE7E3DEA39D422C1504F245B668B1 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
09:56:28.0756 4900 RDPWD - ok
09:56:28.0762 4900 [ 634B9A2181D98F15941236886164EC8B ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
09:56:28.0774 4900 rdyboost - ok
09:56:28.0821 4900 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
09:56:28.0883 4900 RemoteAccess - ok
09:56:28.0902 4900 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
09:56:28.0932 4900 RemoteRegistry - ok
09:56:28.0945 4900 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
09:56:28.0974 4900 RpcEptMapper - ok
09:56:28.0988 4900 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
09:56:28.0998 4900 RpcLocator - ok
09:56:29.0018 4900 [ 7266972E86890E2B30C0C322E906B027 ] RpcSs C:\Windows\system32\rpcss.dll
09:56:29.0051 4900 RpcSs - ok
09:56:29.0100 4900 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
09:56:29.0155 4900 rspndr - ok
09:56:29.0209 4900 [ ABCB5A38A0D85BDF69B7877E1AD1EED5 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
09:56:29.0263 4900 RTL8167 - ok
09:56:29.0289 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] SamSs C:\Windows\system32\lsass.exe
09:56:29.0320 4900 SamSs - ok
09:56:29.0332 4900 [ E3BBB89983DAF5622C1D50CF49F28227 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
09:56:29.0350 4900 sbp2port - ok
09:56:29.0371 4900 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
09:56:29.0401 4900 SCardSvr - ok
09:56:29.0406 4900 [ C94DA20C7E3BA1DCA269BC8460D98387 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
09:56:29.0435 4900 scfilter - ok
09:56:29.0464 4900 [ 624D0F5FF99428BB90A5B8A4123E918E ] Schedule C:\Windows\system32\schedsvc.dll
09:56:29.0484 4900 Schedule - ok
09:56:29.0505 4900 [ 312E2F82AF11E79906898AC3E3D58A1F ] SCPolicySvc C:\Windows\System32\certprop.dll
09:56:29.0534 4900 SCPolicySvc - ok
09:56:29.0584 4900 [ 765A27C3279CE11D14CB9E4F5869FCA5 ] SDRSVC C:\Windows\System32\SDRSVC.dll
09:56:29.0610 4900 SDRSVC - ok
09:56:29.0648 4900 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
09:56:29.0694 4900 secdrv - ok
09:56:29.0716 4900 [ 463B386EBC70F98DA5DFF85F7E654346 ] seclogon C:\Windows\system32\seclogon.dll
09:56:29.0745 4900 seclogon - ok
09:56:29.0752 4900 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\System32\sens.dll
09:56:29.0781 4900 SENS - ok
09:56:29.0788 4900 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
09:56:29.0798 4900 SensrSvc - ok
09:56:29.0802 4900 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
09:56:29.0812 4900 Serenum - ok
09:56:29.0817 4900 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
09:56:29.0827 4900 Serial - ok
09:56:29.0831 4900 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
09:56:29.0841 4900 sermouse - ok
09:56:29.0853 4900 [ C3BC61CE47FF6F4E88AB8A3B429A36AF ] SessionEnv C:\Windows\system32\sessenv.dll
09:56:29.0882 4900 SessionEnv - ok
09:56:29.0918 4900 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
09:56:29.0927 4900 sffdisk - ok
09:56:29.0950 4900 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
09:56:29.0959 4900 sffp_mmc - ok
09:56:29.0973 4900 [ 178298F767FE638C9FEDCBDEF58BB5E4 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
09:56:29.0981 4900 sffp_sd - ok
09:56:29.0985 4900 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
09:56:29.0995 4900 sfloppy - ok
09:56:30.0043 4900 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
09:56:30.0105 4900 SharedAccess - ok
09:56:30.0133 4900 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:56:30.0150 4900 ShellHWDetection - ok
09:56:30.0172 4900 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
09:56:30.0182 4900 SiSRaid2 - ok
09:56:30.0187 4900 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
09:56:30.0197 4900 SiSRaid4 - ok
09:56:30.0286 4900 [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
09:56:30.0325 4900 SkypeUpdate - ok
09:56:30.0343 4900 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
09:56:30.0380 4900 Smb - ok
09:56:30.0413 4900 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
09:56:30.0424 4900 SNMPTRAP - ok
09:56:30.0428 4900 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
09:56:30.0438 4900 spldr - ok
09:56:30.0487 4900 [ 567977DC43CC13C4C35ED7084C0B84D5 ] Spooler C:\Windows\System32\spoolsv.exe
09:56:30.0533 4900 Spooler - ok
09:56:30.0604 4900 [ 913D843498553A1BC8F8DBAD6358E49F ] sppsvc C:\Windows\system32\sppsvc.exe
09:56:30.0650 4900 sppsvc - ok
09:56:30.0656 4900 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
09:56:30.0685 4900 sppuinotify - ok
09:56:30.0701 4900 [ 2408C0366D96BCDF63E8F1C78E4A29C5 ] srv C:\Windows\system32\DRIVERS\srv.sys
09:56:30.0714 4900 srv - ok
09:56:30.0726 4900 [ 76548F7B818881B47D8D1AE1BE9C11F8 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
09:56:30.0738 4900 srv2 - ok
09:56:30.0774 4900 [ 0AF6E19D39C70844C5CAA8FB0183C36E ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
09:56:30.0803 4900 srvnet - ok
09:56:30.0824 4900 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
09:56:30.0862 4900 SSDPSRV - ok
09:56:30.0868 4900 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
09:56:30.0898 4900 SstpSvc - ok
09:56:31.0001 4900 [ DB0768632C680B7C0D3AA92D80416893 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:56:31.0044 4900 Steam Client Service - ok
09:56:31.0122 4900 [ A9D26626BEADF5A0641BF6B5095EF309 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:56:31.0163 4900 Stereo Service - ok
09:56:31.0213 4900 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
09:56:31.0229 4900 stexstor - ok
09:56:31.0277 4900 [ 52D0E33B681BD0F33FDC08812FEE4F7D ] stisvc C:\Windows\System32\wiaservc.dll
09:56:31.0307 4900 stisvc - ok
09:56:31.0313 4900 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
09:56:31.0322 4900 swenum - ok
09:56:31.0349 4900 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
09:56:31.0383 4900 swprv - ok
09:56:31.0417 4900 [ 3C1284516A62078FB68F768DE4F1A7BE ] SysMain C:\Windows\system32\sysmain.dll
09:56:31.0447 4900 SysMain - ok
09:56:31.0460 4900 [ 238935C3CF2854886DC7CBB2A0E2CC66 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:56:31.0474 4900 TabletInputService - ok
09:56:31.0487 4900 [ 884264AC597B690C5707C89723BB8E7B ] TapiSrv C:\Windows\System32\tapisrv.dll
09:56:31.0518 4900 TapiSrv - ok
09:56:31.0527 4900 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
09:56:31.0556 4900 TBS - ok
09:56:31.0615 4900 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] Tcpip C:\Windows\system32\drivers\tcpip.sys
09:56:31.0647 4900 Tcpip - ok
09:56:31.0690 4900 [ 5CFB7AB8F9524D1A1E14369DE63B83CC ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
09:56:31.0722 4900 TCPIP6 - ok
09:56:31.0756 4900 [ 76D078AF6F587B162D50210F761EB9ED ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
09:56:31.0784 4900 tcpipreg - ok
09:56:31.0791 4900 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
09:56:31.0800 4900 TDPIPE - ok
09:56:31.0838 4900 [ 7518F7BCFD4B308ABC9192BACAF6C970 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
09:56:31.0847 4900 TDTCP - ok
09:56:31.0852 4900 [ 079125C4B17B01FCAEEBCE0BCB290C0F ] tdx C:\Windows\system32\DRIVERS\tdx.sys
09:56:31.0881 4900 tdx - ok
09:56:31.0885 4900 [ C448651339196C0E869A355171875522 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
09:56:31.0895 4900 TermDD - ok
09:56:31.0934 4900 [ 0F05EC2887BFE197AD82A13287D2F404 ] TermService C:\Windows\System32\termsrv.dll
09:56:31.0968 4900 TermService - ok
09:56:31.0982 4900 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
09:56:31.0995 4900 Themes - ok
09:56:32.0020 4900 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
09:56:32.0049 4900 THREADORDER - ok
09:56:32.0068 4900 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
09:56:32.0097 4900 TrkWks - ok
09:56:32.0158 4900 [ 840F7FB849F5887A49BA18C13B2DA920 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:56:32.0186 4900 TrustedInstaller - ok
09:56:32.0236 4900 [ 61B96C26131E37B24E93327A0BD1FB95 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
09:56:32.0290 4900 tssecsrv - ok
09:56:32.0314 4900 [ 3836171A2CDF3AF8EF10856DB9835A70 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
09:56:32.0343 4900 tunnel - ok
09:56:32.0347 4900 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
09:56:32.0358 4900 uagp35 - ok
09:56:32.0365 4900 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB ] udfs C:\Windows\system32\DRIVERS\udfs.sys
09:56:32.0396 4900 udfs - ok
09:56:32.0420 4900 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
09:56:32.0431 4900 UI0Detect - ok
09:56:32.0450 4900 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
09:56:32.0460 4900 uliagpkx - ok
09:56:32.0464 4900 [ EAB6C35E62B1B0DB0D1B48B671D3A117 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
09:56:32.0474 4900 umbus - ok
09:56:32.0478 4900 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
09:56:32.0488 4900 UmPass - ok
09:56:32.0532 4900 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
09:56:32.0564 4900 upnphost - ok
09:56:32.0570 4900 [ B26AFB54A534D634523C4FB66765B026 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
09:56:32.0580 4900 usbccgp - ok
09:56:32.0596 4900 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
09:56:32.0608 4900 usbcir - ok
09:56:32.0613 4900 [ 2EA4AFF7BE7EB4632E3AA8595B0803B5 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
09:56:32.0623 4900 usbehci - ok
09:56:32.0630 4900 [ 4C9042B8DF86C1E8E6240C218B99B39B ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
09:56:32.0643 4900 usbhub - ok
09:56:32.0647 4900 [ 58E546BBAF87664FC57E0F6081E4F609 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
09:56:32.0657 4900 usbohci - ok
09:56:32.0661 4900 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
09:56:32.0673 4900 usbprint - ok
09:56:32.0729 4900 [ 080D3820DA6C046BE82FC8B45A893E83 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:56:32.0760 4900 USBSTOR - ok
09:56:32.0769 4900 [ 81FB2216D3A60D1284455D511797DB3D ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
09:56:32.0788 4900 usbuhci - ok
09:56:32.0826 4900 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
09:56:32.0863 4900 UxSms - ok
09:56:32.0885 4900 [ 156F6159457D0AA7E59B62681B56EB90 ] VaultSvc C:\Windows\system32\lsass.exe
09:56:32.0895 4900 VaultSvc - ok
09:56:32.0899 4900 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
09:56:32.0909 4900 vdrvroot - ok
09:56:32.0932 4900 [ 44D73E0BBC1D3C8981304BA15135C2F2 ] vds C:\Windows\System32\vds.exe
09:56:32.0948 4900 vds - ok
09:56:32.0952 4900 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
09:56:32.0964 4900 vga - ok
09:56:32.0968 4900 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
09:56:32.0997 4900 VgaSave - ok
09:56:33.0003 4900 [ C82E748660F62A242B2DFAC1442F22A4 ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
09:56:33.0015 4900 vhdmp - ok
09:56:33.0019 4900 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
09:56:33.0028 4900 viaide - ok
09:56:33.0033 4900 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
09:56:33.0043 4900 volmgr - ok
09:56:33.0068 4900 [ 99B0CBB569CA79ACAED8C91461D765FB ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
09:56:33.0082 4900 volmgrx - ok
09:56:33.0131 4900 [ 9E425AC5C9A5A973273D169F43B4F5E1 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
09:56:33.0156 4900 volsnap - ok
09:56:33.0180 4900 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
09:56:33.0199 4900 vsmraid - ok
09:56:33.0228 4900 [ 787898BF9FB6D7BD87A36E2D95C899BA ] VSS C:\Windows\system32\vssvc.exe
09:56:33.0253 4900 VSS - ok
09:56:33.0257 4900 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
09:56:33.0269 4900 vwifibus - ok
09:56:33.0277 4900 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
09:56:33.0309 4900 W32Time - ok
09:56:33.0338 4900 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
09:56:33.0347 4900 WacomPen - ok
09:56:33.0352 4900 [ 47CA49400643EFFD3F1C9A27E1D69324 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
09:56:33.0381 4900 WANARP - ok
09:56:33.0404 4900 [ 47CA49400643EFFD3F1C9A27E1D69324 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
09:56:33.0432 4900 Wanarpv6 - ok
09:56:33.0464 4900 [ 5AB1BB85BD8B5089CC5D64200DEDAE68 ] wbengine C:\Windows\system32\wbengine.exe
09:56:33.0487 4900 wbengine - ok
09:56:33.0494 4900 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
09:56:33.0510 4900 WbioSrvc - ok
09:56:33.0535 4900 [ DD1BAE8EBFC653824D29CCF8C9054D68 ] wcncsvc C:\Windows\System32\wcncsvc.dll
09:56:33.0548 4900 wcncsvc - ok
09:56:33.0566 4900 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:56:33.0576 4900 WcsPlugInService - ok
09:56:33.0581 4900 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
09:56:33.0590 4900 Wd - ok
09:56:33.0631 4900 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
09:56:33.0652 4900 Wdf01000 - ok
09:56:33.0670 4900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
09:56:33.0685 4900 WdiServiceHost - ok
09:56:33.0688 4900 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
09:56:33.0703 4900 WdiSystemHost - ok
09:56:33.0739 4900 [ 733006127F235BE7C35354EBEE7B9A7B ] WebClient C:\Windows\System32\webclnt.dll
09:56:33.0773 4900 WebClient - ok
09:56:33.0797 4900 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
09:56:33.0841 4900 Wecsvc - ok
09:56:33.0848 4900 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
09:56:33.0877 4900 wercplsupport - ok
09:56:33.0893 4900 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
09:56:33.0922 4900 WerSvc - ok
09:56:33.0949 4900 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
09:56:33.0977 4900 WfpLwf - ok
09:56:33.0996 4900 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
09:56:34.0006 4900 WIMMount - ok
09:56:34.0016 4900 WinDefend - ok
09:56:34.0023 4900 WinHttpAutoProxySvc - ok
09:56:34.0142 4900 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
09:56:34.0196 4900 Winmgmt - ok
09:56:34.0283 4900 [ 41FBB751936B387F9179E7F03A74FE29 ] WinRM C:\Windows\system32\WsmSvc.dll
09:56:34.0340 4900 WinRM - ok
09:56:34.0396 4900 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
09:56:34.0418 4900 Wlansvc - ok
09:56:34.0457 4900 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
09:56:34.0481 4900 WmiAcpi - ok
09:56:34.0525 4900 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
09:56:34.0544 4900 wmiApSrv - ok
09:56:34.0580 4900 WMPNetworkSvc - ok
09:56:34.0604 4900 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
09:56:34.0635 4900 WPCSvc - ok
09:56:34.0644 4900 [ 2E57DDF2880A7E52E76F41C7E96D327B ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
09:56:34.0658 4900 WPDBusEnum - ok
09:56:34.0663 4900 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
09:56:34.0692 4900 ws2ifsl - ok
09:56:34.0720 4900 [ 8F9F3969933C02DA96EB0F84576DB43E ] wscsvc C:\Windows\System32\wscsvc.dll
09:56:34.0731 4900 wscsvc - ok
09:56:34.0735 4900 WSearch - ok
09:56:34.0791 4900 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
09:56:34.0830 4900 wuauserv - ok
09:56:34.0863 4900 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
09:56:34.0873 4900 WudfPf - ok
09:56:34.0909 4900 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
09:56:34.0939 4900 WUDFRd - ok
09:56:34.0957 4900 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
09:56:34.0980 4900 wudfsvc - ok
09:56:35.0018 4900 [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc C:\Windows\System32\wwansvc.dll
09:56:35.0044 4900 WwanSvc - ok
09:56:35.0058 4900 ================ Scan global ===============================
09:56:35.0081 4900 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
09:56:35.0106 4900 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
09:56:35.0115 4900 [ 3FB74FF230B5D240A57AE1C4A3D0459D ] C:\Windows\system32\winsrv.dll
09:56:35.0144 4900 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
09:56:35.0181 4900 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
09:56:35.0189 4900 [Global] - ok
09:56:35.0190 4900 ================ Scan MBR ==================================
09:56:35.0196 4900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:56:35.0400 4900 \Device\Harddisk0\DR0 - ok
09:56:35.0422 4900 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:56:35.0683 4900 \Device\Harddisk1\DR1 ( TDSS File System ) - warning
09:56:35.0683 4900 \Device\Harddisk1\DR1 - detected TDSS File System (1)
09:56:35.0684 4900 ================ Scan VBR ==================================
09:56:35.0691 4900 [ F6890B1844799C656F6186F1F106D376 ] \Device\Harddisk0\DR0\Partition1
09:56:35.0694 4900 \Device\Harddisk0\DR0\Partition1 - ok
09:56:35.0728 4900 [ FA422F2A84B55D1A2E0D110F8475A109 ] \Device\Harddisk1\DR1\Partition1
09:56:35.0732 4900 \Device\Harddisk1\DR1\Partition1 - ok
09:56:35.0741 4900 [ BC3004533B711D72802E1E48BAF1803E ] \Device\Harddisk1\DR1\Partition2
09:56:35.0745 4900 \Device\Harddisk1\DR1\Partition2 - ok
09:56:35.0746 4900 ============================================================
09:56:35.0746 4900 Scan finished
09:56:35.0746 4900 ============================================================
09:56:35.0768 4288 Detected object count: 1
09:56:35.0768 4288 Actual detected object count: 1
09:56:44.0676 4288 \Device\Harddisk1\DR1\TDLFS\mbr - copied to quarantine
09:56:44.0679 4288 \Device\Harddisk1\DR1\TDLFS\vbr - copied to quarantine
09:56:44.0701 4288 \Device\Harddisk1\DR1\TDLFS\bid - copied to quarantine
09:56:44.0703 4288 \Device\Harddisk1\DR1\TDLFS\affid - copied to quarantine
09:56:44.0705 4288 \Device\Harddisk1\DR1\TDLFS\boot - copied to quarantine
09:56:44.0709 4288 \Device\Harddisk1\DR1\TDLFS\cmd32 - copied to quarantine
09:56:44.0712 4288 \Device\Harddisk1\DR1\TDLFS\cmd64 - copied to quarantine
09:56:44.0715 4288 \Device\Harddisk1\DR1\TDLFS\dbg32 - copied to quarantine
09:56:44.0718 4288 \Device\Harddisk1\DR1\TDLFS\dbg64 - copied to quarantine
09:56:44.0722 4288 \Device\Harddisk1\DR1\TDLFS\drv32 - copied to quarantine
09:56:44.0724 4288 \Device\Harddisk1\DR1\TDLFS\drv64 - copied to quarantine
09:56:44.0727 4288 \Device\Harddisk1\DR1\TDLFS\ldr32 - copied to quarantine
09:56:44.0729 4288 \Device\Harddisk1\DR1\TDLFS\ldr64 - copied to quarantine
09:56:44.0732 4288 \Device\Harddisk1\DR1\TDLFS\subid - copied to quarantine
09:56:44.0734 4288 \Device\Harddisk1\DR1\TDLFS\info - copied to quarantine
09:56:44.0737 4288 \Device\Harddisk1\DR1\TDLFS\mainfb.script - copied to quarantine
09:56:44.0768 4288 \Device\Harddisk1\DR1\TDLFS\com64 - copied to quarantine
09:56:44.0770 4288 \Device\Harddisk1\DR1\TDLFS\serf_conf - copied to quarantine
09:56:44.0784 4288 \Device\Harddisk1\DR1\TDLFS\bbr232 - copied to quarantine
09:56:44.0791 4288 \Device\Harddisk1\DR1\TDLFS\bbr264 - copied to quarantine
09:56:44.0797 4288 \Device\Harddisk1\DR1\TDLFS\serf332 - copied to quarantine
09:56:44.0805 4288 \Device\Harddisk1\DR1\TDLFS\serf364 - copied to quarantine
09:56:44.0821 4288 \Device\Harddisk1\DR1\TDLFS\bbr_conf - copied to quarantine
09:56:44.0824 4288 \Device\Harddisk1\DR1\TDLFS\main - copied to quarantine
09:56:44.0825 4288 \Device\Harddisk1\DR1\TDLFS - deleted
09:56:44.0825 4288 \Device\Harddisk1\DR1 ( TDSS File System ) - User select action: Delete
09:56:55.0808 2596 Deinitialize success
Code:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by FR (administrator) on 01-11-2013 at 11:06:17
Windows 7 (X64)
Running From: C:\Users\FR\Desktop
Language: 0407
************************************************************
========================= Memory info ======================
Percentage of memory in use: 22%
Total physical RAM: 8189.55 MB
Available physical RAM: 6317.46 MB
Total Pagefile: 16377.25 MB
Available Pagefile: 14351.27 MB
Total Virtual: 8192 MB
Available Virtual: 8191.89 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:272.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive k: () (Fixed) (Total:931.51 GB) (Free:803.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 931 GB 0 B
Datentr„ger 1 Online 465 GB 0 B
Datentr„ger 2 Kein Medium 0 B 0 B
Datentr„ger 3 Kein Medium 0 B 0 B
Datentr„ger 4 Kein Medium 0 B 0 B
Datentr„ger 5 Kein Medium 0 B 0 B
Datentr„ger 6 Kein Medium 0 B 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: 1797B102
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 931 GB 1024 KB
======================================================================================================
Disk: 0
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 K NTFS Partition 931 GB Fehlerfre
======================================================================================================
Partitions of Disk 1:
===============
Datentr„ger-ID: 1BFA1443
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 100 MB 1024 KB
Partition 2 Prim„r 465 GB 101 MB
Partition 3 Prim„r 1040 KB 465 GB
======================================================================================================
Disk: 1
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System-rese NTFS Partition 100 MB Fehlerfre
======================================================================================================
Disk: 1
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 465 GB Fehlerfre System (partition with boot components)
======================================================================================================
Disk: 1
Partition 3
Typ : 17
Versteckt: Ja
Aktiv : Nein
Dieser Partition ist kein Volume zugewiesen.
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: 1797B102
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==============================
Partitions of Disk 1:
===============
Disk ID: 1BFA1443
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=466 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=1040 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3
****** End Of Log ******
|
|
01.11.2013, 11:41
| #7 |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Ok, dann noch das: Drücke die  + R Taste und schreibe "notepad" in das Ausführen Fenster.Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument: Code:
ATTFilter Disk=1 Partition=3 delete
__________________ cheers, Leo |
|
01.11.2013, 12:11
| #8 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhandenCode:
ATTFilter ListParts by Farbar Version: 20-10-2013
Ran by FR (administrator) on 01-11-2013 at 12:09:44
Windows 7 (X64)
Running From: C:\Users\FR\Desktop
Language: 0407
************************************************************
========================= Memory info ======================
Percentage of memory in use: 19%
Total physical RAM: 8189.55 MB
Available physical RAM: 6601.61 MB
Total Pagefile: 16377.25 MB
Available Pagefile: 14322.19 MB
Total Virtual: 8192 MB
Available Virtual: 8191.9 MB
======================= Partitions =========================
1 Drive c: () (Fixed) (Total:465.66 GB) (Free:272.37 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (System-reserviert) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
9 Drive k: () (Fixed) (Total:931.51 GB) (Free:803.8 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 931 GB 0 B
Datentr„ger 1 Online 465 GB 0 B
Datentr„ger 2 Kein Medium 0 B 0 B
Datentr„ger 3 Kein Medium 0 B 0 B
Datentr„ger 4 Kein Medium 0 B 0 B
Datentr„ger 5 Kein Medium 0 B 0 B
Datentr„ger 6 Kein Medium 0 B 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: 1797B102
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 931 GB 1024 KB
======================================================================================================
Disk: 0
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 K NTFS Partition 931 GB Fehlerfre
======================================================================================================
Partitions of Disk 1:
===============
Datentr„ger-ID: 1BFA1443
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 100 MB 1024 KB
Partition 2 Prim„r 465 GB 101 MB
======================================================================================================
Disk: 1
Partition 1
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D System-rese NTFS Partition 100 MB Fehlerfre
======================================================================================================
Disk: 1
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 C NTFS Partition 465 GB Fehlerfre System (partition with boot components)
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: 1797B102
Partition 1: (Active) - (Size=932 GB) - (Type=07 NTFS)
==============================
Partitions of Disk 1:
===============
Disk ID: 1BFA1443
Partition 1: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=466 GB) - (Type=07 NTFS)
****** End Of Log ******
|
|
01.11.2013, 12:20
| #9 |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Ok, prima. Es waren tatsächlich nur noch inaktive Überresten, die jetzt aber auch noch entfernt wurden. Sieht dein Antivir das auch so? Läuft der Rechner sonst normal?
__________________ cheers, Leo |
|
01.11.2013, 17:52
| #10 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Alles Top. Antivir hat anscheinend noch löschbare Teile gefunden und die sind jetzt auch alle weg. Danke für die gute und vorallem echt schnelle Hilfe ! einfach Klasse, weiter so !! Cheers, Fabian |
|
01.11.2013, 18:00
| #11 | |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhandenZitat:
C:\TDSSKiller_Quarantine\01.11.2013_16.45.02\tdlfs0000\tsk0016.dtaDas wäre dann nur noch das TDSS Filesystem, welches mit dem TDSSKiller gelöscht und in Quarantäne verschoben wurde.
__________________ cheers, Leo |
|
04.11.2013, 10:16
| #12 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Ja genau...Überreste dieser Art,die ich auch gleich gelöscht habe. |
|
04.11.2013, 11:30
| #13 |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Dann räum noch mit delfix auf und die Sache ist erledigt. Downloade dir bitte delfix auf deinen Desktop.
__________________ cheers, Leo |
|
04.11.2013, 13:53
| #14 |
| | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Alles erledigt ! Vielen Dank nochmals ! |
|
04.11.2013, 13:54
| #15 |
| /// TB-Ausbilder | BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden Freut mich, dass wir helfen konnten.  Falls du dem Forum noch Verbesserungsvorschläge, Kritik oder ein Lob mitgeben möchtest, kannst du das hier tun. Dieses Thema scheint erledigt und wird aus meinen Abos gelöscht. Ich bekomme somit keine Benachrichtigung mehr über neue Antworten. Solltest du das Thema erneut brauchen, schicke mir bitte eine PM und wir machen hier weiter. Jeder andere bitte diese Anleitung lesen und einen eigenen Thread erstellen.
__________________ cheers, Leo |
|
| Themen zu BOO/Tdss.O auch nach Windows7-Neuinstallation noch vorhanden |
| aktive, aktiven, andere, antivir, bereits, einiger, einzige, freue, hallo zusammen, hoffe, immernoch, installier, mas, melde, meldung, neu, nurnoch, problem, schei, virus, vorhanden, windows, wirklich, würde, zusammen |
Linear-Darstellung
