Spammails werden aus Netzwerk verschickt

Klösp · 18.01.2014, 14:36

Hier schonmal MBAM und ADWCleaner.
Der Rest kommt dann im nächsten Post.

Code:

ATTFilter

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.01.12.05

Windows 7 Service Pack 1 x86 NTFS
Internet Explorer 10.0.9200.16750
BENUTZER :: NAME-NB [Administrator]

16.01.2014 20:50:22
MBAM-log-2014-01-16 (21-48-52).txt

Art des Suchlaufs: Vollständiger Suchlauf (C:\|)
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 282887
Laufzeit: 57 Minute(n), 5 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 16
c:\users\BENUTZER\appdata\local\temp\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\users\public\appdata\local\temp\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\localservice\appdata\local\temp\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\networkservice\appdata\local\temp\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\temp\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\users\BENUTZER\appdata\local\syshost.exe (Exploit.Drop.GSLAD) -> Keine Aktion durchgeführt.
c:\users\public\appdata\local\syshost.exe (Exploit.Drop.GSLAD) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\localservice\appdata\local\syshost.exe (Exploit.Drop.GSLAD) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\networkservice\appdata\local\syshost.exe (Exploit.Drop.GSLAD) -> Keine Aktion durchgeführt.
c:\windows\system32\config\systemprofile\appdata\local\syshost.exe (Exploit.Drop.GSLAD) -> Keine Aktion durchgeführt.
c:\users\BENUTZER\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\users\public\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\localservice\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\serviceprofiles\networkservice\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\system32\config\systemprofile\syshost.exe (Exploit.Drop.GS) -> Keine Aktion durchgeführt.
c:\windows\syshost.exe (Trojan.Downloader) -> Keine Aktion durchgeführt.

(Ende)

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 18/01/2014 um 13:35:37
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : BENUTZER - NAME-NB
# Gestartet von : C:\Users\BENUTZER\Downloads\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\90cf75755030f0e1

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\s9u30li6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [854 octets] - [18/01/2014 13:33:38]
AdwCleaner[S0].txt - [776 octets] - [18/01/2014 13:35:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [835 octets] ##########

Code:

ATTFilter

# AdwCleaner v3.017 - Bericht erstellt am 18/01/2014 um 13:33:38
# Aktualisiert 12/01/2014 von Xplode
# Betriebssystem : Windows 7 Professional Service Pack 1 (32 bits)
# Benutzername : BENUTZER - NAME-NB
# Gestartet von : C:\Users\BENUTZER\Downloads\adwcleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\90cf75755030f0e1

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.16660


-\\ Mozilla Firefox v26.0 (de)

[ Datei : C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\s9u30li6.default\prefs.js ]


*************************

AdwCleaner[R0].txt - [716 octets] - [18/01/2014 13:33:38]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [775 octets] ##########

und der Rest

Code:

ATTFilter

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Windows 7 Professional x86
Ran by BENUTZER on 18.01.2014 at 13:45:07,09
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\syshost32



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\BENUTZER\AppData\Roaming\mozilla\firefox\profiles\s9u30li6.default\minidumps [138 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.01.2014 at 13:50:04,83
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

FRST Logfile:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 17-01-2014 03
Ran by BENUTZER (administrator) on NAME-NB on 18-01-2014 14:25:30
Running from C:\Users\BENUTZER\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?AuthParam=1360180396_2ceeabeffd890e19f85ed5b2aa8d944a&GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&File=jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\..\Interfaces\{3745AD6A-3B2F-4B51-A280-F2776C8ECB82}: [NameServer]195.34.133.21,195.34.133.22

FireFox:
========
FF ProfilePath: C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\s9u30li6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-02-14] (Advanced Micro Devices, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1320120 2013-10-31] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70784 2011-12-13] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34944 2011-12-13] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [46720 2012-02-01] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [197224 2012-04-12] (Realtek Semiconductor Corp.)
R3 usbhub; C:\Windows\System32\DRIVERS\usbhub.sys [258560 2011-03-25] ()
R3 usbohci; C:\Windows\System32\DRIVERS\usbohci.sys [20480 2011-03-25] ()
S3 usbprint; C:\Windows\System32\DRIVERS\usbprint.sys [19968 2009-07-14] ()
S3 usbscan; C:\Windows\System32\DRIVERS\usbscan.sys [35840 2009-07-14] ()
S3 USBSTOR; C:\Windows\System32\DRIVERS\USBSTOR.SYS [76288 2011-03-11] ()
S3 usbuhci; C:\Windows\system32\drivers\usbuhci.sys [24064 2011-03-25] ()
R3 usbvideo; C:\Windows\System32\Drivers\usbvideo.sys [146432 2010-11-20] ()
R0 vdrvroot; C:\Windows\System32\drivers\vdrvroot.sys [32832 2009-07-14] ()
S3 vga; C:\Windows\System32\DRIVERS\vgapnp.sys [26112 2009-07-14] ()
R1 VgaSave; C:\Windows\System32\drivers\vga.sys [25088 2009-07-14] ()
S3 vhdmp; C:\Windows\system32\drivers\vhdmp.sys [160128 2010-11-20] ()
S3 viaagp; C:\Windows\system32\drivers\viaagp.sys [53328 2009-07-14] ()
S3 ViaC7; C:\Windows\system32\drivers\viac7.sys [52736 2009-07-14] ()
S3 viaide; C:\Windows\system32\drivers\viaide.sys [16976 2009-07-14] ()
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [175360 2010-11-20] ()
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] ()
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] ()
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] ()
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [141904 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [21632 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] ()
S3 Wd; C:\Windows\system32\drivers\wd.sys [19024 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [526952 2012-07-26] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-14] ()
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [11264 2009-07-14] ()
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] ()
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] ()
U5 150e123a6f6ee7c0; C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys [60416 2014-01-16] ()
S3 catchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\catchme.sys [x]
S3 CFcatchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\CFcatchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-18 13:57 - 2014-01-18 13:57 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:33 - 2014-01-18 13:35 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-16 22:18 - 2014-01-16 22:18 - 00060416 _____ C:\Windows\system32\Drivers\150e123a6f6ee7c0.sys
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:04 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-15 20:04 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-15 20:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-15 20:03 - 2014-01-15 20:24 - 00000000 ____D C:\Qoobox
2014-01-15 20:03 - 2014-01-15 20:22 - 00000000 ____D C:\Windows\erdnt
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-12 18:39 - 2014-01-12 18:40 - 00015390 _____ C:\Users\BENUTZER\Downloads\Addition.txt
2014-01-12 18:38 - 2014-01-18 14:26 - 00009589 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-12 18:26 - 2014-01-18 13:57 - 01220608 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe
2014-01-12 18:26 - 2014-01-18 13:57 - 00000000 ____D C:\FRST
2013-12-23 08:29 - 2014-01-15 20:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-23 08:28 - 2013-12-23 08:28 - 00575168 _____ (Microsoft Corporation) C:\Users\BENUTZER\Downloads\Setup.X86.de-de_O365ProPlusRetail_9074592d-cf43-4b02-b0cc-23e43fdf7f6f_TX_PR_.exe
2013-12-20 15:34 - 2013-12-20 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-18 14:26 - 2014-01-12 18:38 - 00009589 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-18 14:23 - 2013-02-05 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-18 13:57 - 2014-01-18 13:57 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-18 13:57 - 2014-01-12 18:26 - 01220608 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe
2014-01-18 13:57 - 2014-01-12 18:26 - 00000000 ____D C:\FRST
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:44 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-18 13:44 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:37 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-18 13:36 - 2009-07-14 05:39 - 00081082 _____ C:\Windows\setupact.log
2014-01-18 13:35 - 2014-01-18 13:33 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:32 - 2013-02-04 15:38 - 00000000 ____D C:\Users\BENUTZER
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-17 18:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-16 22:18 - 2014-01-16 22:18 - 00060416 _____ C:\Windows\system32\Drivers\150e123a6f6ee7c0.sys
2014-01-16 21:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2014-01-16 21:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-16 21:58 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-16 21:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2014-01-16 21:55 - 2013-10-05 20:14 - 00000000 ____D C:\Users\BENUTZER\AppData\Roaming\Skype
2014-01-16 21:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2014-01-15 22:39 - 2013-08-19 15:52 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 22:35 - 2013-02-04 15:22 - 01798309 _____ C:\Windows\WindowsUpdate.log
2014-01-15 20:42 - 2013-12-23 08:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:24 - 2014-01-15 20:03 - 00000000 ____D C:\Qoobox
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-15 20:22 - 2014-01-15 20:03 - 00000000 ____D C:\Windows\erdnt
2014-01-15 20:19 - 2013-08-19 20:23 - 00061184 _____ C:\Windows\system32\Drivers\7029c455ca8a987e.sys
2014-01-15 20:19 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2014-01-15 20:18 - 2009-07-14 03:03 - 51118080 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 14680064 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-15 20:03 - 2009-07-14 05:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-15 18:59 - 2013-08-19 20:00 - 00000000 ____D C:\Users\BENUTZER\AppData\Local\{0D5CCA6C-BE5C-6826-A097-1F118034549F}
2014-01-12 18:40 - 2014-01-12 18:39 - 00015390 _____ C:\Users\BENUTZER\Downloads\Addition.txt
2014-01-12 18:34 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2014-01-08 17:24 - 2013-02-05 10:13 - 00000000 ____D C:\Users\BENUTZER\Desktop\Schach
2013-12-26 18:50 - 2013-02-05 10:13 - 00000000 ____D C:\Users\BENUTZER\Desktop\Jusos
2013-12-25 22:55 - 2010-11-20 22:01 - 01526758 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 13:14 - 2009-07-14 05:33 - 00436088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-23 11:18 - 2013-02-04 16:20 - 00110568 _____ C:\Users\BENUTZER\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-23 10:59 - 2013-02-06 11:13 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-23 10:58 - 2013-02-06 11:24 - 00000000 ____D C:\Program Files\Common Files\Designer
2013-12-23 10:58 - 2011-04-12 02:39 - 00000000 ____D C:\Windows\ShellNew
2013-12-23 10:58 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-23 09:38 - 2013-02-05 09:06 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-23 08:28 - 2013-12-23 08:28 - 00575168 _____ (Microsoft Corporation) C:\Users\BENUTZER\Downloads\Setup.X86.de-de_O365ProPlusRetail_9074592d-cf43-4b02-b0cc-23e43fdf7f6f_TX_PR_.exe
2013-12-22 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-20 19:29 - 2013-02-05 09:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 15:34 - 2013-12-20 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\BENUTZER\AppData\Local\temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2010-11-20 22:29] - [2010-11-20 22:29] - 0245632 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys IS INFECTED. <===== ATTENTION!



LastRegBack: 2014-01-07 19:59

==================== End Of Log ============================

--- --- ---

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 17-01-2014 03
Ran by BENUTZER at 2014-01-18 14:26:38
Running from C:\Users\BENUTZER\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (Version:  - )
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70214.2220 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD VISION Engine Control Center (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.11.812 (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
IrfanView (remove only) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Juniper Networks, Inc. Setup Client (Version: 7.4.6.40675 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1 - Juniper Networks, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (Version: 7.54.309.2012 - Realtek)
Realtek PCIE Card Reader (Version: 6.1.7601.29018 - Realtek Semiconductor Corp.)
Skype™ 6.9 (Version: 6.9.106 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:04 - 2014-01-15 20:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02A150B2-DAAA-4499-924D-ABD4E67CC2C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {2247EED9-7847-427D-946D-231157CD3827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {3F6E4502-2B89-4184-B397-9367B3D27211} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {43526F1C-1990-4A63-8F2A-B73FCDD0BB54} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {889EAD67-6FF1-446E-987A-374EBEFD6629} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-02-14 23:15 - 2012-02-14 23:15 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-14 23:13 - 2012-02-14 23:13 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Percentage of memory in use: 37%
Total physical RAM: 1641.37 MB
Available physical RAM: 1030.34 MB
Total Pagefile: 3282.73 MB
Available Pagefile: 2358.82 MB
Total Virtual: 2047.88 MB
Available Virtual: 1926.02 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.99 GB) (Free:247.84 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3B99AC7F)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 19.01.2014, 09:58

ESET Online Scanner

Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
Lade und starte Eset Online Scanner
Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
Klicke auf Starten.
Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
Klicke am Ende des Suchlaufs auf Fertig stellen.
Schließe das Fenster von ESET.
Explorer öffnen.
C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
Logfile hier posten.
Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset

Downloade Dir bitte

SecurityCheck und:

Speichere es auf dem Desktop.
Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.

Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?

Klösp · 19.01.2014, 23:58

Code:

ATTFilter

ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=494301b607b3bc4d8b739b1ecb13d37d
# engine=16709
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-01-19 03:53:19
# local_time=2014-01-19 04:53:19 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776573 100 94 96889 141777990 0 0
# scanned=91092
# found=6
# cleaned=0
# scan_time=3267
sh=5F2E07AC389C344749E4E94884657500F8DCA0AA ft=1 fh=6c360e747e5120c9 vn="Win32/Sirefef.FZ trojan" ac=I fn="C:\Qoobox\Quarantine\C\Program Files\Google\Desktop\Install\{a720026c-7071-a2b7-bfac-0968e20b2e78}\9519~1\A535~1\E628~1\{a720026c-7071-a2b7-bfac-0968e20b2e78}\U\80000001.@.vir"
sh=76F3A3D1E90A71E8F4F4D78E2DD5B23FC8455CFA ft=0 fh=0000000000000000 vn="a variant of Win32/Rootkit.Kryptik.XX trojan" ac=I fn="C:\Qoobox\Quarantine\C\Windows\System32\drivers\_7029c455ca8a987e_.sys.zip"
sh=19AE08F6FF705749ED409FD41FA721496E55EACD ft=1 fh=8cfc866990f91c21 vn="a variant of Win32/Kryptik.BTAO trojan" ac=I fn="C:\Users\BENUTZER\AppData\Local\{0D5CCA6C-BE5C-6826-A097-1F118034549F}\syshost.exe"
sh=A515E64EF98A98AF253794DA54A4F04DAC519921 ft=0 fh=0000000000000000 vn="a variant of Java/Exploit.Agent.PFV trojan" ac=I fn="C:\Users\BENUTZER\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\24\35cf7a58-33f3afa7"
sh=153695F2B5CD9BF1BF0EE091B4C73CDFCCCE0578 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\BENUTZER\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\652c9ab0-48bfbf50"
sh=3226917165CC6071119731847F9112D0C12787E9 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\BENUTZER\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\52\54b0f534-32ef33a7"

Code:

ATTFilter

 Results of screen317's Security Check version 0.99.79  
 Windows 7 Service Pack 1 x86 (UAC is disabled!)  
 Internet Explorer 10 Out of date! 
``````````````Antivirus/Firewall Check:`````````````` 
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware Version 1.75.0.1300  
 Java 7 Update 25  
 Java version out of Date! 
 Adobe Flash Player 	11.9.900.170  
 Adobe Reader XI  
 Mozilla Firefox (26.0) 
````````Process Check: objlist.exe by Laurent````````  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2014 03
Ran by BENUTZER (administrator) on NAME-NB on 19-01-2014 18:06:16
Running from C:\Users\BENUTZER\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 10
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?AuthParam=1360180396_2ceeabeffd890e19f85ed5b2aa8d944a&GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&File=jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\..\Interfaces\{3745AD6A-3B2F-4B51-A280-F2776C8ECB82}: [NameServer]195.34.133.21,195.34.133.22

FireFox:
========
FF ProfilePath: C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\s9u30li6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-02-14] (Advanced Micro Devices, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1320120 2013-10-31] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70784 2011-12-13] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34944 2011-12-13] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [46720 2012-02-01] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [197224 2012-04-12] (Realtek Semiconductor Corp.)
S3 viaide; C:\Windows\system32\drivers\viaide.sys [16976 2009-07-14] ()
S3 vmbus; C:\Windows\system32\drivers\vmbus.sys [175360 2010-11-20] ()
S3 VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [17920 2010-11-20] ()
R0 volmgr; C:\Windows\System32\drivers\volmgr.sys [53120 2010-11-20] ()
R0 volmgrx; C:\Windows\System32\drivers\volmgrx.sys [297040 2009-07-14] ()
R0 volsnap; C:\Windows\System32\drivers\volsnap.sys [245632 2010-11-20] ()
S3 vsmraid; C:\Windows\system32\drivers\vsmraid.sys [141904 2009-07-14] ()
R3 vwifibus; C:\Windows\System32\DRIVERS\vwifibus.sys [19968 2009-07-14] ()
R1 vwififlt; C:\Windows\System32\DRIVERS\vwififlt.sys [48128 2009-07-14] ()
S3 WacomPen; C:\Windows\system32\drivers\wacompen.sys [21632 2009-07-14] ()
S3 WANARP; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] ()
R1 Wanarpv6; C:\Windows\System32\DRIVERS\wanarp.sys [63488 2010-11-20] ()
S3 Wd; C:\Windows\system32\drivers\wd.sys [19024 2009-07-14] ()
R0 Wdf01000; C:\Windows\System32\drivers\Wdf01000.sys [526952 2012-07-26] ()
R1 WfpLwf; C:\Windows\System32\DRIVERS\wfplwf.sys [9728 2009-07-14] ()
S3 WIMMount; C:\Windows\System32\drivers\wimmount.sys [19008 2009-07-14] ()
R3 WmiAcpi; C:\Windows\System32\DRIVERS\wmiacpi.sys [11264 2009-07-14] ()
R1 ws2ifsl; C:\Windows\system32\drivers\ws2ifsl.sys [16384 2009-07-14] ()
S3 WudfPf; C:\Windows\System32\drivers\WudfPf.sys [66560 2012-07-26] ()
S3 WUDFRd; C:\Windows\System32\DRIVERS\WUDFRd.sys [155136 2012-07-26] ()
U5 150e123a6f6ee7c0; C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys [60416 2014-01-16] ()
S3 catchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\catchme.sys [x]
S3 CFcatchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\CFcatchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-19 18:06 - 2014-01-19 18:07 - 00009179 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-19 17:58 - 2014-01-19 17:58 - 00987425 _____ C:\Users\BENUTZER\Downloads\SecurityCheck.exe
2014-01-19 17:22 - 2014-01-19 17:22 - 00000798 _____ C:\Windows\PFRO.log
2014-01-19 15:55 - 2014-01-19 15:55 - 02347384 _____ (ESET) C:\Users\BENUTZER\Downloads\esetsmartinstaller_enu.exe
2014-01-18 13:57 - 2014-01-19 18:05 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:33 - 2014-01-18 13:35 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-16 22:18 - 2014-01-16 22:18 - 00060416 _____ C:\Windows\system32\Drivers\150e123a6f6ee7c0.sys
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:04 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-15 20:04 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-15 20:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-15 20:03 - 2014-01-15 20:24 - 00000000 ____D C:\Qoobox
2014-01-15 20:03 - 2014-01-15 20:22 - 00000000 ____D C:\Windows\erdnt
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-12 18:39 - 2014-01-18 14:26 - 00009041 _____ C:\Users\BENUTZER\Downloads\Addition.txt
2014-01-12 18:26 - 2014-01-19 18:05 - 01221120 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe
2014-01-12 18:26 - 2014-01-19 18:05 - 00000000 ____D C:\FRST
2013-12-23 08:29 - 2014-01-15 20:42 - 00000000 ____D C:\Program Files\Microsoft Office 15
2013-12-23 08:28 - 2013-12-23 08:28 - 00575168 _____ (Microsoft Corporation) C:\Users\BENUTZER\Downloads\Setup.X86.de-de_O365ProPlusRetail_9074592d-cf43-4b02-b0cc-23e43fdf7f6f_TX_PR_.exe
2013-12-20 15:34 - 2013-12-20 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

==================== One Month Modified Files and Folders =======

2014-01-19 18:07 - 2014-01-19 18:06 - 00009179 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-19 18:05 - 2014-01-18 13:57 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-19 18:05 - 2014-01-12 18:26 - 01221120 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe
2014-01-19 18:05 - 2014-01-12 18:26 - 00000000 ____D C:\FRST
2014-01-19 17:58 - 2014-01-19 17:58 - 00987425 _____ C:\Users\BENUTZER\Downloads\SecurityCheck.exe
2014-01-19 17:57 - 2013-10-05 20:14 - 00000000 ____D C:\Users\BENUTZER\AppData\Roaming\Skype
2014-01-19 17:57 - 2013-02-04 15:22 - 01799384 _____ C:\Windows\WindowsUpdate.log
2014-01-19 17:30 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-19 17:30 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-19 17:29 - 2009-07-14 05:39 - 00081418 _____ C:\Windows\setupact.log
2014-01-19 17:23 - 2013-02-05 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-19 17:22 - 2014-01-19 17:22 - 00000798 _____ C:\Windows\PFRO.log
2014-01-19 17:22 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-19 15:55 - 2014-01-19 15:55 - 02347384 _____ (ESET) C:\Users\BENUTZER\Downloads\esetsmartinstaller_enu.exe
2014-01-18 14:26 - 2014-01-12 18:39 - 00009041 _____ C:\Users\BENUTZER\Downloads\Addition.txt
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:35 - 2014-01-18 13:33 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:32 - 2013-02-04 15:38 - 00000000 ____D C:\Users\BENUTZER
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-17 18:09 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-16 22:18 - 2014-01-16 22:18 - 00060416 _____ C:\Windows\system32\Drivers\150e123a6f6ee7c0.sys
2014-01-16 21:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2014-01-16 21:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-16 21:58 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-16 21:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2014-01-16 21:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2014-01-15 22:39 - 2013-08-19 15:52 - 00000000 ____D C:\Windows\system32\MRT
2014-01-15 20:42 - 2013-12-23 08:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:24 - 2014-01-15 20:03 - 00000000 ____D C:\Qoobox
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-15 20:22 - 2014-01-15 20:03 - 00000000 ____D C:\Windows\erdnt
2014-01-15 20:19 - 2013-08-19 20:23 - 00061184 _____ C:\Windows\system32\Drivers\7029c455ca8a987e.sys
2014-01-15 20:19 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2014-01-15 20:18 - 2009-07-14 03:03 - 51118080 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 14680064 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-15 20:03 - 2009-07-14 05:53 - 00032640 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-15 18:59 - 2013-08-19 20:00 - 00000000 ____D C:\Users\BENUTZER\AppData\Local\{0D5CCA6C-BE5C-6826-A097-1F118034549F}
2014-01-12 18:34 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2014-01-08 17:24 - 2013-02-05 10:13 - 00000000 ____D C:\Users\BENUTZER\Desktop\Schach
2013-12-26 18:50 - 2013-02-05 10:13 - 00000000 ____D C:\Users\BENUTZER\Desktop\Jusos
2013-12-25 22:55 - 2010-11-20 22:01 - 01526758 _____ C:\Windows\system32\PerfStringBackup.INI
2013-12-23 13:14 - 2009-07-14 05:33 - 00436088 _____ C:\Windows\system32\FNTCACHE.DAT
2013-12-23 11:18 - 2013-02-04 16:20 - 00110568 _____ C:\Users\BENUTZER\AppData\Local\GDIPFONTCACHEV1.DAT
2013-12-23 10:59 - 2013-02-06 11:13 - 00000000 ____D C:\Program Files\Microsoft Office
2013-12-23 10:58 - 2013-02-06 11:24 - 00000000 ____D C:\Program Files\Common Files\Designer
2013-12-23 10:58 - 2011-04-12 02:39 - 00000000 ____D C:\Windows\ShellNew
2013-12-23 10:58 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\System
2013-12-23 09:38 - 2013-02-05 09:06 - 00000000 ____D C:\Program Files\Microsoft.NET
2013-12-23 08:28 - 2013-12-23 08:28 - 00575168 _____ (Microsoft Corporation) C:\Users\BENUTZER\Downloads\Setup.X86.de-de_O365ProPlusRetail_9074592d-cf43-4b02-b0cc-23e43fdf7f6f_TX_PR_.exe
2013-12-22 13:23 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\NDF
2013-12-20 19:29 - 2013-02-05 09:37 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service
2013-12-20 15:34 - 2013-12-20 15:34 - 00000000 ____D C:\Program Files\Mozilla Firefox

Some content of TEMP:
====================
C:\Users\BENUTZER\AppData\Local\temp\Quarantine.exe
C:\Users\BENUTZER\AppData\Local\temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2010-11-20 22:29] - [2010-11-20 22:29] - 0245632 ____A () D41D8CD98F00B204E9800998ECF8427E

C:\Windows\System32\Drivers\volsnap.sys IS INFECTED. <===== ATTENTION!



LastRegBack: 2014-01-18 19:01

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 19-01-2014 03
Ran by BENUTZER at 2014-01-19 18:07:53
Running from C:\Users\BENUTZER\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (Version:  - )
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70214.2220 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD VISION Engine Control Center (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.11.812 (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
IrfanView (remove only) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 25 (Version: 7.0.250 - Oracle)
Java Auto Updater (Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Juniper Networks, Inc. Setup Client (HKCU Version: 7.4.6.40675 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1 - Juniper Networks, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (Version: 7.54.309.2012 - Realtek)
Realtek PCIE Card Reader (Version: 6.1.7601.29018 - Realtek Semiconductor Corp.)
Skype™ 6.9 (Version: 6.9.106 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)

==================== Restore Points  =========================


==================== Hosts content: ==========================

2009-07-14 03:04 - 2014-01-15 20:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02A150B2-DAAA-4499-924D-ABD4E67CC2C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {2247EED9-7847-427D-946D-231157CD3827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {3F6E4502-2B89-4184-B397-9367B3D27211} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {43526F1C-1990-4A63-8F2A-B73FCDD0BB54} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {889EAD67-6FF1-446E-987A-374EBEFD6629} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-02-14 23:15 - 2012-02-14 23:15 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-14 23:13 - 2012-02-14 23:13 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2013-12-20 15:34 - 2013-12-20 15:34 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2009-07-14 00:11 - 2009-07-14 02:16 - 00033280 _____ () C:\Windows\system32\pcwum.DLL
2013-12-10 20:23 - 2013-12-10 20:23 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/19/2014 05:24:32 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 03:39:51 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 11:22:22 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 04:48:58 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 02:27:31 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: wmplayer.exe, Version: 12.0.7601.17514, Zeitstempel: 0x4ce7a485
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18015, Zeitstempel: 0x50b83b16
Ausnahmecode: 0xc06d007f
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xf5c
Startzeit der fehlerhaften Anwendung: 0xwmplayer.exe0
Pfad der fehlerhaften Anwendung: wmplayer.exe1
Pfad des fehlerhaften Moduls: wmplayer.exe2
Berichtskennung: wmplayer.exe3


System errors:
=============
Error: (01/19/2014 03:55:05 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc00000a3E:0x0

Error: (01/19/2014 03:55:03 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/18/2014 10:24:28 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/18/2014 10:00:39 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: 0xc00000a3E:0x0

Error: (01/18/2014 10:00:35 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.


Microsoft Office Sessions:
=========================
Error: (01/19/2014 05:24:32 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 03:39:51 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/19/2014 11:22:22 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 04:48:58 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/18/2014 02:27:31 PM) (Source: Application Error)(User: )
Description: wmplayer.exe12.0.7601.175144ce7a485KERNELBASE.dll6.1.7601.1801550b83b16c06d007f0000812ff5c01cf145109dc3284C:\Program Files\Windows Media Player\wmplayer.exeC:\Windows\system32\KERNELBASE.dll481eb415-8044-11e3-9fb0-74e543306e6e


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 1641.37 MB
Available physical RAM: 701.48 MB
Total Pagefile: 3282.73 MB
Available Pagefile: 1816.09 MB
Total Virtual: 2047.88 MB
Available Virtual: 1922.04 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.99 GB) (Free:247.12 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3B99AC7F)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Dieser Rechner ist halt aktuell nicht im Netzwerk. Durch die anderen Rechner scheint aber kein Problem zu enstehen.

schrauber · 20.01.2014, 22:12

Java updaten.

Downloade dir bitte

TDSSKiller.exe und speichere diese Datei auf dem Desktop

Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
Drücke Start Scan
Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt

Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Klösp · 21.01.2014, 23:58

So, hier der Log vom TDSSKiller.

Code:

ATTFilter

20:59:52.0970 0x0284  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
21:00:19.0163 0x0284  ============================================================
21:00:19.0163 0x0284  Current date / time: 2014/01/21 21:00:19.0163
21:00:19.0163 0x0284  SystemInfo:
21:00:19.0163 0x0284  
21:00:19.0163 0x0284  OS Version: 6.1.7601 ServicePack: 1.0
21:00:19.0163 0x0284  Product type: Workstation
21:00:19.0163 0x0284  ComputerName: NAME-NB
21:00:19.0163 0x0284  UserName: BENUTZER
21:00:19.0163 0x0284  Windows directory: C:\Windows
21:00:19.0163 0x0284  System windows directory: C:\Windows
21:00:19.0163 0x0284  Processor architecture: Intel x86
21:00:19.0163 0x0284  Number of processors: 2
21:00:19.0163 0x0284  Page size: 0x1000
21:00:19.0163 0x0284  Boot type: Normal boot
21:00:19.0163 0x0284  ============================================================
21:00:19.0802 0x0284  KLMD registered as C:\Windows\system32\drivers\74769217.sys
21:00:37.0243 0x0284  System UUID: {2B6A7476-D5A1-D22F-5BCC-88F68823EF39}
21:00:38.0132 0x0284  !crdlk
21:00:38.0132 0x0284  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
21:00:38.0148 0x0284  ============================================================
21:00:38.0148 0x0284  \Device\Harddisk0\DR0:
21:00:38.0148 0x0284  MBR partitions:
21:00:38.0148 0x0284  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
21:00:38.0148 0x0284  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x23FFB800
21:00:38.0148 0x0284  ============================================================
21:00:38.0195 0x0284  C: <-> \Device\Harddisk0\DR0\Partition2
21:00:38.0226 0x0284  ============================================================
21:00:38.0226 0x0284  Initialize success
21:00:38.0226 0x0284  ============================================================
21:01:47.0918 0x0974  ============================================================
21:01:47.0918 0x0974  Scan started
21:01:47.0918 0x0974  Mode: Manual; SigCheck; TDLFS; 
21:01:47.0918 0x0974  ============================================================
21:01:47.0918 0x0974  KSN ping started
21:01:50.0726 0x0974  KSN ping finished: true
21:01:51.0100 0x0974  ================ Scan system memory ========================
21:01:51.0100 0x0974  System memory - ok
21:01:51.0100 0x0974  ================ Scan services =============================
21:01:51.0366 0x0974  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:01:51.0631 0x0974  1394ohci - ok
21:01:51.0662 0x0974  Suspicious service (NoAccess): 150e123a6f6ee7c0
21:01:51.0724 0x0974  [ 49E3ECB210CB029A905B095BF7C5EE80, C78E50D1A2A32597DF52117159B5E164FE57CD9D5503E33B48E9D1DC532EDF78 ] 150e123a6f6ee7c0 C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys
21:01:51.0724 0x0974  Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys. md5: 49E3ECB210CB029A905B095BF7C5EE80, sha256: C78E50D1A2A32597DF52117159B5E164FE57CD9D5503E33B48E9D1DC532EDF78
21:01:51.0818 0x0974  150e123a6f6ee7c0 - detected Rootkit.Win32.Necurs.gen ( 0 )
21:01:52.0052 0x0974  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - infected
21:01:52.0052 0x0974  Force sending object to P2P due to detect: C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys
21:01:54.0954 0x0974  Object send P2P result: true
21:01:57.0855 0x0974  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:01:57.0887 0x0974  ACPI - ok
21:01:57.0918 0x0974  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:01:58.0027 0x0974  AcpiPmi - ok
21:01:58.0199 0x0974  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:01:58.0245 0x0974  AdobeARMservice - ok
21:01:58.0339 0x0974  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:58.0386 0x0974  AdobeFlashPlayerUpdateSvc - ok
21:01:58.0511 0x0974  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:01:58.0589 0x0974  adp94xx - ok
21:01:58.0635 0x0974  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:01:58.0667 0x0974  adpahci - ok
21:01:58.0776 0x0974  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:01:58.0823 0x0974  adpu320 - ok
21:01:58.0947 0x0974  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:01:59.0150 0x0974  AeLookupSvc - ok
21:01:59.0291 0x0974  [ 9EBBBA55060F786F0FCAA3893BFA2806, 2E5A0FA2995989E9391771024839F5AD040A041CEE56787286D8FC421E26FE90 ] AFD             C:\Windows\system32\drivers\afd.sys
21:01:59.0400 0x0974  AFD - ok
21:01:59.0478 0x0974  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:01:59.0509 0x0974  agp440 - ok
21:01:59.0556 0x0974  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:01:59.0587 0x0974  aic78xx - ok
21:01:59.0681 0x0974  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:01:59.0790 0x0974  ALG - ok
21:01:59.0868 0x0974  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:01:59.0915 0x0974  aliide - ok
21:01:59.0977 0x0974  [ CDE41D99DB840FF9454FC981EBD0EC50, 01A48A41936293B97C2C568B32DF6BAAA302D39C18878C060ACCC9B4C69A956E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:02:00.0102 0x0974  AMD External Events Utility - ok
21:02:00.0211 0x0974  AMD FUEL Service - ok
21:02:00.0273 0x0974  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:02:00.0320 0x0974  amdagp - ok
21:02:00.0414 0x0974  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:02:00.0461 0x0974  amdide - ok
21:02:00.0554 0x0974  [ FF258424F0B2EF25EB98F04EE386E6E3, 09DC3854BF0D52FB80AB08DC4E0DD4A9E37ACAA500083A56F9836C837EBCFA82 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
21:02:00.0601 0x0974  amdiox86 - ok
21:02:00.0695 0x0974  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:02:00.0741 0x0974  AmdK8 - ok
21:02:01.0350 0x0974  [ FFD082F1F1D4FF5C87F66DF62486BCFA, F793C798E3919889B78975DEBB0E087683DE7BE4B54F92C5D6549BE8CCB27CAE ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:02:02.0177 0x0974  amdkmdag - ok
21:02:02.0286 0x0974  [ C541DA5B72FA638469E8DC1E66079330, 6286EA9C92D678220BFE2D497DB32A641F29D04FCBFCF970EABE740157378765 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:02:02.0364 0x0974  amdkmdap - ok
21:02:02.0442 0x0974  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:02:02.0520 0x0974  AmdPPM - ok
21:02:02.0598 0x0974  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:02:02.0645 0x0974  amdsata - ok
21:02:02.0707 0x0974  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:02:02.0754 0x0974  amdsbs - ok
21:02:02.0863 0x0974  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:02:02.0879 0x0974  amdxata - ok
21:02:02.0925 0x0974  [ E91675D350F5FCD98005F5B2C97F6B61, 4AABC84FDA09FE1AE8B30EC74EED38C861DEA08A1E26AB66EFD7B78BD12EF31F ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:02:02.0957 0x0974  amd_sata - ok
21:02:03.0050 0x0974  [ 5B43A272F8233A743533992248ECBC73, 005666EFDAB1DF5D7149DE3EB9A6281C66194E9326DAA83C0239BEB6577BB488 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:02:03.0081 0x0974  amd_xata - ok
21:02:03.0144 0x0974  [ DF6DE9E8E4B6994853CCF038BFAE964B, F122A283CA8AB80FE5033E538B3ED45A71209A98D3562E8434532AD62DA76D7D ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
21:02:03.0175 0x0974  AODDriver4.1 - ok
21:02:03.0269 0x0974  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
21:02:03.0362 0x0974  AppID - ok
21:02:03.0487 0x0974  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:02:03.0627 0x0974  AppIDSvc - ok
21:02:03.0752 0x0974  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:02:03.0877 0x0974  Appinfo - ok
21:02:03.0986 0x0974  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:02:04.0127 0x0974  AppMgmt - ok
21:02:04.0220 0x0974  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
21:02:04.0267 0x0974  arc - ok
21:02:04.0329 0x0974  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:02:04.0376 0x0974  arcsas - ok
21:02:04.0392 0x0974  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:04.0563 0x0974  AsyncMac - ok
21:02:04.0641 0x0974  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:02:04.0688 0x0974  atapi - ok
21:02:04.0953 0x0974  [ CFE432E8EEACBCEA3DBF53EA76978A65, 1495A2E450B4000FBB8DCF7AC2AFE96A08AD23CBE0C7DC2BFB6A70E68CF1AEAA ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:02:05.0250 0x0974  athr - ok
21:02:05.0375 0x0974  [ 4D201D8B576BE4473405B2A86A2D28B3, 97D14459C5ED6EA67220485CC8828C07E9C39C4D04A371AB86AB6379E664DC7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
21:02:05.0421 0x0974  AtiHDAudioService - ok
21:02:05.0531 0x0974  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:05.0858 0x0974  AudioEndpointBuilder - ok
21:02:06.0123 0x0974  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:02:06.0248 0x0974  Audiosrv - ok
21:02:06.0357 0x0974  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:02:06.0451 0x0974  AxInstSV - ok
21:02:06.0591 0x0974  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
21:02:06.0701 0x0974  b06bdrv - ok
21:02:06.0825 0x0974  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:02:06.0997 0x0974  b57nd60x - ok
21:02:07.0122 0x0974  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:02:07.0184 0x0974  BDESVC - ok
21:02:07.0278 0x0974  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:02:07.0371 0x0974  Beep - ok
21:02:07.0512 0x0974  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:02:07.0621 0x0974  BFE - ok
21:02:07.0793 0x0974  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
21:02:07.0917 0x0974  BITS - ok
21:02:08.0011 0x0974  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:02:08.0073 0x0974  blbdrive - ok
21:02:08.0183 0x0974  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:02:08.0229 0x0974  bowser - ok
21:02:08.0323 0x0974  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:02:08.0385 0x0974  BrFiltLo - ok
21:02:08.0479 0x0974  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:02:08.0573 0x0974  BrFiltUp - ok
21:02:08.0635 0x0974  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:02:08.0713 0x0974  BridgeMP - ok
21:02:08.0869 0x0974  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:02:08.0947 0x0974  Browser - ok
21:02:09.0087 0x0974  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:02:09.0197 0x0974  Brserid - ok
21:02:09.0290 0x0974  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:02:09.0368 0x0974  BrSerWdm - ok
21:02:09.0493 0x0974  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:02:09.0555 0x0974  BrUsbMdm - ok
21:02:09.0665 0x0974  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:02:09.0743 0x0974  BrUsbSer - ok
21:02:09.0852 0x0974  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:02:09.0930 0x0974  BTHMODEM - ok
21:02:10.0070 0x0974  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:02:10.0195 0x0974  bthserv - ok
21:02:10.0398 0x0974  catchme - ok
21:02:10.0491 0x0974  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:02:10.0601 0x0974  cdfs - ok
21:02:10.0710 0x0974  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:02:10.0788 0x0974  cdrom - ok
21:02:10.0928 0x0974  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:02:11.0037 0x0974  CertPropSvc - ok
21:02:11.0115 0x0974  CFcatchme - ok
21:02:11.0193 0x0974  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:02:11.0287 0x0974  circlass - ok
21:02:11.0381 0x0974  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:02:11.0427 0x0974  CLFS - ok
21:02:11.0537 0x0974  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:11.0583 0x0974  clr_optimization_v2.0.50727_32 - ok
21:02:11.0849 0x0974  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:11.0880 0x0974  clr_optimization_v4.0.30319_32 - ok
21:02:12.0005 0x0974  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:02:12.0083 0x0974  CmBatt - ok
21:02:12.0176 0x0974  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:02:12.0223 0x0974  cmdide - ok
21:02:12.0348 0x0974  [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG             C:\Windows\system32\Drivers\cng.sys
21:02:12.0457 0x0974  CNG - ok
21:02:12.0566 0x0974  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:02:12.0613 0x0974  Compbatt - ok
21:02:12.0722 0x0974  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:02:12.0785 0x0974  CompositeBus - ok
21:02:12.0863 0x0974  COMSysApp - ok
21:02:12.0941 0x0974  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:02:12.0987 0x0974  crcdisk - ok
21:02:13.0143 0x0974  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:02:13.0237 0x0974  CryptSvc - ok
21:02:13.0362 0x0974  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
21:02:13.0502 0x0974  CSC - ok
21:02:13.0674 0x0974  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
21:02:13.0799 0x0974  CscService - ok
21:02:13.0939 0x0974  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:02:14.0079 0x0974  DcomLaunch - ok
21:02:14.0204 0x0974  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:02:14.0313 0x0974  defragsvc - ok
21:02:14.0407 0x0974  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:02:14.0703 0x0974  DfsC - ok
21:02:14.0891 0x0974  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:02:15.0000 0x0974  Dhcp - ok
21:02:15.0156 0x0974  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:02:15.0249 0x0974  discache - ok
21:02:15.0327 0x0974  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
21:02:15.0359 0x0974  Disk - ok
21:02:15.0452 0x0974  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:02:15.0530 0x0974  dmvsc - ok
21:02:15.0671 0x0974  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:02:15.0795 0x0974  Dnscache - ok
21:02:15.0920 0x0974  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:02:16.0014 0x0974  dot3svc - ok
21:02:16.0154 0x0974  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:02:16.0263 0x0974  DPS - ok
21:02:16.0341 0x0974  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:02:16.0404 0x0974  drmkaud - ok
21:02:16.0544 0x0974  [ 16498EBC04AE9DD07049A8884B205C05, 134EA1C7A2DB984B8EBADF6C25B28DBADF02215AA2ED298FA124556FC4992084 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:02:16.0638 0x0974  DXGKrnl - ok
21:02:16.0747 0x0974  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:02:16.0841 0x0974  EapHost - ok
21:02:17.0184 0x0974  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
21:02:17.0543 0x0974  ebdrv - ok
21:02:17.0652 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS             C:\Windows\System32\lsass.exe
21:02:17.0699 0x0974  EFS - ok
21:02:17.0917 0x0974  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:02:18.0011 0x0974  ehRecvr - ok
21:02:18.0135 0x0974  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:02:18.0198 0x0974  ehSched - ok
21:02:18.0354 0x0974  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:02:18.0479 0x0974  elxstor - ok
21:02:18.0603 0x0974  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:02:18.0806 0x0974  ErrDev - ok
21:02:19.0165 0x0974  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:02:19.0259 0x0974  EventSystem - ok
21:02:19.0383 0x0974  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:02:19.0446 0x0974  exfat - ok
21:02:19.0602 0x0974  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:02:19.0711 0x0974  fastfat - ok
21:02:19.0867 0x0974  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:02:19.0992 0x0974  Fax - ok
21:02:20.0101 0x0974  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
21:02:20.0210 0x0974  fdc - ok
21:02:20.0351 0x0974  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:02:20.0429 0x0974  fdPHost - ok
21:02:20.0538 0x0974  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:02:20.0631 0x0974  FDResPub - ok
21:02:20.0772 0x0974  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:02:20.0803 0x0974  FileInfo - ok
21:02:20.0943 0x0974  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:02:21.0021 0x0974  Filetrace - ok
21:02:21.0146 0x0974  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:02:21.0240 0x0974  flpydisk - ok
21:02:21.0365 0x0974  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:02:21.0396 0x0974  FltMgr - ok
21:02:21.0614 0x0974  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
21:02:21.0723 0x0974  FontCache - ok
21:02:21.0879 0x0974  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:02:21.0911 0x0974  FontCache3.0.0.0 - ok
21:02:22.0020 0x0974  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:02:22.0067 0x0974  FsDepends - ok
21:02:22.0129 0x0974  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:02:22.0160 0x0974  Fs_Rec - ok
21:02:22.0316 0x0974  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:02:22.0379 0x0974  fvevol - ok
21:02:22.0503 0x0974  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:02:22.0581 0x0974  gagp30kx - ok
21:02:22.0815 0x0974  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:02:23.0003 0x0974  gpsvc - ok
21:02:23.0096 0x0974  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:02:23.0174 0x0974  hcw85cir - ok
21:02:23.0299 0x0974  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:02:23.0377 0x0974  HdAudAddService - ok
21:02:23.0486 0x0974  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:02:23.0533 0x0974  HDAudBus - ok
21:02:23.0564 0x0974  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:02:23.0611 0x0974  HidBatt - ok
21:02:23.0736 0x0974  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:02:23.0814 0x0974  HidBth - ok
21:02:23.0892 0x0974  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:02:23.0954 0x0974  HidIr - ok
21:02:24.0079 0x0974  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
21:02:24.0188 0x0974  hidserv - ok
21:02:24.0297 0x0974  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:02:24.0375 0x0974  HidUsb - ok
21:02:24.0500 0x0974  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:02:24.0609 0x0974  hkmsvc - ok
21:02:24.0734 0x0974  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:02:24.0828 0x0974  HomeGroupListener - ok
21:02:24.0968 0x0974  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:02:25.0077 0x0974  HomeGroupProvider - ok
21:02:25.0187 0x0974  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:02:25.0233 0x0974  HpSAMD - ok
21:02:25.0327 0x0974  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:02:25.0421 0x0974  HTTP - ok
21:02:25.0452 0x0974  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:02:25.0467 0x0974  hwpolicy - ok
21:02:25.0499 0x0974  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:02:25.0530 0x0974  i8042prt - ok
21:02:25.0608 0x0974  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:02:25.0655 0x0974  iaStorV - ok
21:02:25.0857 0x0974  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:02:25.0935 0x0974  idsvc - ok
21:02:26.0045 0x0974  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:02:26.0091 0x0974  iirsp - ok
21:02:26.0279 0x0974  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:02:26.0419 0x0974  IKEEXT - ok
21:02:26.0528 0x0974  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:02:26.0559 0x0974  intelide - ok
21:02:26.0606 0x0974  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:02:26.0637 0x0974  intelppm - ok
21:02:26.0747 0x0974  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:02:26.0840 0x0974  IPBusEnum - ok
21:02:26.0949 0x0974  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:02:27.0043 0x0974  IpFilterDriver - ok
21:02:27.0215 0x0974  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:02:27.0308 0x0974  iphlpsvc - ok
21:02:27.0417 0x0974  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:02:27.0480 0x0974  IPMIDRV - ok
21:02:27.0542 0x0974  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:02:27.0651 0x0974  IPNAT - ok
21:02:27.0761 0x0974  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:02:27.0854 0x0974  IRENUM - ok
21:02:27.0948 0x0974  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:02:27.0995 0x0974  isapnp - ok
21:02:28.0073 0x0974  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:02:28.0135 0x0974  iScsiPrt - ok
21:02:28.0244 0x0974  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:02:28.0275 0x0974  kbdclass - ok
21:02:28.0307 0x0974  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:02:28.0353 0x0974  kbdhid - ok
21:02:28.0463 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso          C:\Windows\system32\lsass.exe
21:02:28.0509 0x0974  KeyIso - ok
21:02:28.0587 0x0974  [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:02:28.0634 0x0974  KSecDD - ok
21:02:28.0775 0x0974  [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:02:28.0837 0x0974  KSecPkg - ok
21:02:28.0915 0x0974  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:02:29.0009 0x0974  KtmRm - ok
21:02:29.0149 0x0974  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:02:29.0274 0x0974  LanmanServer - ok
21:02:29.0383 0x0974  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:02:29.0445 0x0974  LanmanWorkstation - ok
21:02:29.0508 0x0974  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:02:29.0601 0x0974  lltdio - ok
21:02:29.0711 0x0974  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:02:29.0804 0x0974  lltdsvc - ok
21:02:29.0835 0x0974  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:02:29.0913 0x0974  lmhosts - ok
21:02:30.0023 0x0974  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:02:30.0085 0x0974  LSI_FC - ok
21:02:30.0225 0x0974  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:02:30.0288 0x0974  LSI_SAS - ok
21:02:30.0475 0x0974  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:02:30.0553 0x0974  LSI_SAS2 - ok
21:02:30.0678 0x0974  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:02:30.0709 0x0974  LSI_SCSI - ok
21:02:30.0818 0x0974  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:02:30.0896 0x0974  luafv - ok
21:02:31.0005 0x0974  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:02:31.0052 0x0974  Mcx2Svc - ok
21:02:31.0130 0x0974  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:02:31.0177 0x0974  megasas - ok
21:02:31.0208 0x0974  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:02:31.0255 0x0974  MegaSR - ok
21:02:31.0317 0x0974  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:02:31.0395 0x0974  MMCSS - ok
21:02:31.0505 0x0974  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:02:31.0614 0x0974  Modem - ok
21:02:31.0770 0x0974  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:02:31.0832 0x0974  monitor - ok
21:02:31.0910 0x0974  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:02:31.0941 0x0974  mouclass - ok
21:02:31.0973 0x0974  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:02:32.0019 0x0974  mouhid - ok
21:02:32.0144 0x0974  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:02:32.0175 0x0974  mountmgr - ok
21:02:32.0253 0x0974  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:02:32.0300 0x0974  MozillaMaintenance - ok
21:02:32.0409 0x0974  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:02:32.0456 0x0974  mpio - ok
21:02:32.0581 0x0974  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:02:32.0643 0x0974  mpsdrv - ok
21:02:32.0799 0x0974  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:02:32.0924 0x0974  MpsSvc - ok
21:02:33.0033 0x0974  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:02:33.0143 0x0974  MRxDAV - ok
21:02:33.0252 0x0974  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:02:33.0299 0x0974  mrxsmb - ok
21:02:33.0439 0x0974  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:02:33.0501 0x0974  mrxsmb10 - ok
21:02:33.0611 0x0974  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:02:33.0689 0x0974  mrxsmb20 - ok
21:02:33.0782 0x0974  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:02:33.0829 0x0974  msahci - ok
21:02:33.0891 0x0974  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:02:33.0938 0x0974  msdsm - ok
21:02:34.0032 0x0974  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:02:34.0110 0x0974  MSDTC - ok
21:02:34.0219 0x0974  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:02:34.0297 0x0974  Msfs - ok
21:02:34.0344 0x0974  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:02:34.0422 0x0974  mshidkmdf - ok
21:02:34.0500 0x0974  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:02:34.0531 0x0974  msisadrv - ok
21:02:34.0593 0x0974  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:02:34.0671 0x0974  MSiSCSI - ok
21:02:34.0718 0x0974  msiserver - ok
21:02:34.0765 0x0974  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:02:34.0843 0x0974  MSKSSRV - ok
21:02:34.0859 0x0974  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:02:34.0968 0x0974  MSPCLOCK - ok
21:02:35.0061 0x0974  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:02:35.0171 0x0974  MSPQM - ok
21:02:35.0280 0x0974  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:02:35.0342 0x0974  MsRPC - ok
21:02:35.0467 0x0974  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:02:35.0498 0x0974  mssmbios - ok
21:02:35.0623 0x0974  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:02:35.0701 0x0974  MSTEE - ok
21:02:35.0810 0x0974  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:02:35.0873 0x0974  MTConfig - ok
21:02:35.0982 0x0974  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:02:36.0029 0x0974  Mup - ok
21:02:36.0091 0x0974  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:02:36.0465 0x0974  napagent - ok
21:02:36.0590 0x0974  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:02:36.0731 0x0974  NativeWifiP - ok
21:02:36.0918 0x0974  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:02:36.0996 0x0974  NDIS - ok
21:02:37.0074 0x0974  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:02:37.0167 0x0974  NdisCap - ok
21:02:37.0261 0x0974  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:02:37.0370 0x0974  NdisTapi - ok
21:02:37.0448 0x0974  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:02:37.0557 0x0974  Ndisuio - ok
21:02:37.0651 0x0974  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:02:37.0760 0x0974  NdisWan - ok
21:02:37.0854 0x0974  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:02:37.0916 0x0974  NDProxy - ok
21:02:37.0963 0x0974  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:02:38.0057 0x0974  NetBIOS - ok
21:02:38.0135 0x0974  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:02:38.0244 0x0974  NetBT - ok
21:02:38.0337 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon        C:\Windows\system32\lsass.exe
21:02:38.0369 0x0974  Netlogon - ok
21:02:38.0447 0x0974  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:02:38.0540 0x0974  Netman - ok
21:02:38.0696 0x0974  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:02:38.0790 0x0974  netprofm - ok
21:02:38.0899 0x0974  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:38.0946 0x0974  NetTcpPortSharing - ok
21:02:38.0993 0x0974  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:02:39.0008 0x0974  nfrd960 - ok
21:02:39.0149 0x0974  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:02:39.0227 0x0974  NlaSvc - ok
21:02:39.0336 0x0974  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:02:39.0429 0x0974  Npfs - ok
21:02:39.0539 0x0974  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:02:39.0663 0x0974  nsi - ok
21:02:39.0773 0x0974  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:02:39.0866 0x0974  nsiproxy - ok
21:02:40.0131 0x0974  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:02:40.0225 0x0974  Ntfs - ok
21:02:40.0365 0x0974  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:02:40.0459 0x0974  Null - ok
21:02:40.0568 0x0974  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:02:40.0615 0x0974  nvraid - ok
21:02:40.0662 0x0974  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:02:40.0709 0x0974  nvstor - ok
21:02:40.0833 0x0974  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:02:40.0865 0x0974  nv_agp - ok
21:02:41.0208 0x0974  [ 238E050669DB40721B42E0FDB190E9FA, 5FB7CF96223395CF94690FCF35AB9BC3A3AE8B6E9A04C1B3832906D087F932CB ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
21:02:41.0301 0x0974  OfficeSvc - ok
21:02:41.0395 0x0974  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:02:41.0457 0x0974  ohci1394 - ok
21:02:41.0613 0x0974  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:41.0645 0x0974  ose - ok
21:02:42.0128 0x0974  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:02:42.0581 0x0974  osppsvc - ok
21:02:42.0721 0x0974  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:02:42.0783 0x0974  p2pimsvc - ok
21:02:42.0924 0x0974  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:02:43.0033 0x0974  p2psvc - ok
21:02:43.0142 0x0974  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
21:02:43.0189 0x0974  Parport - ok
21:02:43.0267 0x0974  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:02:43.0314 0x0974  partmgr - ok
21:02:43.0423 0x0974  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:02:43.0470 0x0974  Parvdm - ok
21:02:43.0532 0x0974  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:02:43.0595 0x0974  PcaSvc - ok
21:02:43.0704 0x0974  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:02:43.0751 0x0974  pci - ok
21:02:43.0797 0x0974  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:02:43.0813 0x0974  pciide - ok
21:02:43.0938 0x0974  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:02:44.0000 0x0974  pcmcia - ok
21:02:44.0109 0x0974  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:02:44.0156 0x0974  pcw - ok
21:02:44.0250 0x0974  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:02:44.0437 0x0974  PEAUTH - ok
21:02:44.0624 0x0974  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:02:44.0765 0x0974  PeerDistSvc - ok
21:02:45.0030 0x0974  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:02:45.0482 0x0974  pla - ok
21:02:45.0685 0x0974  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:02:45.0779 0x0974  PlugPlay - ok
21:02:45.0888 0x0974  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:02:45.0950 0x0974  PNRPAutoReg - ok
21:02:46.0059 0x0974  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:02:46.0122 0x0974  PNRPsvc - ok
21:02:46.0262 0x0974  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:02:46.0403 0x0974  PolicyAgent - ok
21:02:46.0543 0x0974  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:02:46.0637 0x0974  Power - ok
21:02:46.0730 0x0974  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:02:46.0808 0x0974  PptpMiniport - ok
21:02:46.0902 0x0974  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
21:02:46.0949 0x0974  Processor - ok
21:02:47.0073 0x0974  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:02:47.0136 0x0974  ProfSvc - ok
21:02:47.0198 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
21:02:47.0229 0x0974  ProtectedStorage - ok
21:02:47.0276 0x0974  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:02:47.0370 0x0974  Psched - ok
21:02:47.0541 0x0974  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:02:47.0666 0x0974  ql2300 - ok
21:02:47.0744 0x0974  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:02:47.0775 0x0974  ql40xx - ok
21:02:47.0838 0x0974  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:02:47.0916 0x0974  QWAVE - ok
21:02:48.0025 0x0974  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:02:48.0087 0x0974  QWAVEdrv - ok
21:02:48.0119 0x0974  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:02:48.0197 0x0974  RasAcd - ok
21:02:48.0290 0x0974  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:02:48.0353 0x0974  RasAgileVpn - ok
21:02:48.0399 0x0974  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:02:48.0493 0x0974  RasAuto - ok
21:02:48.0587 0x0974  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:48.0696 0x0974  Rasl2tp - ok
21:02:48.0852 0x0974  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:02:48.0992 0x0974  RasMan - ok
21:02:49.0086 0x0974  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:49.0179 0x0974  RasPppoe - ok
21:02:49.0226 0x0974  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:02:49.0304 0x0974  RasSstp - ok
21:02:49.0413 0x0974  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:02:49.0523 0x0974  rdbss - ok
21:02:49.0616 0x0974  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:02:49.0647 0x0974  rdpbus - ok
21:02:49.0679 0x0974  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:49.0741 0x0974  RDPCDD - ok
21:02:49.0866 0x0974  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:02:49.0991 0x0974  RDPDR - ok
21:02:50.0084 0x0974  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:02:50.0193 0x0974  RDPENCDD - ok
21:02:50.0303 0x0974  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:02:50.0412 0x0974  RDPREFMP - ok
21:02:50.0568 0x0974  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:02:50.0677 0x0974  RDPWD - ok
21:02:50.0833 0x0974  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:02:50.0895 0x0974  rdyboost - ok
21:02:51.0051 0x0974  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:02:51.0176 0x0974  RemoteRegistry - ok
21:02:51.0301 0x0974  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:02:51.0379 0x0974  RpcEptMapper - ok
21:02:51.0488 0x0974  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:02:51.0551 0x0974  RpcLocator - ok
21:02:51.0675 0x0974  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:02:51.0753 0x0974  RpcSs - ok
21:02:51.0878 0x0974  [ E5B5CCA5421CCBF926F520CE103DC9B4, 868A570BC6F6C0D2C2061A32BEDC74FE32DCBEBAAC6130E647155A808E9525C6 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
21:02:51.0925 0x0974  RSP2STOR - ok
21:02:51.0972 0x0974  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:02:52.0065 0x0974  rspndr - ok
21:02:52.0190 0x0974  [ 568C33723F09B341A11800D5EEA02038, F61CAAD43493EEC67ABFB31FED465BD0AE3935915751FC8D76955CD39B814AF6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
21:02:52.0268 0x0974  RTL8167 - ok
21:02:52.0315 0x0974  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:02:52.0362 0x0974  s3cap - ok
21:02:52.0440 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs           C:\Windows\system32\lsass.exe
21:02:52.0502 0x0974  SamSs - ok
21:02:52.0549 0x0974  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:02:52.0580 0x0974  sbp2port - ok
21:02:52.0721 0x0974  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:02:52.0830 0x0974  SCardSvr - ok
21:02:52.0892 0x0974  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:02:53.0017 0x0974  scfilter - ok
21:02:53.0173 0x0974  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:02:53.0313 0x0974  Schedule - ok
21:02:53.0391 0x0974  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:02:53.0454 0x0974  SCPolicySvc - ok
21:02:53.0501 0x0974  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:02:53.0610 0x0974  SDRSVC - ok
21:02:53.0703 0x0974  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:02:53.0797 0x0974  secdrv - ok
21:02:53.0875 0x0974  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:02:53.0969 0x0974  seclogon - ok
21:02:54.0047 0x0974  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
21:02:54.0140 0x0974  SENS - ok
21:02:54.0249 0x0974  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:02:54.0343 0x0974  SensrSvc - ok
21:02:54.0437 0x0974  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:02:54.0515 0x0974  Serenum - ok
21:02:54.0593 0x0974  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
21:02:54.0655 0x0974  Serial - ok
21:02:54.0717 0x0974  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:02:54.0780 0x0974  sermouse - ok
21:02:54.0951 0x0974  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:02:55.0061 0x0974  SessionEnv - ok
21:02:55.0123 0x0974  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:02:55.0185 0x0974  sffdisk - ok
21:02:55.0263 0x0974  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:02:55.0295 0x0974  sffp_mmc - ok
21:02:55.0326 0x0974  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:02:55.0373 0x0974  sffp_sd - ok
21:02:55.0451 0x0974  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:02:55.0529 0x0974  sfloppy - ok
21:02:55.0653 0x0974  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:02:55.0778 0x0974  SharedAccess - ok
21:02:55.0887 0x0974  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:02:55.0997 0x0974  ShellHWDetection - ok
21:02:56.0043 0x0974  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:02:56.0075 0x0974  sisagp - ok
21:02:56.0106 0x0974  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:02:56.0137 0x0974  SiSRaid2 - ok
21:02:56.0231 0x0974  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:02:56.0277 0x0974  SiSRaid4 - ok
21:02:56.0324 0x0974  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:02:56.0371 0x0974  SkypeUpdate - ok
21:02:56.0465 0x0974  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:02:56.0589 0x0974  Smb - ok
21:02:56.0667 0x0974  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:02:56.0714 0x0974  SNMPTRAP - ok
21:02:56.0730 0x0974  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:02:56.0761 0x0974  spldr - ok
21:02:56.0901 0x0974  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:02:57.0026 0x0974  Spooler - ok
21:02:57.0307 0x0974  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:02:57.0650 0x0974  sppsvc - ok
21:02:57.0728 0x0974  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:02:57.0806 0x0974  sppuinotify - ok
21:02:58.0009 0x0974  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:02:58.0118 0x0974  srv - ok
21:02:58.0212 0x0974  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:02:58.0290 0x0974  srv2 - ok
21:02:58.0383 0x0974  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:02:58.0430 0x0974  srvnet - ok
21:02:58.0508 0x0974  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:02:58.0602 0x0974  SSDPSRV - ok
21:02:58.0680 0x0974  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:02:58.0758 0x0974  SstpSvc - ok
21:02:58.0820 0x0974  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:02:58.0851 0x0974  stexstor - ok
21:02:58.0976 0x0974  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:02:59.0148 0x0974  StiSvc - ok
21:02:59.0241 0x0974  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:02:59.0288 0x0974  storflt - ok
21:02:59.0335 0x0974  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
21:02:59.0397 0x0974  StorSvc - ok
21:02:59.0491 0x0974  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:02:59.0538 0x0974  storvsc - ok
21:02:59.0585 0x0974  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:02:59.0616 0x0974  swenum - ok
21:02:59.0756 0x0974  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:02:59.0897 0x0974  swprv - ok
21:03:00.0053 0x0974  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:03:00.0177 0x0974  SysMain - ok
21:03:00.0271 0x0974  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:00.0333 0x0974  TabletInputService - ok
21:03:00.0365 0x0974  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:03:00.0474 0x0974  TapiSrv - ok
21:03:00.0567 0x0974  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:03:00.0677 0x0974  TBS - ok
21:03:00.0864 0x0974  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:03:00.0973 0x0974  Tcpip - ok
21:03:01.0098 0x0974  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:03:01.0207 0x0974  TCPIP6 - ok
21:03:01.0363 0x0974  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:03:01.0410 0x0974  tcpipreg - ok
21:03:01.0472 0x0974  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:03:01.0550 0x0974  TDPIPE - ok
21:03:01.0628 0x0974  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:03:01.0675 0x0974  TDTCP - ok
21:03:01.0769 0x0974  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:03:01.0862 0x0974  tdx - ok
21:03:01.0956 0x0974  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:03:01.0987 0x0974  TermDD - ok
21:03:02.0081 0x0974  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
21:03:02.0174 0x0974  TermService - ok
21:03:02.0283 0x0974  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:03:02.0377 0x0974  Themes - ok
21:03:02.0471 0x0974  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:03:02.0564 0x0974  THREADORDER - ok
21:03:02.0627 0x0974  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:03:02.0751 0x0974  TrkWks - ok
21:03:02.0892 0x0974  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:03.0001 0x0974  TrustedInstaller - ok
21:03:03.0126 0x0974  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:03.0204 0x0974  tssecsrv - ok
21:03:03.0297 0x0974  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:03:03.0391 0x0974  TsUsbFlt - ok
21:03:03.0485 0x0974  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:03:03.0547 0x0974  TsUsbGD - ok
21:03:03.0625 0x0974  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:03:03.0703 0x0974  tunnel - ok
21:03:03.0750 0x0974  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:03:03.0781 0x0974  uagp35 - ok
21:03:03.0890 0x0974  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:03:03.0999 0x0974  udfs - ok
21:03:04.0124 0x0974  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:03:04.0202 0x0974  UI0Detect - ok
21:03:04.0280 0x0974  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:03:04.0327 0x0974  uliagpkx - ok
21:03:04.0358 0x0974  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:03:04.0421 0x0974  umbus - ok
21:03:04.0499 0x0974  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:03:04.0545 0x0974  UmPass - ok
21:03:04.0655 0x0974  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:03:04.0733 0x0974  UmRdpService - ok
21:03:04.0826 0x0974  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:03:04.0935 0x0974  upnphost - ok
21:03:04.0998 0x0974  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:05.0060 0x0974  usbccgp - ok
21:03:05.0169 0x0974  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:03:05.0232 0x0974  usbcir - ok
21:03:05.0279 0x0974  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:03:05.0341 0x0974  usbehci - ok
21:03:05.0435 0x0974  [ 04322AECFC8718883EE3A0FE21FB5B70, F2AEE1999E9ACA8D4D61B0FC165EB22827892BB1E6B93E3B86694101AD06DA9C ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:03:05.0466 0x0974  usbfilter - ok
21:03:05.0559 0x0974  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:03:05.0637 0x0974  usbhub - ok
21:03:05.0747 0x0974  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:03:05.0793 0x0974  usbohci - ok
21:03:05.0903 0x0974  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:03:05.0981 0x0974  usbprint - ok
21:03:06.0090 0x0974  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:03:06.0152 0x0974  usbscan - ok
21:03:06.0230 0x0974  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:06.0324 0x0974  USBSTOR - ok
21:03:06.0386 0x0974  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:03:06.0464 0x0974  usbuhci - ok
21:03:06.0573 0x0974  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:03:06.0636 0x0974  usbvideo - ok
21:03:06.0714 0x0974  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:03:06.0807 0x0974  UxSms - ok
21:03:06.0885 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc        C:\Windows\system32\lsass.exe
21:03:06.0917 0x0974  VaultSvc - ok
21:03:06.0963 0x0974  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:03:07.0010 0x0974  vdrvroot - ok
21:03:07.0166 0x0974  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:03:07.0275 0x0974  vds - ok
21:03:07.0353 0x0974  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:07.0416 0x0974  vga - ok
21:03:07.0478 0x0974  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:03:07.0541 0x0974  VgaSave - ok
21:03:07.0572 0x0974  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:03:07.0603 0x0974  vhdmp - ok
21:03:07.0697 0x0974  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:03:07.0728 0x0974  viaagp - ok
21:03:07.0759 0x0974  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:03:07.0806 0x0974  ViaC7 - ok
21:03:07.0899 0x0974  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:03:07.0915 0x0974  viaide - ok
21:03:07.0993 0x0974  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:03:08.0055 0x0974  vmbus - ok
21:03:08.0149 0x0974  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:03:08.0211 0x0974  VMBusHID - ok
21:03:08.0305 0x0974  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:03:08.0336 0x0974  volmgr - ok
21:03:08.0383 0x0974  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:03:08.0430 0x0974  volmgrx - ok
21:03:08.0461 0x0974  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:03:08.0508 0x0974  volsnap - ok
21:03:08.0617 0x0974  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:03:08.0617 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\vsmraid.sys. md5: 9DFA0CC2F8855A04816729651175B631, sha256: 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3
21:03:08.0695 0x0974  vsmraid - detected LockedFile.Multi.Generic ( 1 )
21:03:08.0695 0x0974  Object is SCO, delete is not allowed
21:03:08.0695 0x0974  vsmraid ( LockedFile.Multi.Generic ) - warning
21:03:11.0690 0x0974  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:03:11.0893 0x0974  VSS - ok
21:03:11.0987 0x0974  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:03:11.0987 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 90567B1E658001E79D7C8BBD3DDE5AA6, sha256: EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557
21:03:12.0049 0x0974  vwifibus - detected LockedFile.Multi.Generic ( 1 )
21:03:12.0049 0x0974  vwifibus ( LockedFile.Multi.Generic ) - warning
21:03:12.0049 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\DRIVERS\vwifibus.sys
21:03:14.0935 0x0974  Object send P2P result: true
21:03:17.0774 0x0974  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:03:17.0774 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 7090D3436EEB4E7DA3373090A23448F7, sha256: 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2
21:03:17.0852 0x0974  vwififlt - detected LockedFile.Multi.Generic ( 1 )
21:03:17.0852 0x0974  vwififlt ( LockedFile.Multi.Generic ) - warning
21:03:20.0801 0x0974  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:03:20.0957 0x0974  W32Time - ok
21:03:21.0035 0x0974  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:03:21.0035 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wacompen.sys. md5: DE3721E89C653AA281428C8A69745D90, sha256: 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516
21:03:21.0113 0x0974  WacomPen - detected LockedFile.Multi.Generic ( 1 )
21:03:21.0113 0x0974  Object is SCO, delete is not allowed
21:03:21.0113 0x0974  WacomPen ( LockedFile.Multi.Generic ) - warning
21:03:21.0113 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\drivers\wacompen.sys
21:03:23.0983 0x0974  Object send P2P result: true
21:03:26.0947 0x0974  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:03:26.0947 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E, sha256: 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7
21:03:27.0025 0x0974  WANARP - detected LockedFile.Multi.Generic ( 1 )
21:03:27.0025 0x0974  Object is SCO, delete is not allowed
21:03:27.0025 0x0974  WANARP ( LockedFile.Multi.Generic ) - warning
21:03:29.0911 0x0974  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:03:29.0911 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E, sha256: 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7
21:03:30.0005 0x0974  Wanarpv6 - detected LockedFile.Multi.Generic ( 1 )
21:03:30.0005 0x0974  Object is SCO, delete is not allowed
21:03:30.0005 0x0974  Wanarpv6 ( LockedFile.Multi.Generic ) - warning
21:03:33.0031 0x0974  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:03:33.0171 0x0974  wbengine - ok
21:03:33.0265 0x0974  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:03:33.0359 0x0974  WbioSrvc - ok
21:03:33.0452 0x0974  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:03:33.0530 0x0974  wcncsvc - ok
21:03:33.0577 0x0974  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:33.0686 0x0974  WcsPlugInService - ok
21:03:33.0795 0x0974  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:03:33.0795 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wd.sys. md5: 1112A9BADACB47B7C0BB0392E3158DFF, sha256: 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4
21:03:33.0858 0x0974  Wd - detected LockedFile.Multi.Generic ( 1 )
21:03:33.0858 0x0974  Object is SCO, delete is not allowed
21:03:33.0858 0x0974  Wd ( LockedFile.Multi.Generic ) - warning
21:03:36.0884 0x0974  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:03:36.0884 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\Wdf01000.sys. md5: A840213F1ACDCC175B4D1D5AAEAC0D7A, sha256: B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6
21:03:36.0962 0x0974  Wdf01000 - detected LockedFile.Multi.Generic ( 1 )
21:03:36.0962 0x0974  Object is SCO, delete is not allowed
21:03:36.0962 0x0974  Wdf01000 ( LockedFile.Multi.Generic ) - warning
21:03:36.0962 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\drivers\Wdf01000.sys
21:03:39.0989 0x0974  Object send P2P result: true
21:03:42.0921 0x0974  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:03:43.0062 0x0974  WdiServiceHost - ok
21:03:43.0155 0x0974  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:03:43.0202 0x0974  WdiSystemHost - ok
21:03:43.0280 0x0974  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
21:03:43.0343 0x0974  WebClient - ok
21:03:43.0452 0x0974  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:03:43.0530 0x0974  Wecsvc - ok
21:03:43.0577 0x0974  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:03:43.0639 0x0974  wercplsupport - ok
21:03:43.0748 0x0974  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:03:43.0873 0x0974  WerSvc - ok
21:03:43.0935 0x0974  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:03:43.0935 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 8B9A943F3B53861F2BFAF6C186168F79, sha256: 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713
21:03:44.0029 0x0974  WfpLwf - detected LockedFile.Multi.Generic ( 1 )
21:03:44.0029 0x0974  WfpLwf ( LockedFile.Multi.Generic ) - warning
21:03:46.0977 0x0974  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:03:46.0977 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wimmount.sys. md5: 5CF95B35E59E2A38023836FFF31BE64C, sha256: CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D
21:03:47.0055 0x0974  WIMMount - detected LockedFile.Multi.Generic ( 1 )
21:03:47.0055 0x0974  WIMMount ( LockedFile.Multi.Generic ) - warning
21:03:50.0082 0x0974  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:03:50.0191 0x0974  WinDefend - ok
21:03:50.0269 0x0974  WinHttpAutoProxySvc - ok
21:03:50.0378 0x0974  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:03:50.0456 0x0974  Winmgmt - ok
21:03:50.0612 0x0974  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:03:50.0784 0x0974  WinRM - ok
21:03:50.0940 0x0974  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:03:51.0065 0x0974  Wlansvc - ok
21:03:51.0127 0x0974  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:03:51.0127 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: 0217679B8FCA58714C3BF2726D2CA84E, sha256: 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A
21:03:51.0205 0x0974  WmiAcpi - detected LockedFile.Multi.Generic ( 1 )
21:03:51.0205 0x0974  Object is SCO, delete is not allowed
21:03:51.0205 0x0974  WmiAcpi ( LockedFile.Multi.Generic ) - warning
21:03:54.0185 0x0974  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:03:54.0278 0x0974  wmiApSrv - ok
21:03:54.0466 0x0974  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:03:54.0622 0x0974  WMPNetworkSvc - ok
21:03:54.0715 0x0974  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:03:54.0793 0x0974  WPCSvc - ok
21:03:54.0918 0x0974  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:03:55.0027 0x0974  WPDBusEnum - ok
21:03:55.0121 0x0974  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:03:55.0136 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6DB3276587B853BF886B69528FDB048C, sha256: 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C
21:03:55.0214 0x0974  ws2ifsl - detected LockedFile.Multi.Generic ( 1 )
21:03:55.0214 0x0974  Object is SCO, delete is not allowed
21:03:55.0214 0x0974  ws2ifsl ( LockedFile.Multi.Generic ) - warning
21:03:58.0163 0x0974  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:03:58.0225 0x0974  wscsvc - ok
21:03:58.0241 0x0974  WSearch - ok
21:03:58.0475 0x0974  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:03:58.0615 0x0974  wuauserv - ok
21:03:58.0740 0x0974  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:03:58.0740 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\WudfPf.sys. md5: 06E6F32C8D0A3F66D956F57B43A2E070, sha256: 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943
21:03:58.0818 0x0974  WudfPf - detected LockedFile.Multi.Generic ( 1 )
21:03:58.0818 0x0974  Object is SCO, delete is not allowed
21:03:58.0818 0x0974  WudfPf ( LockedFile.Multi.Generic ) - warning
21:04:01.0907 0x0974  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:04:01.0922 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 867C301E8B790040AE9CF6486E8041DF, sha256: D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855
21:04:01.0985 0x0974  WUDFRd - detected LockedFile.Multi.Generic ( 1 )
21:04:01.0985 0x0974  Object is SCO, delete is not allowed
21:04:01.0985 0x0974  WUDFRd ( LockedFile.Multi.Generic ) - warning
21:04:04.0918 0x0974  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:04:04.0980 0x0974  wudfsvc - ok
21:04:05.0105 0x0974  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:04:05.0214 0x0974  WwanSvc - ok
21:04:05.0308 0x0974  ================ Scan global ===============================
21:04:05.0417 0x0974  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:04:05.0464 0x0974  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
21:04:05.0510 0x0974  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
21:04:05.0588 0x0974  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:04:05.0635 0x0974  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:04:05.0666 0x0974  [ Global ] - ok
21:04:05.0666 0x0974  ================ Scan MBR ==================================
21:04:05.0698 0x0974  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:04:06.0493 0x0974  \Device\Harddisk0\DR0 - ok
21:04:06.0493 0x0974  ================ Scan VBR ==================================
21:04:06.0540 0x0974  [ 9F8DE8744ABB2570032765D01C293F5B ] \Device\Harddisk0\DR0\Partition1
21:04:06.0540 0x0974  \Device\Harddisk0\DR0\Partition1 - ok
21:04:06.0556 0x0974  [ B37BB17F058E3DB9866A10C984B212A2 ] \Device\Harddisk0\DR0\Partition2
21:04:06.0571 0x0974  \Device\Harddisk0\DR0\Partition2 - ok
21:04:06.0649 0x0974  Win FW state via NFP2: enabled
21:04:09.0442 0x0974  ============================================================
21:04:09.0442 0x0974  Scan finished
21:04:09.0442 0x0974  ============================================================
21:04:09.0488 0x0264  Detected object count: 15
21:04:09.0488 0x0264  Actual detected object count: 15
21:05:05.0305 0x0264  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - skipped by user
21:05:05.0305 0x0264  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - User select action: Skip 
21:05:05.0305 0x0264  vsmraid ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0305 0x0264  vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0321 0x0264  vwifibus ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0321 0x0264  vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0321 0x0264  vwififlt ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0321 0x0264  vwififlt ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  WacomPen ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  WANARP ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  WANARP ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wd ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wd ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WIMMount ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0368 0x0264  WudfPf ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0368 0x0264  WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0368 0x0264  WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0368 0x0264  WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:12.0341 0x09c8  Deinitialize success

Danke im Vorraus

schrauber · 22.01.2014, 16:28

Zitat:

21:05:05.0305 0x0264 150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - skipped by user
21:05:05.0305 0x0264 150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - User select action: Skip

Daneben bitte Cure wählen oder Delete und weiter. Das Log bitte posten, danach nen frischen Scan mit TDSSKiller, auch dieses posten.

Klösp · 26.01.2014, 11:41

Der Besitzer hat das jetzt stellvertretend durchgeführt.
Allerdings ist er sich nicht ganz sicher ob alles richtig geklappt hat.

Ich poste mal die LogFiles, die er mir zugesendet hat.

Code:

ATTFilter

19:54:23.0081 4088  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
19:54:25.0101 4088  ============================================================
19:54:25.0101 4088  Current date / time: 2014/01/23 19:54:25.0101
19:54:25.0101 4088  SystemInfo:
19:54:25.0101 4088  
19:54:25.0101 4088  OS Version: 6.1.7601 ServicePack: 1.0
19:54:25.0101 4088  Product type: Workstation
19:54:25.0101 4088  ComputerName: NAME-NB
19:54:25.0102 4088  UserName: BENUTZER
19:54:25.0102 4088  Windows directory: C:\Windows
19:54:25.0102 4088  System windows directory: C:\Windows
19:54:25.0102 4088  Processor architecture: Intel x86
19:54:25.0102 4088  Number of processors: 2
19:54:25.0102 4088  Page size: 0x1000
19:54:25.0102 4088  Boot type: Normal boot
19:54:25.0102 4088  ============================================================
19:54:31.0892 4088  !crdlk
19:54:31.0944 4088  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
19:54:31.0959 4088  ============================================================
19:54:31.0959 4088  \Device\Harddisk0\DR0:
19:54:31.0959 4088  MBR partitions:
19:54:31.0959 4088  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
19:54:31.0959 4088  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x23FFB800
19:54:31.0959 4088  ============================================================
19:54:32.0014 4088  C: <-> \Device\Harddisk0\DR0\Partition2
19:54:32.0035 4088  ============================================================
19:54:32.0035 4088  Initialize success
19:54:32.0035 4088  ============================================================
19:55:43.0301 3412  ============================================================
19:55:43.0301 3412  Scan started
19:55:43.0301 3412  Mode: Manual; SigCheck; TDLFS; 
19:55:43.0301 3412  ============================================================
19:55:43.0531 3412  ================ Scan system memory ========================
19:55:43.0531 3412  System memory - ok
19:55:43.0531 3412  ================ Scan services =============================
19:55:43.0801 3412  [ 1B133875B8AA8AC48969BD3458AFE9F5 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
19:55:44.0031 3412  1394ohci - ok
19:55:44.0071 3412  Suspicious service (NoAccess): 150e123a6f6ee7c0
19:55:44.0131 3412  [ 49E3ECB210CB029A905B095BF7C5EE80 ] 150e123a6f6ee7c0 C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys
19:55:44.0131 3412  Suspicious file (NoAccess): C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys. md5: 49E3ECB210CB029A905B095BF7C5EE80
19:55:44.0221 3412  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - infected
19:55:44.0221 3412  150e123a6f6ee7c0 - detected Rootkit.Win32.Necurs.gen (0)
19:55:44.0281 3412  [ CEA80C80BED809AA0DA6FEBC04733349 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
19:55:44.0321 3412  ACPI - ok
19:55:44.0371 3412  [ 1EFBC664ABFF416D1D07DB115DCB264F ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
19:55:44.0461 3412  AcpiPmi - ok
19:55:44.0671 3412  [ B362181ED3771DC03B4141927C80F801 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
19:55:44.0731 3412  AdobeARMservice - ok
19:55:44.0841 3412  [ 1BA1AB4141A92EB34DA99F1249CA2D4D ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:55:44.0881 3412  AdobeFlashPlayerUpdateSvc - ok
19:55:44.0931 3412  [ 21E785EBD7DC90A06391141AAC7892FB ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
19:55:44.0971 3412  adp94xx - ok
19:55:45.0031 3412  [ 0C676BC278D5B59FF5ABD57BBE9123F2 ] adpahci         C:\Windows\system32\drivers\adpahci.sys
19:55:45.0071 3412  adpahci - ok
19:55:45.0091 3412  [ 7C7B5EE4B7B822EC85321FE23A27DB33 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
19:55:45.0131 3412  adpu320 - ok
19:55:45.0241 3412  [ 8B5EEFEEC1E6D1A72A06C526628AD161 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
19:55:45.0431 3412  AeLookupSvc - ok
19:55:45.0533 3412  [ 9EBBBA55060F786F0FCAA3893BFA2806 ] AFD             C:\Windows\system32\drivers\afd.sys
19:55:45.0625 3412  AFD - ok
19:55:45.0685 3412  [ 507812C3054C21CEF746B6EE3D04DD6E ] agp440          C:\Windows\system32\drivers\agp440.sys
19:55:45.0715 3412  agp440 - ok
19:55:45.0745 3412  [ 8B30250D573A8F6B4BD23195160D8707 ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
19:55:45.0765 3412  aic78xx - ok
19:55:45.0855 3412  [ 18A54E132947CD98FEA9ACCC57F98F13 ] ALG             C:\Windows\System32\alg.exe
19:55:45.0945 3412  ALG - ok
19:55:46.0015 3412  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44 ] aliide          C:\Windows\system32\drivers\aliide.sys
19:55:46.0035 3412  aliide - ok
19:55:46.0085 3412  [ CDE41D99DB840FF9454FC981EBD0EC50 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
19:55:46.0185 3412  AMD External Events Utility - ok
19:55:46.0295 3412  AMD FUEL Service - ok
19:55:46.0345 3412  [ 3C6600A0696E90A463771C7422E23AB5 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
19:55:46.0375 3412  amdagp - ok
19:55:46.0455 3412  [ CD5914170297126B6266860198D1D4F0 ] amdide          C:\Windows\system32\drivers\amdide.sys
19:55:46.0475 3412  amdide - ok
19:55:46.0555 3412  [ FF258424F0B2EF25EB98F04EE386E6E3 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
19:55:46.0585 3412  amdiox86 - ok
19:55:46.0665 3412  [ 00DDA200D71BAC534BF56A9DB5DFD666 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
19:55:46.0725 3412  AmdK8 - ok
19:55:46.0985 3412  [ FFD082F1F1D4FF5C87F66DF62486BCFA ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
19:55:47.0367 3412  amdkmdag - ok
19:55:47.0497 3412  [ C541DA5B72FA638469E8DC1E66079330 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
19:55:47.0567 3412  amdkmdap - ok
19:55:47.0627 3412  [ 3CBF30F5370FDA40DD3E87DF38EA53B6 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
19:55:47.0677 3412  AmdPPM - ok
19:55:47.0737 3412  [ D320BF87125326F996D4904FE24300FC ] amdsata         C:\Windows\system32\drivers\amdsata.sys
19:55:47.0777 3412  amdsata - ok
19:55:47.0877 3412  [ EA43AF0C423FF267355F74E7A53BDABA ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
19:55:47.0907 3412  amdsbs - ok
19:55:47.0967 3412  [ 46387FB17B086D16DEA267D5BE23A2F2 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
19:55:48.0007 3412  amdxata - ok
19:55:48.0077 3412  [ E91675D350F5FCD98005F5B2C97F6B61 ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
19:55:48.0097 3412  amd_sata - ok
19:55:48.0127 3412  [ 5B43A272F8233A743533992248ECBC73 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
19:55:48.0147 3412  amd_xata - ok
19:55:48.0259 3412  [ DF6DE9E8E4B6994853CCF038BFAE964B ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
19:55:48.0279 3412  AODDriver4.1 - ok
19:55:48.0329 3412  [ AEA177F783E20150ACE5383EE368DA19 ] AppID           C:\Windows\system32\drivers\appid.sys
19:55:48.0399 3412  AppID - ok
19:55:48.0499 3412  [ 62A9C86CB6085E20DB4823E4E97826F5 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
19:55:48.0599 3412  AppIDSvc - ok
19:55:48.0699 3412  [ EACFDF31921F51C097629F1F3C9129B4 ] Appinfo         C:\Windows\System32\appinfo.dll
19:55:48.0779 3412  Appinfo - ok
19:55:48.0909 3412  [ A45D184DF6A8803DA13A0B329517A64A ] AppMgmt         C:\Windows\System32\appmgmts.dll
19:55:49.0009 3412  AppMgmt - ok
19:55:49.0109 3412  [ 2932004F49677BD84DBC72EDB754FFB3 ] arc             C:\Windows\system32\drivers\arc.sys
19:55:49.0129 3412  arc - ok
19:55:49.0149 3412  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7 ] arcsas          C:\Windows\system32\drivers\arcsas.sys
19:55:49.0179 3412  arcsas - ok
19:55:49.0199 3412  [ ADD2ADE1C2B285AB8378D2DAAF991481 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
19:55:49.0349 3412  AsyncMac - ok
19:55:49.0429 3412  [ 338C86357871C167A96AB976519BF59E ] atapi           C:\Windows\system32\drivers\atapi.sys
19:55:49.0459 3412  atapi - ok
19:55:49.0589 3412  [ CFE432E8EEACBCEA3DBF53EA76978A65 ] athr            C:\Windows\system32\DRIVERS\athr.sys
19:55:49.0729 3412  athr - ok
19:55:49.0859 3412  [ 4D201D8B576BE4473405B2A86A2D28B3 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
19:55:49.0889 3412  AtiHDAudioService - ok
19:55:50.0009 3412  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:55:50.0099 3412  AudioEndpointBuilder - ok
19:55:50.0209 3412  [ CE3B4E731638D2EF62FCB419BE0D39F0 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
19:55:50.0279 3412  Audiosrv - ok
19:55:50.0319 3412  [ 6E30D02AAC9CAC84F421622E3A2F6178 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
19:55:50.0439 3412  AxInstSV - ok
19:55:50.0549 3412  [ 1A231ABEC60FD316EC54C66715543CEC ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
19:55:50.0659 3412  b06bdrv - ok
19:55:50.0759 3412  [ BD8869EB9CDE6BBE4508D869929869EE ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
19:55:50.0809 3412  b57nd60x - ok
19:55:50.0929 3412  [ EE1E9C3BB8228AE423DD38DB69128E71 ] BDESVC          C:\Windows\System32\bdesvc.dll
19:55:50.0989 3412  BDESVC - ok
19:55:51.0089 3412  [ 505506526A9D467307B3C393DEDAF858 ] Beep            C:\Windows\system32\drivers\Beep.sys
19:55:51.0294 3412  Beep - ok
19:55:51.0393 3412  [ 1E2BAC209D184BB851E1A187D8A29136 ] BFE             C:\Windows\System32\bfe.dll
19:55:51.0503 3412  BFE - ok
19:55:51.0603 3412  [ E585445D5021971FAE10393F0F1C3961 ] BITS            C:\Windows\system32\qmgr.dll
19:55:51.0673 3412  BITS - ok
19:55:51.0753 3412  [ 2287078ED48FCFC477B05B20CF38F36F ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
19:55:51.0803 3412  blbdrive - ok
19:55:51.0903 3412  [ 8F2DA3028D5FCBD1A060A3DE64CD6506 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
19:55:51.0963 3412  bowser - ok
19:55:52.0043 3412  [ 9F9ACC7F7CCDE8A15C282D3F88B43309 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
19:55:52.0093 3412  BrFiltLo - ok
19:55:52.0183 3412  [ 56801AD62213A41F6497F96DEE83755A ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
19:55:52.0243 3412  BrFiltUp - ok
19:55:52.0273 3412  [ 77361D72A04F18809D0EFB6CCEB74D4B ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
19:55:52.0343 3412  BridgeMP - ok
19:55:52.0503 3412  [ 3DAA727B5B0A45039B0E1C9A211B8400 ] Browser         C:\Windows\System32\browser.dll
19:55:52.0553 3412  Browser - ok
19:55:52.0643 3412  [ 845B8CE732E67F3B4133164868C666EA ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
19:55:52.0733 3412  Brserid - ok
19:55:52.0813 3412  [ 203F0B1E73ADADBBB7B7B1FABD901F6B ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
19:55:52.0873 3412  BrSerWdm - ok
19:55:52.0983 3412  [ BD456606156BA17E60A04E18016AE54B ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
19:55:53.0053 3412  BrUsbMdm - ok
19:55:53.0123 3412  [ AF72ED54503F717A43268B3CC5FAEC2E ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
19:55:53.0173 3412  BrUsbSer - ok
19:55:53.0193 3412  [ ED3DF7C56CE0084EB2034432FC56565A ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
19:55:53.0263 3412  BTHMODEM - ok
19:55:53.0373 3412  [ 1DF19C96EEF6C29D1C3E1A8678E07190 ] bthserv         C:\Windows\system32\bthserv.dll
19:55:53.0463 3412  bthserv - ok
19:55:53.0653 3412  catchme - ok
19:55:53.0763 3412  [ 77EA11B065E0A8AB902D78145CA51E10 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
19:55:53.0853 3412  cdfs - ok
19:55:53.0943 3412  [ BE167ED0FDB9C1FA1133953C18D5A6C9 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
19:55:54.0003 3412  cdrom - ok
19:55:54.0133 3412  [ 319C6B309773D063541D01DF8AC6F55F ] CertPropSvc     C:\Windows\System32\certprop.dll
19:55:54.0213 3412  CertPropSvc - ok
19:55:54.0295 3412  CFcatchme - ok
19:55:54.0375 3412  [ 3FE3FE94A34DF6FB06E6418D0F6A0060 ] circlass        C:\Windows\system32\drivers\circlass.sys
19:55:54.0425 3412  circlass - ok
19:55:54.0475 3412  [ 635181E0E9BBF16871BF5380D71DB02D ] CLFS            C:\Windows\system32\CLFS.sys
19:55:54.0515 3412  CLFS - ok
19:55:54.0705 3412  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:55:54.0735 3412  clr_optimization_v2.0.50727_32 - ok
19:55:54.0945 3412  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:55:55.0005 3412  clr_optimization_v4.0.30319_32 - ok
19:55:55.0085 3412  [ DEA805815E587DAD1DD2C502220B5616 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
19:55:55.0145 3412  CmBatt - ok
19:55:55.0217 3412  [ C537B1DB64D495B9B4717B4D6D9EDBF2 ] cmdide          C:\Windows\system32\drivers\cmdide.sys
19:55:55.0247 3412  cmdide - ok
19:55:55.0327 3412  [ 247B4CE2DAB1160CD422D532D5241E1F ] CNG             C:\Windows\system32\Drivers\cng.sys
19:55:55.0387 3412  CNG - ok
19:55:55.0537 3412  [ A6023D3823C37043986713F118A89BEE ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
19:55:55.0577 3412  Compbatt - ok
19:55:55.0717 3412  [ CBE8C58A8579CFE5FCCF809E6F114E89 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
19:55:55.0777 3412  CompositeBus - ok
19:55:55.0887 3412  COMSysApp - ok
19:55:56.0007 3412  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
19:55:56.0037 3412  crcdisk - ok
19:55:56.0199 3412  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
19:55:56.0279 3412  CryptSvc - ok
19:55:56.0423 3412  [ 3C2177A897B4CA2788C6FB0C3FD81D4B ] CSC             C:\Windows\system32\drivers\csc.sys
19:55:56.0548 3412  CSC - ok
19:55:56.0795 3412  [ 15F93B37F6801943360D9EB42485D5D3 ] CscService      C:\Windows\System32\cscsvc.dll
19:55:56.0865 3412  CscService - ok
19:55:57.0097 3412  [ 7660F01D3B38ACA1747E397D21D790AF ] DcomLaunch      C:\Windows\system32\rpcss.dll
19:55:57.0209 3412  DcomLaunch - ok
19:55:57.0409 3412  [ 8D6E10A2D9A5EED59562D9B82CF804E1 ] defragsvc       C:\Windows\System32\defragsvc.dll
19:55:57.0499 3412  defragsvc - ok
19:55:57.0789 3412  [ F024449C97EC1E464AAFFDA18593DB88 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
19:55:57.0889 3412  DfsC - ok
19:55:58.0359 3412  [ E9E01EB683C132F7FA27CD607B8A2B63 ] Dhcp            C:\Windows\system32\dhcpcore.dll
19:55:58.0521 3412  Dhcp - ok
19:55:58.0641 3412  [ 1A050B0274BFB3890703D490F330C0DA ] discache        C:\Windows\system32\drivers\discache.sys
19:55:58.0721 3412  discache - ok
19:55:58.0793 3412  [ 565003F326F99802E68CA78F2A68E9FF ] Disk            C:\Windows\system32\drivers\disk.sys
19:55:58.0823 3412  Disk - ok
19:55:58.0983 3412  [ 2A958EF85DB1B61FFCA65044FA4BCE9E ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
19:55:59.0093 3412  dmvsc - ok
19:55:59.0525 3412  [ 33EF4861F19A0736B11314AAD9AE28D0 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
19:55:59.0605 3412  Dnscache - ok
19:55:59.0705 3412  [ 366BA8FB4B7BB7435E3B9EACB3843F67 ] dot3svc         C:\Windows\System32\dot3svc.dll
19:55:59.0795 3412  dot3svc - ok
19:55:59.0905 3412  [ 8EC04CA86F1D68DA9E11952EB85973D6 ] DPS             C:\Windows\system32\dps.dll
19:56:00.0005 3412  DPS - ok
19:56:00.0145 3412  [ B918E7C5F9BF77202F89E1A9539F2EB4 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
19:56:00.0297 3412  drmkaud - ok
19:56:00.0676 3412  [ 16498EBC04AE9DD07049A8884B205C05 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
19:56:00.0752 3412  DXGKrnl - ok
19:56:01.0025 3412  [ 8600142FA91C1B96367D3300AD0F3F3A ] EapHost         C:\Windows\System32\eapsvc.dll
19:56:01.0119 3412  EapHost - ok
19:56:01.0470 3412  [ 024E1B5CAC09731E4D868E64DBFB4AB0 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
19:56:01.0694 3412  ebdrv - ok
19:56:01.0798 3412  [ 81951F51E318AECC2D68559E47485CC4 ] EFS             C:\Windows\System32\lsass.exe
19:56:01.0977 3412  EFS - ok
19:56:02.0447 3412  [ A8C362018EFC87BEB013EE28F29C0863 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
19:56:02.0627 3412  ehRecvr - ok
19:56:03.0275 3412  [ D389BFF34F80CAEDE417BF9D1507996A ] ehSched         C:\Windows\ehome\ehsched.exe
19:56:03.0407 3412  ehSched - ok
19:56:03.0991 3412  [ 0ED67910C8C326796FAA00B2BF6D9D3C ] elxstor         C:\Windows\system32\drivers\elxstor.sys
19:56:04.0070 3412  elxstor - ok
19:56:04.0629 3412  [ 8FC3208352DD3912C94367A206AB3F11 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
19:56:04.0719 3412  ErrDev - ok
19:56:06.0662 3412  [ F6916EFC29D9953D5D0DF06882AE8E16 ] EventSystem     C:\Windows\system32\es.dll
19:56:06.0974 3412  EventSystem - ok
19:56:07.0467 3412  [ 2DC9108D74081149CC8B651D3A26207F ] exfat           C:\Windows\system32\drivers\exfat.sys
19:56:07.0539 3412  exfat - ok
19:56:07.0671 3412  [ 7E0AB74553476622FB6AE36F73D97D35 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
19:56:07.0761 3412  fastfat - ok
19:56:07.0899 3412  [ 967EA5B213E9984CBE270205DF37755B ] Fax             C:\Windows\system32\fxssvc.exe
19:56:08.0136 3412  Fax - ok
19:56:08.0305 3412  [ E817A017F82DF2A1F8CFDBDA29388B29 ] fdc             C:\Windows\system32\drivers\fdc.sys
19:56:08.0355 3412  fdc - ok
19:56:08.0467 3412  [ F3222C893BD2F5821A0179E5C71E88FB ] fdPHost         C:\Windows\system32\fdPHost.dll
19:56:08.0592 3412  fdPHost - ok
19:56:08.0771 3412  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B ] FDResPub        C:\Windows\system32\fdrespub.dll
19:56:08.0876 3412  FDResPub - ok
19:56:09.0056 3412  [ 6CF00369C97F3CF563BE99BE983D13D8 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
19:56:09.0100 3412  FileInfo - ok
19:56:09.0218 3412  [ 42C51DC94C91DA21CB9196EB64C45DB9 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
19:56:09.0321 3412  Filetrace - ok
19:56:09.0443 3412  [ 87907AA70CB3C56600F1C2FB8841579B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
19:56:09.0513 3412  flpydisk - ok
19:56:09.0625 3412  [ 7520EC808E0C35E0EE6F841294316653 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
19:56:09.0665 3412  FltMgr - ok
19:56:09.0825 3412  [ E12C4928B32ACE04610259647F072635 ] FontCache       C:\Windows\system32\FntCache.dll
19:56:09.0947 3412  FontCache - ok
19:56:10.0097 3412  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:56:10.0117 3412  FontCache3.0.0.0 - ok
19:56:10.0250 3412  [ 1A16B57943853E598CFF37FE2B8CBF1D ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
19:56:10.0288 3412  FsDepends - ok
19:56:10.0448 3412  [ 7DAE5EBCC80E45D3253F4923DC424D05 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
19:56:10.0471 3412  Fs_Rec - ok
19:56:10.0601 3412  [ E306A24D9694C724FA2491278BF50FDB ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
19:56:10.0676 3412  fvevol - ok
19:56:10.0965 3412  [ 65EE0C7A58B65E74AE05637418153938 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
19:56:11.0030 3412  gagp30kx - ok
19:56:11.0219 3412  [ E897EAF5ED6BA41E081060C9B447A673 ] gpsvc           C:\Windows\System32\gpsvc.dll
19:56:11.0364 3412  gpsvc - ok
19:56:11.0483 3412  [ C44E3C2BAB6837DB337DDEE7544736DB ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
19:56:11.0623 3412  hcw85cir - ok
19:56:11.0955 3412  [ A5EF29D5315111C80A5C1ABAD14C8972 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
19:56:12.0067 3412  HdAudAddService - ok
19:56:12.0179 3412  [ 9036377B8A6C15DC2EEC53E489D159B5 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
19:56:12.0219 3412  HDAudBus - ok
19:56:12.0260 3412  [ 1D58A7F3E11A9731D0EAAAA8405ACC36 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
19:56:12.0321 3412  HidBatt - ok
19:56:12.0493 3412  [ 89448F40E6DF260C206A193A4683BA78 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
19:56:12.0577 3412  HidBth - ok
19:56:12.0957 3412  [ CF50B4CF4A4F229B9F3C08351F99CA5E ] HidIr           C:\Windows\system32\drivers\hidir.sys
19:56:13.0049 3412  HidIr - ok
19:56:13.0977 3412  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B ] hidserv         C:\Windows\System32\hidserv.dll
19:56:14.0094 3412  hidserv - ok
19:56:14.0611 3412  [ 10C19F8290891AF023EAEC0832E1EB4D ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
19:56:14.0783 3412  HidUsb - ok
19:56:15.0319 3412  [ 196B4E3F4CCCC24AF836CE58FACBB699 ] hkmsvc          C:\Windows\system32\kmsvc.dll
19:56:15.0412 3412  hkmsvc - ok
19:56:15.0551 3412  [ 6658F4404DE03D75FE3BA09F7ABA6A30 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
19:56:15.0692 3412  HomeGroupListener - ok
19:56:15.0833 3412  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
19:56:15.0906 3412  HomeGroupProvider - ok
19:56:16.0025 3412  [ 295FDC419039090EB8B49FFDBB374549 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
19:56:16.0066 3412  HpSAMD - ok
19:56:16.0259 3412  [ 871917B07A141BFF43D76D8844D48106 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
19:56:16.0380 3412  HTTP - ok
19:56:16.0451 3412  [ 0C4E035C7F105F1299258C90886C64C5 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
19:56:16.0491 3412  hwpolicy - ok
19:56:16.0583 3412  [ F151F0BDC47F4A28B1B20A0818EA36D6 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
19:56:16.0613 3412  i8042prt - ok
19:56:16.0705 3412  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
19:56:16.0745 3412  iaStorV - ok
19:56:16.0867 3412  [ C521D7EB6497BB1AF6AFA89E322FB43C ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:56:16.0917 3412  idsvc - ok
19:56:17.0019 3412  [ 4173FF5708F3236CF25195FECD742915 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
19:56:17.0049 3412  iirsp - ok
19:56:17.0121 3412  [ F95622F161474511B8D80D6B093AA610 ] IKEEXT          C:\Windows\System32\ikeext.dll
19:56:17.0204 3412  IKEEXT - ok
19:56:17.0343 3412  [ A0F12F2C9BA6C72F3987CE780E77C130 ] intelide        C:\Windows\system32\drivers\intelide.sys
19:56:17.0373 3412  intelide - ok
19:56:17.0455 3412  [ 3B514D27BFC4ACCB4037BC6685F766E0 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
19:56:17.0485 3412  intelppm - ok
19:56:17.0787 3412  [ ACB364B9075A45C0736E5C47BE5CAE19 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
19:56:17.0937 3412  IPBusEnum - ok
19:56:18.0069 3412  [ 709D1761D3B19A932FF0238EA6D50200 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:56:18.0172 3412  IpFilterDriver - ok
19:56:18.0313 3412  [ 58F67245D041FBE7AF88F4EAF79DF0FA ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
19:56:18.0415 3412  iphlpsvc - ok
19:56:18.0515 3412  [ 4BD7134618C1D2A27466A099062547BF ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
19:56:18.0545 3412  IPMIDRV - ok
19:56:18.0737 3412  [ A5FA468D67ABCDAA36264E463A7BB0CD ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
19:56:18.0839 3412  IPNAT - ok
19:56:19.0017 3412  [ 42996CFF20A3084A56017B7902307E9F ] IRENUM          C:\Windows\system32\drivers\irenum.sys
19:56:19.0083 3412  IRENUM - ok
19:56:19.0185 3412  [ 1F32BB6B38F62F7DF1A7AB7292638A35 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
19:56:19.0205 3412  isapnp - ok
19:56:19.0267 3412  [ CB7A9ABB12B8415BCE5D74994C7BA3AE ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
19:56:19.0297 3412  iScsiPrt - ok
19:56:19.0389 3412  [ ADEF52CA1AEAE82B50DF86B56413107E ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
19:56:19.0409 3412  kbdclass - ok
19:56:19.0471 3412  [ 9E3CED91863E6EE98C24794D05E27A71 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
19:56:19.0571 3412  kbdhid - ok
19:56:19.0700 3412  [ 81951F51E318AECC2D68559E47485CC4 ] KeyIso          C:\Windows\system32\lsass.exe
19:56:19.0736 3412  KeyIso - ok
19:56:19.0845 3412  [ B7895B4182C0D16F6EFADEB8081E8D36 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
19:56:19.0865 3412  KSecDD - ok
19:56:20.0007 3412  [ D30159AC9237519FBC62C6EC247D2D46 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
19:56:20.0047 3412  KSecPkg - ok
19:56:20.0211 3412  [ 89A7B9CC98D0D80C6F31B91C0A310FCD ] KtmRm           C:\Windows\system32\msdtckrm.dll
19:56:20.0309 3412  KtmRm - ok
19:56:20.0443 3412  [ D64AF876D53ECA3668BB97B51B4E70AB ] LanmanServer    C:\Windows\System32\srvsvc.dll
19:56:20.0543 3412  LanmanServer - ok
19:56:20.0683 3412  [ 58405E4F68BA8E4057C6E914F326ABA2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:56:20.0753 3412  LanmanWorkstation - ok
19:56:20.0865 3412  [ F7611EC07349979DA9B0AE1F18CCC7A6 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
19:56:20.0955 3412  lltdio - ok
19:56:21.0125 3412  [ 5700673E13A2117FA3B9020C852C01E2 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
19:56:21.0232 3412  lltdsvc - ok
19:56:21.0327 3412  [ 55CA01BA19D0006C8F2639B6C045E08B ] lmhosts         C:\Windows\System32\lmhsvc.dll
19:56:21.0407 3412  lmhosts - ok
19:56:21.0507 3412  [ EB119A53CCF2ACC000AC71B065B78FEF ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
19:56:21.0547 3412  LSI_FC - ok
19:56:21.0647 3412  [ 8ADE1C877256A22E49B75D1CC9161F9C ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
19:56:21.0677 3412  LSI_SAS - ok
19:56:21.0707 3412  [ DC9DC3D3DAA0E276FD2EC262E38B11E9 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
19:56:21.0737 3412  LSI_SAS2 - ok
19:56:21.0777 3412  [ 0A036C7D7CAB643A7F07135AC47E0524 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
19:56:21.0807 3412  LSI_SCSI - ok
19:56:21.0827 3412  [ 6703E366CC18D3B6E534F5CF7DF39CEE ] luafv           C:\Windows\system32\drivers\luafv.sys
19:56:21.0936 3412  luafv - ok
19:56:22.0049 3412  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
19:56:22.0079 3412  Mcx2Svc - ok
19:56:22.0169 3412  [ 0FFF5B045293002AB38EB1FD1FC2FB74 ] megasas         C:\Windows\system32\drivers\megasas.sys
19:56:22.0209 3412  megasas - ok
19:56:22.0229 3412  [ DCBAB2920C75F390CAF1D29F675D03D6 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
19:56:22.0269 3412  MegaSR - ok
19:56:22.0331 3412  [ 146B6F43A673379A3C670E86D89BE5EA ] MMCSS           C:\Windows\system32\mmcss.dll
19:56:22.0421 3412  MMCSS - ok
19:56:22.0540 3412  [ F001861E5700EE84E2D4E52C712F4964 ] Modem           C:\Windows\system32\drivers\modem.sys
19:56:22.0703 3412  Modem - ok
19:56:22.0799 3412  [ 79D10964DE86B292320E9DFE02282A23 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
19:56:22.0869 3412  monitor - ok
19:56:22.0969 3412  [ FB18CC1D4C2E716B6B903B0AC0CC0609 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
19:56:23.0009 3412  mouclass - ok
19:56:23.0041 3412  [ 2C388D2CD01C9042596CF3C8F3C7B24D ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
19:56:23.0101 3412  mouhid - ok
19:56:23.0191 3412  [ FC8771F45ECCCFD89684E38842539B9B ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
19:56:23.0237 3412  mountmgr - ok
19:56:23.0353 3412  [ 3B9398E0146855B1DC0E3D9769C80F01 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:56:23.0393 3412  MozillaMaintenance - ok
19:56:23.0533 3412  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0 ] mpio            C:\Windows\system32\drivers\mpio.sys
19:56:23.0574 3412  mpio - ok
19:56:23.0685 3412  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
19:56:23.0754 3412  mpsdrv - ok
19:56:23.0884 3412  [ 9835584E999D25004E1EE8E5F3E3B881 ] MpsSvc          C:\Windows\system32\mpssvc.dll
19:56:24.0082 3412  MpsSvc - ok
19:56:24.0209 3412  [ CEB46AB7C01C9F825F8CC6BABC18166A ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
19:56:24.0279 3412  MRxDAV - ok
19:56:24.0409 3412  [ 5D16C921E3671636C0EBA3BBAAC5FD25 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
19:56:24.0471 3412  mrxsmb - ok
19:56:24.0581 3412  [ 6D17A4791ACA19328C685D256349FEFC ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:56:24.0691 3412  mrxsmb10 - ok
19:56:24.0833 3412  [ B81F204D146000BE76651A50670A5E9E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:56:24.0873 3412  mrxsmb20 - ok
19:56:24.0963 3412  [ 012C5F4E9349E711E11E0F19A8589F0A ] msahci          C:\Windows\system32\drivers\msahci.sys
19:56:24.0993 3412  msahci - ok
19:56:25.0125 3412  [ 55055F8AD8BE27A64C831322A780A228 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
19:56:25.0165 3412  msdsm - ok
19:56:25.0295 3412  [ E1BCE74A3BD9902B72599C0192A07E27 ] MSDTC           C:\Windows\System32\msdtc.exe
19:56:25.0365 3412  MSDTC - ok
19:56:25.0475 3412  [ DAEFB28E3AF5A76ABCC2C3078C07327F ] Msfs            C:\Windows\system32\drivers\Msfs.sys
19:56:25.0555 3412  Msfs - ok
19:56:25.0665 3412  [ 3E1E5767043C5AF9367F0056295E9F84 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
19:56:25.0756 3412  mshidkmdf - ok
19:56:25.0847 3412  [ 0A4E5757AE09FA9622E3158CC1AEF114 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
19:56:25.0877 3412  msisadrv - ok
19:56:25.0927 3412  [ 90F7D9E6B6F27E1A707D4A297F077828 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
19:56:26.0017 3412  MSiSCSI - ok
19:56:26.0087 3412  msiserver - ok
19:56:26.0157 3412  [ 8C0860D6366AAFFB6C5BB9DF9448E631 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
19:56:26.0217 3412  MSKSSRV - ok
19:56:26.0327 3412  [ 3EA8B949F963562CEDBB549EAC0C11CE ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
19:56:26.0417 3412  MSPCLOCK - ok
19:56:26.0529 3412  [ F456E973590D663B1073E9C463B40932 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
19:56:26.0619 3412  MSPQM - ok
19:56:26.0729 3412  [ 0E008FC4819D238C51D7C93E7B41E560 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
19:56:26.0779 3412  MsRPC - ok
19:56:26.0929 3412  [ FC6B9FF600CC585EA38B12589BD4E246 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
19:56:26.0959 3412  mssmbios - ok
19:56:27.0031 3412  [ B42C6B921F61A6E55159B8BE6CD54A36 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
19:56:27.0111 3412  MSTEE - ok
19:56:27.0211 3412  [ 33599130F44E1F34631CEA241DE8AC84 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
19:56:27.0261 3412  MTConfig - ok
19:56:27.0371 3412  [ 159FAD02F64E6381758C990F753BCC80 ] Mup             C:\Windows\system32\Drivers\mup.sys
19:56:27.0401 3412  Mup - ok
19:56:27.0493 3412  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E ] napagent        C:\Windows\system32\qagentRT.dll
19:56:27.0593 3412  napagent - ok
19:56:27.0713 3412  [ 26384429FCD85D83746F63E798AB1480 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
19:56:27.0783 3412  NativeWifiP - ok
19:56:27.0933 3412  [ 8C9C922D71F1CD4DEF73F186416B7896 ] NDIS            C:\Windows\system32\drivers\ndis.sys
19:56:27.0983 3412  NDIS - ok
19:56:28.0075 3412  [ 0E1787AA6C9191D3D319E8BAFE86F80C ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
19:56:28.0175 3412  NdisCap - ok
19:56:28.0265 3412  [ E4A8AEC125A2E43A9E32AFEEA7C9C888 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
19:56:28.0355 3412  NdisTapi - ok
19:56:28.0465 3412  [ D8A65DAFB3EB41CBB622745676FCD072 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
19:56:28.0558 3412  Ndisuio - ok
19:56:28.0657 3412  [ 38FBE267E7E6983311179230FACB1017 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
19:56:28.0747 3412  NdisWan - ok
19:56:28.0837 3412  [ A4BDC541E69674FBFF1A8FF00BE913F2 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
19:56:28.0917 3412  NDProxy - ok
19:56:29.0027 3412  [ 80B275B1CE3B0E79909DB7B39AF74D51 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
19:56:29.0117 3412  NetBIOS - ok
19:56:29.0217 3412  [ 280122DDCF04B378EDD1AD54D71C1E54 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
19:56:29.0317 3412  NetBT - ok
19:56:29.0407 3412  [ 81951F51E318AECC2D68559E47485CC4 ] Netlogon        C:\Windows\system32\lsass.exe
19:56:29.0457 3412  Netlogon - ok
19:56:29.0597 3412  [ 7CCCFCA7510684768DA22092D1FA4DB2 ] Netman          C:\Windows\System32\netman.dll
19:56:29.0689 3412  Netman - ok
19:56:29.0809 3412  [ 8C338238C16777A802D6A9211EB2BA50 ] netprofm        C:\Windows\System32\netprofm.dll
19:56:29.0919 3412  netprofm - ok
19:56:30.0019 3412  [ F476EC40033CDB91EFBE73EB99B8362D ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:56:30.0049 3412  NetTcpPortSharing - ok
19:56:30.0159 3412  [ 1D85C4B390B0EE09C7A46B91EFB2C097 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
19:56:30.0189 3412  nfrd960 - ok
19:56:30.0269 3412  [ 374071043F9E4231EE43BE2BB48DD36D ] NlaSvc          C:\Windows\System32\nlasvc.dll
19:56:30.0319 3412  NlaSvc - ok
19:56:30.0409 3412  [ 1DB262A9F8C087E8153D89BEF3D2235F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
19:56:30.0529 3412  Npfs - ok
19:56:30.0639 3412  [ BA387E955E890C8A88306D9B8D06BF17 ] nsi             C:\Windows\system32\nsisvc.dll
19:56:30.0739 3412  nsi - ok
19:56:30.0879 3412  [ E9A0A4D07E53D8FEA2BB8387A3293C58 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
19:56:30.0959 3412  nsiproxy - ok
19:56:31.0119 3412  [ 5E43D2B0EE64123D4880DFA6626DEFDE ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
19:56:31.0199 3412  Ntfs - ok
19:56:31.0321 3412  [ F9756A98D69098DCA8945D62858A812C ] Null            C:\Windows\system32\drivers\Null.sys
19:56:31.0411 3412  Null - ok
19:56:31.0531 3412  [ B3E25EE28883877076E0E1FF877D02E0 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
19:56:31.0561 3412  nvraid - ok
19:56:31.0621 3412  [ 4380E59A170D88C4F1022EFF6719A8A4 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
19:56:31.0651 3412  nvstor - ok
19:56:31.0761 3412  [ 5A0983915F02BAE73267CC2A041F717D ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
19:56:31.0801 3412  nv_agp - ok
19:56:32.0051 3412  [ 238E050669DB40721B42E0FDB190E9FA ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
19:56:32.0131 3412  OfficeSvc - ok
19:56:32.0231 3412  [ 08A70A1F2CDDE9BB49B885CB817A66EB ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
19:56:32.0301 3412  ohci1394 - ok
19:56:32.0421 3412  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:56:32.0461 3412  ose - ok
19:56:32.0721 3412  [ EE5756BDA5BE5891270E0CC6CEC44096 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
19:56:33.0061 3412  osppsvc - ok
19:56:33.0171 3412  [ 82A8521DDC60710C3D3D3E7325209BEC ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
19:56:33.0261 3412  p2pimsvc - ok
19:56:33.0381 3412  [ 59C3DDD501E39E006DAC31BF55150D91 ] p2psvc          C:\Windows\system32\p2psvc.dll
19:56:33.0451 3412  p2psvc - ok
19:56:33.0591 3412  [ 2EA877ED5DD9713C5AC74E8EA7348D14 ] Parport         C:\Windows\system32\drivers\parport.sys
19:56:33.0631 3412  Parport - ok
19:56:33.0699 3412  [ 3F34A1B4C5F6475F320C275E63AFCE9B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
19:56:33.0723 3412  partmgr - ok
19:56:33.0813 3412  [ EB0A59F29C19B86479D36B35983DAADC ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
19:56:33.0853 3412  Parvdm - ok
19:56:33.0923 3412  [ 358AB7956D3160000726574083DFC8A6 ] PcaSvc          C:\Windows\System32\pcasvc.dll
19:56:33.0973 3412  PcaSvc - ok
19:56:34.0063 3412  [ 673E55C3498EB970088E812EA820AA8F ] pci             C:\Windows\system32\drivers\pci.sys
19:56:34.0103 3412  pci - ok
19:56:34.0153 3412  [ AFE86F419014DB4E5593F69FFE26CE0A ] pciide          C:\Windows\system32\drivers\pciide.sys
19:56:34.0173 3412  pciide - ok
19:56:34.0283 3412  [ F396431B31693E71E8A80687EF523506 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
19:56:34.0323 3412  pcmcia - ok
19:56:34.0443 3412  [ 250F6B43D2B613172035C6747AEEB19F ] pcw             C:\Windows\system32\drivers\pcw.sys
19:56:34.0483 3412  pcw - ok
19:56:34.0543 3412  [ 9E0104BA49F4E6973749A02BF41344ED ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
19:56:34.0665 3412  PEAUTH - ok
19:56:34.0807 3412  [ AF4D64D2A57B9772CF3801950B8058A6 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
19:56:34.0917 3412  PeerDistSvc - ok
19:56:35.0157 3412  [ 414BBA67A3DED1D28437EB66AEB8A720 ] pla             C:\Windows\system32\pla.dll
19:56:35.0297 3412  pla - ok
19:56:35.0437 3412  [ EC7BC28D207DA09E79B3E9FAF8B232CA ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
19:56:35.0507 3412  PlugPlay - ok
19:56:35.0617 3412  [ 63FF8572611249931EB16BB8EED6AFC8 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
19:56:35.0677 3412  PNRPAutoReg - ok
19:56:35.0777 3412  [ 82A8521DDC60710C3D3D3E7325209BEC ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
19:56:35.0817 3412  PNRPsvc - ok
19:56:35.0877 3412  [ 53946B69BA0836BD95B03759530C81EC ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
19:56:35.0981 3412  PolicyAgent - ok
19:56:36.0119 3412  [ F87D30E72E03D579A5199CCB3831D6EA ] Power           C:\Windows\system32\umpo.dll
19:56:36.0209 3412  Power - ok
19:56:36.0353 3412  [ 631E3E205AD6D86F2AED6A4A8E69F2DB ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
19:56:36.0459 3412  PptpMiniport - ok
19:56:36.0557 3412  [ 85B1E3A0C7585BC4AAE6899EC6FCF011 ] Processor       C:\Windows\system32\drivers\processr.sys
19:56:36.0679 3412  Processor - ok
19:56:37.0071 3412  [ CADEFAC453040E370A1BDFF3973BE00D ] ProfSvc         C:\Windows\system32\profsvc.dll
19:56:37.0183 3412  ProfSvc - ok
19:56:37.0314 3412  [ 81951F51E318AECC2D68559E47485CC4 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:56:37.0380 3412  ProtectedStorage - ok
19:56:37.0487 3412  [ 6270CCAE2A86DE6D146529FE55B3246A ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
19:56:37.0597 3412  Psched - ok
19:56:37.0707 3412  [ AB95ECF1F6659A60DDC166D8315B0751 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
19:56:37.0811 3412  ql2300 - ok
19:56:37.0929 3412  [ B4DD51DD25182244B86737DC51AF2270 ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
19:56:37.0984 3412  ql40xx - ok
19:56:38.0101 3412  [ 31AC809E7707EB580B2BDB760390765A ] QWAVE           C:\Windows\system32\qwave.dll
19:56:38.0171 3412  QWAVE - ok
19:56:38.0251 3412  [ 584078CA1B95CA72DF2A27C336F9719D ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
19:56:38.0291 3412  QWAVEdrv - ok
19:56:38.0343 3412  [ 30A81B53C766D0133BB86D234E5556AB ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
19:56:38.0438 3412  RasAcd - ok
19:56:38.0555 3412  [ 57EC4AEF73660166074D8F7F31C0D4FD ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
19:56:38.0635 3412  RasAgileVpn - ok
19:56:38.0747 3412  [ A60F1839849C0C00739787FD5EC03F13 ] RasAuto         C:\Windows\System32\rasauto.dll
19:56:38.0874 3412  RasAuto - ok
19:56:38.0969 3412  [ D9F91EAFEC2815365CBE6D167E4E332A ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
19:56:39.0091 3412  Rasl2tp - ok
19:56:39.0233 3412  [ CB9E04DC05EACF5B9A36CA276D475006 ] RasMan          C:\Windows\System32\rasmans.dll
19:56:39.0333 3412  RasMan - ok
19:56:39.0413 3412  [ 0FE8B15916307A6AC12BFB6A63E45507 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
19:56:39.0483 3412  RasPppoe - ok
19:56:39.0523 3412  [ 44101F495A83EA6401D886E7FD70096B ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
19:56:39.0613 3412  RasSstp - ok
19:56:39.0693 3412  [ D528BC58A489409BA40334EBF96A311B ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
19:56:39.0795 3412  rdbss - ok
19:56:39.0885 3412  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
19:56:39.0931 3412  rdpbus - ok
19:56:39.0957 3412  [ 23DAE03F29D253AE74C44F99E515F9A1 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
19:56:40.0037 3412  RDPCDD - ok
19:56:40.0157 3412  [ B973FCFC50DC1434E1970A146F7E3885 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
19:56:40.0247 3412  RDPDR - ok
19:56:40.0347 3412  [ 5A53CA1598DD4156D44196D200C94B8A ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
19:56:40.0456 3412  RDPENCDD - ok
19:56:40.0549 3412  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
19:56:40.0629 3412  RDPREFMP - ok
19:56:40.0739 3412  [ F031683E6D1FEA157ABB2FF260B51E61 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
19:56:40.0829 3412  RDPWD - ok
19:56:40.0939 3412  [ 518395321DC96FE2C9F0E96AC743B656 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
19:56:40.0989 3412  rdyboost - ok
19:56:41.0089 3412  [ CB9A8683F4EF2BF99E123D79950D7935 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
19:56:41.0159 3412  RemoteRegistry - ok
19:56:41.0281 3412  [ 78D072F35BC45D9E4E1B61895C152234 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
19:56:41.0373 3412  RpcEptMapper - ok
19:56:41.0473 3412  [ 94D36C0E44677DD26981D2BFEEF2A29D ] RpcLocator      C:\Windows\system32\locator.exe
19:56:41.0543 3412  RpcLocator - ok
19:56:41.0633 3412  [ 7660F01D3B38ACA1747E397D21D790AF ] RpcSs           C:\Windows\system32\rpcss.dll
19:56:41.0724 3412  RpcSs - ok
19:56:41.0785 3412  [ E5B5CCA5421CCBF926F520CE103DC9B4 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
19:56:41.0825 3412  RSP2STOR - ok
19:56:41.0935 3412  [ 032B0D36AD92B582D869879F5AF5B928 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
19:56:42.0035 3412  rspndr - ok
19:56:42.0165 3412  [ 568C33723F09B341A11800D5EEA02038 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
19:56:42.0215 3412  RTL8167 - ok
19:56:42.0305 3412  [ 7FA7F2E249A5DCBB7970630E15E1F482 ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
19:56:42.0355 3412  s3cap - ok
19:56:42.0435 3412  [ 81951F51E318AECC2D68559E47485CC4 ] SamSs           C:\Windows\system32\lsass.exe
19:56:42.0475 3412  SamSs - ok
19:56:42.0545 3412  [ 05D860DA1040F111503AC416CCEF2BCA ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
19:56:42.0585 3412  sbp2port - ok
19:56:42.0737 3412  [ 8FC518FFE9519C2631D37515A68009C4 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
19:56:42.0847 3412  SCardSvr - ok
19:56:42.0939 3412  [ 0693B5EC673E34DC147E195779A4DCF6 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
19:56:43.0041 3412  scfilter - ok
19:56:43.0193 3412  [ A04BB13F8A72F8B6E8B4071723E4E336 ] Schedule        C:\Windows\system32\schedsvc.dll
19:56:43.0350 3412  Schedule - ok
19:56:43.0485 3412  [ 319C6B309773D063541D01DF8AC6F55F ] SCPolicySvc     C:\Windows\System32\certprop.dll
19:56:43.0555 3412  SCPolicySvc - ok
19:56:43.0625 3412  [ 08236C4BCE5EDD0A0318A438AF28E0F7 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
19:56:43.0705 3412  SDRSVC - ok
19:56:43.0815 3412  [ 90A3935D05B494A5A39D37E71F09A677 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
19:56:43.0905 3412  secdrv - ok
19:56:44.0005 3412  [ A59B3A4442C52060CC7A85293AA3546F ] seclogon        C:\Windows\system32\seclogon.dll
19:56:44.0095 3412  seclogon - ok
19:56:44.0185 3412  [ DCB7FCDCC97F87360F75D77425B81737 ] SENS            C:\Windows\system32\sens.dll
19:56:44.0275 3412  SENS - ok
19:56:44.0377 3412  [ 50087FE1EE447009C9CC2997B90DE53F ] SensrSvc        C:\Windows\system32\sensrsvc.dll
19:56:44.0487 3412  SensrSvc - ok
19:56:44.0577 3412  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1 ] Serenum         C:\Windows\system32\drivers\serenum.sys
19:56:44.0627 3412  Serenum - ok
19:56:44.0687 3412  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2 ] Serial          C:\Windows\system32\drivers\serial.sys
19:56:44.0757 3412  Serial - ok
19:56:44.0817 3412  [ 79BFFB520327FF916A582DFEA17AA813 ] sermouse        C:\Windows\system32\drivers\sermouse.sys
19:56:44.0877 3412  sermouse - ok
19:56:45.0027 3412  [ 4AE380F39A0032EAB7DD953030B26D28 ] SessionEnv      C:\Windows\system32\sessenv.dll
19:56:45.0127 3412  SessionEnv - ok
19:56:45.0199 3412  [ 9F976E1EB233DF46FCE808D9DEA3EB9C ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
19:56:45.0259 3412  sffdisk - ok
19:56:45.0359 3412  [ 932A68EE27833CFD57C1639D375F2731 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
19:56:45.0399 3412  sffp_mmc - ok
19:56:45.0429 3412  [ 6D4CCAEDC018F1CF52866BBBAA235982 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
19:56:45.0501 3412  sffp_sd - ok
19:56:45.0581 3412  [ DB96666CC8312EBC45032F30B007A547 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
19:56:45.0631 3412  sfloppy - ok
19:56:45.0731 3412  [ D1A079A0DE2EA524513B6930C24527A2 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
19:56:45.0841 3412  SharedAccess - ok
19:56:45.0931 3412  [ 414DA952A35BF5D50192E28263B40577 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:56:46.0023 3412  ShellHWDetection - ok
19:56:46.0113 3412  [ 2565CAC0DC9FE0371BDCE60832582B2E ] sisagp          C:\Windows\system32\drivers\sisagp.sys
19:56:46.0143 3412  sisagp - ok
19:56:46.0193 3412  [ A9F0486851BECB6DDA1D89D381E71055 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
19:56:46.0223 3412  SiSRaid2 - ok
19:56:46.0305 3412  [ 3727097B55738E2F554972C3BE5BC1AA ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
19:56:46.0335 3412  SiSRaid4 - ok
19:56:46.0385 3412  [ F5BBEDF602C310B00036EB2DBF4348A5 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
19:56:46.0435 3412  SkypeUpdate - ok
19:56:46.0515 3412  [ 3E21C083B8A01CB70BA1F09303010FCE ] Smb             C:\Windows\system32\DRIVERS\smb.sys
19:56:46.0605 3412  Smb - ok
19:56:46.0705 3412  [ 6A984831644ECA1A33FFEAE4126F4F37 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
19:56:46.0745 3412  SNMPTRAP - ok
19:56:46.0785 3412  [ 95CF1AE7527FB70F7816563CBC09D942 ] spldr           C:\Windows\system32\drivers\spldr.sys
19:56:46.0815 3412  spldr - ok
19:56:46.0925 3412  [ 9AEA093B8F9C37CF45538382CABA2475 ] Spooler         C:\Windows\System32\spoolsv.exe
19:56:46.0985 3412  Spooler - ok
19:56:47.0135 3412  [ CF87A1DE791347E75B98885214CED2B8 ] sppsvc          C:\Windows\system32\sppsvc.exe
19:56:47.0327 3412  sppsvc - ok
19:56:47.0417 3412  [ B0180B20B065D89232A78A40FE56EAA6 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
19:56:47.0507 3412  sppuinotify - ok
19:56:47.0627 3412  [ E4C2764065D66EA1D2D3EBC28FE99C46 ] srv             C:\Windows\system32\DRIVERS\srv.sys
19:56:47.0687 3412  srv - ok
19:56:47.0787 3412  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
19:56:47.0847 3412  srv2 - ok
19:56:47.0927 3412  [ BE6BD660CAA6F291AE06A718A4FA8ABC ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
19:56:47.0977 3412  srvnet - ok
19:56:48.0067 3412  [ D887C9FD02AC9FA880F6E5027A43E118 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
19:56:48.0142 3412  SSDPSRV - ok
19:56:48.0179 3412  [ D318F23BE45D5E3A107469EB64815B50 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
19:56:48.0269 3412  SstpSvc - ok
19:56:48.0339 3412  [ DB32D325C192B801DF274BFD12A7E72B ] stexstor        C:\Windows\system32\drivers\stexstor.sys
19:56:48.0369 3412  stexstor - ok
19:56:48.0429 3412  [ E1FB3706030FB4578A0D72C2FC3689E4 ] StiSvc          C:\Windows\System32\wiaservc.dll
19:56:48.0509 3412  StiSvc - ok
19:56:48.0589 3412  [ 472AF0311073DCECEAA8FA18BA2BDF89 ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
19:56:48.0619 3412  storflt - ok
19:56:48.0689 3412  [ 0BF669F0A910BEDA4A32258D363AF2A5 ] StorSvc         C:\Windows\system32\storsvc.dll
19:56:48.0749 3412  StorSvc - ok
19:56:48.0839 3412  [ DCAFFD62259E0BDB433DD67B5BB37619 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
19:56:48.0869 3412  storvsc - ok
19:56:48.0919 3412  [ E58C78A848ADD9610A4DB6D214AF5224 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
19:56:48.0949 3412  swenum - ok
19:56:49.0049 3412  [ A28BD92DF340E57B024BA433165D34D7 ] swprv           C:\Windows\System32\swprv.dll
19:56:49.0149 3412  swprv - ok
19:56:49.0269 3412  [ 36650D618CA34C9D357DFD3D89B2C56F ] SysMain         C:\Windows\system32\sysmain.dll
19:56:49.0351 3412  SysMain - ok
19:56:49.0463 3412  [ 763FECDC3D30C815FE72DD57936C6CD1 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:56:49.0530 3412  TabletInputService - ok
19:56:49.0575 3412  [ 613BF4820361543956909043A265C6AC ] TapiSrv         C:\Windows\System32\tapisrv.dll
19:56:49.0677 3412  TapiSrv - ok
19:56:49.0779 3412  [ B799D9FDB26111737F58288D8DC172D9 ] TBS             C:\Windows\System32\tbssvc.dll
19:56:49.0880 3412  TBS - ok
19:56:50.0023 3412  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
19:56:50.0103 3412  Tcpip - ok
19:56:50.0185 3412  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
19:56:50.0265 3412  TCPIP6 - ok
19:56:50.0375 3412  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
19:56:50.0425 3412  tcpipreg - ok
19:56:50.0517 3412  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
19:56:50.0587 3412  TDPIPE - ok
19:56:50.0687 3412  [ 2C2C5AFE7EE4F620D69C23C0617651A8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
19:56:50.0717 3412  TDTCP - ok
19:56:50.0807 3412  [ B459575348C20E8121D6039DA063C704 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
19:56:50.0877 3412  tdx - ok
19:56:50.0927 3412  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
19:56:50.0957 3412  TermDD - ok
19:56:51.0047 3412  [ 382C804C92811BE57829D8E550A900E2 ] TermService     C:\Windows\System32\termsrv.dll
19:56:51.0127 3412  TermService - ok
19:56:51.0227 3412  [ 42FB6AFD6B79D9FE07381609172E7CA4 ] Themes          C:\Windows\system32\themeservice.dll
19:56:51.0297 3412  Themes - ok
19:56:51.0357 3412  [ 146B6F43A673379A3C670E86D89BE5EA ] THREADORDER     C:\Windows\system32\mmcss.dll
19:56:51.0453 3412  THREADORDER - ok
19:56:51.0509 3412  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A ] TrkWks          C:\Windows\System32\trkwks.dll
19:56:51.0609 3412  TrkWks - ok
19:56:51.0719 3412  [ 2C49B175AEE1D4364B91B531417FE583 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:56:51.0811 3412  TrustedInstaller - ok
19:56:51.0901 3412  [ B37B08F2E5EEB1A37E448E09BACE1101 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
19:56:52.0013 3412  tssecsrv - ok
19:56:52.0073 3412  [ FD1D6C73E6333BE727CBCC6054247654 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
19:56:52.0183 3412  TsUsbFlt - ok
19:56:52.0263 3412  [ 01246F0BAAD7B68EC0F472AA41E33282 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
19:56:52.0313 3412  TsUsbGD - ok
19:56:52.0373 3412  [ B2FA25D9B17A68BB93D58B0556E8C90D ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
19:56:52.0443 3412  tunnel - ok
19:56:52.0473 3412  [ 750FBCB269F4D7DD2E420C56B795DB6D ] uagp35          C:\Windows\system32\drivers\uagp35.sys
19:56:52.0503 3412  uagp35 - ok
19:56:52.0585 3412  [ EE43346C7E4B5E63E54F927BABBB32FF ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
19:56:52.0695 3412  udfs - ok
19:56:52.0815 3412  [ 8344FD4FCE927880AA1AA7681D4927E5 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
19:56:52.0885 3412  UI0Detect - ok
19:56:52.0955 3412  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
19:56:52.0985 3412  uliagpkx - ok
19:56:53.0017 3412  [ D295BED4B898F0FD999FCFA9B32B071B ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
19:56:53.0077 3412  umbus - ok
19:56:53.0137 3412  [ 7550AD0C6998BA1CB4843E920EE0FEAC ] UmPass          C:\Windows\system32\drivers\umpass.sys
19:56:53.0187 3412  UmPass - ok
19:56:53.0267 3412  [ 409994A8EACEEE4E328749C0353527A0 ] UmRdpService    C:\Windows\System32\umrdp.dll
19:56:53.0317 3412  UmRdpService - ok
19:56:53.0407 3412  [ 833FBB672460EFCE8011D262175FAD33 ] upnphost        C:\Windows\System32\upnphost.dll
19:56:53.0497 3412  upnphost - ok
19:56:53.0557 3412  [ BD9C55D7023C5DE374507ACC7A14E2AC ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
19:56:53.0637 3412  usbccgp - ok
19:56:53.0737 3412  [ 04EC7CEC62EC3B6D9354EEE93327FC82 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
19:56:53.0777 3412  usbcir - ok
19:56:53.0817 3412  [ F92DE757E4B7CE9C07C5E65423F3AE3B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
19:56:53.0877 3412  usbehci - ok
19:56:53.0977 3412  [ 04322AECFC8718883EE3A0FE21FB5B70 ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
19:56:54.0007 3412  usbfilter - ok
19:56:54.0057 3412  [ 8DC94AEC6A7E644A06135AE7506DC2E9 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
19:56:54.0087 3412  usbhub - ok
19:56:54.0177 3412  [ E185D44FAC515A18D9DEDDC23C2CDF44 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
19:56:54.0227 3412  usbohci - ok
19:56:54.0287 3412  [ 797D862FE0875E75C7CC4C1AD7B30252 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
19:56:54.0347 3412  usbprint - ok
19:56:54.0457 3412  [ 576096CCBC07E7C4EA4F5E6686D6888F ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
19:56:54.0487 3412  usbscan - ok
19:56:54.0557 3412  [ F991AB9CC6B908DB552166768176896A ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:56:54.0637 3412  USBSTOR - ok
19:56:54.0717 3412  [ 68DF884CF41CDADA664BEB01DAF67E3D ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
19:56:54.0757 3412  usbuhci - ok
19:56:54.0817 3412  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
19:56:54.0867 3412  usbvideo - ok
19:56:54.0957 3412  [ 081E6E1C91AEC36758902A9F727CD23C ] UxSms           C:\Windows\System32\uxsms.dll
19:56:55.0047 3412  UxSms - ok
19:56:55.0107 3412  [ 81951F51E318AECC2D68559E47485CC4 ] VaultSvc        C:\Windows\system32\lsass.exe
19:56:55.0147 3412  VaultSvc - ok
19:56:55.0207 3412  [ A059C4C3EDB09E07D21A8E5C0AABD3CB ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
19:56:55.0237 3412  vdrvroot - ok
19:56:55.0379 3412  [ C3CD30495687C2A2F66A65CA6FD89BE9 ] vds             C:\Windows\System32\vds.exe
19:56:55.0471 3412  vds - ok
19:56:55.0583 3412  [ 17C408214EA61696CEC9C66E388B14F3 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
19:56:55.0653 3412  vga - ok
19:56:55.0745 3412  [ 8E38096AD5C8570A6F1570A61E251561 ] VgaSave         C:\Windows\System32\drivers\vga.sys
19:56:55.0827 3412  VgaSave - ok
19:56:55.0857 3412  [ 5461686CCA2FDA57B024547733AB42E3 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
19:56:55.0897 3412  vhdmp - ok
19:56:55.0967 3412  [ C829317A37B4BEA8F39735D4B076E923 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
19:56:55.0997 3412  viaagp - ok
19:56:56.0037 3412  [ E02F079A6AA107F06B16549C6E5C7B74 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
19:56:56.0097 3412  ViaC7 - ok
19:56:56.0199 3412  [ E43574F6A56A0EE11809B48C09E4FD3C ] viaide          C:\Windows\system32\drivers\viaide.sys
19:56:56.0229 3412  viaide - ok
19:56:56.0321 3412  [ C2F2911156FDC7817C52829C86DA494E ] vmbus           C:\Windows\system32\drivers\vmbus.sys
19:56:56.0369 3412  vmbus - ok
19:56:56.0433 3412  [ D4D77455211E204F370D08F4963063CE ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
19:56:56.0483 3412  VMBusHID - ok
19:56:56.0533 3412  [ 4C63E00F2F4B5F86AB48A58CD990F212 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
19:56:56.0563 3412  volmgr - ok
19:56:56.0613 3412  [ B5BB72067DDDDBBFB04B2F89FF8C3C87 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
19:56:56.0653 3412  volmgrx - ok
19:56:56.0673 3412  [ F497F67932C6FA693D7DE2780631CFE7 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
19:56:56.0713 3412  volsnap - ok
19:56:56.0733 3412  [ 9DFA0CC2F8855A04816729651175B631 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
19:56:56.0733 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\vsmraid.sys. md5: 9DFA0CC2F8855A04816729651175B631
19:56:56.0773 3412  vsmraid ( LockedFile.Multi.Generic ) - warning
19:56:56.0773 3412  vsmraid - detected LockedFile.Multi.Generic (1)
19:56:56.0863 3412  [ 209A3B1901B83AEB8527ED211CCE9E4C ] VSS             C:\Windows\system32\vssvc.exe
19:56:56.0943 3412  VSS - ok
19:56:57.0023 3412  [ 90567B1E658001E79D7C8BBD3DDE5AA6 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
19:56:57.0023 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 90567B1E658001E79D7C8BBD3DDE5AA6
19:56:57.0073 3412  vwifibus ( LockedFile.Multi.Generic ) - warning
19:56:57.0073 3412  vwifibus - detected LockedFile.Multi.Generic (1)
19:56:57.0103 3412  [ 7090D3436EEB4E7DA3373090A23448F7 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
19:56:57.0113 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 7090D3436EEB4E7DA3373090A23448F7
19:56:57.0113 3412  vwififlt ( LockedFile.Multi.Generic ) - warning
19:56:57.0113 3412  vwififlt - detected LockedFile.Multi.Generic (1)
19:56:57.0193 3412  [ 55187FD710E27D5095D10A472C8BAF1C ] W32Time         C:\Windows\system32\w32time.dll
19:56:57.0293 3412  W32Time - ok
19:56:57.0373 3412  [ DE3721E89C653AA281428C8A69745D90 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
19:56:57.0373 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\wacompen.sys. md5: DE3721E89C653AA281428C8A69745D90
19:56:57.0433 3412  WacomPen ( LockedFile.Multi.Generic ) - warning
19:56:57.0433 3412  WacomPen - detected LockedFile.Multi.Generic (1)
19:56:57.0473 3412  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
19:56:57.0473 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E
19:56:57.0483 3412  WANARP ( LockedFile.Multi.Generic ) - warning
19:56:57.0483 3412  WANARP - detected LockedFile.Multi.Generic (1)
19:56:57.0503 3412  [ 3C3C78515F5AB448B022BDF5B8FFDD2E ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
19:56:57.0503 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E
19:56:57.0523 3412  Wanarpv6 ( LockedFile.Multi.Generic ) - warning
19:56:57.0523 3412  Wanarpv6 - detected LockedFile.Multi.Generic (1)
19:56:57.0613 3412  [ 691E3285E53DCA558E1A84667F13E15A ] wbengine        C:\Windows\system32\wbengine.exe
19:56:57.0701 3412  wbengine - ok
19:56:57.0785 3412  [ 9614B5D29DC76AC3C29F6D2D3AA70E67 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
19:56:57.0855 3412  WbioSrvc - ok
19:56:57.0945 3412  [ 34EEE0DFAADB4F691D6D5308A51315DC ] wcncsvc         C:\Windows\System32\wcncsvc.dll
19:56:57.0995 3412  wcncsvc - ok
19:56:58.0025 3412  [ 5D930B6357A6D2AF4D7653BDABBF352F ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:56:58.0115 3412  WcsPlugInService - ok
19:56:58.0205 3412  [ 1112A9BADACB47B7C0BB0392E3158DFF ] Wd              C:\Windows\system32\drivers\wd.sys
19:56:58.0205 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\wd.sys. md5: 1112A9BADACB47B7C0BB0392E3158DFF
19:56:58.0245 3412  Wd ( LockedFile.Multi.Generic ) - warning
19:56:58.0245 3412  Wd - detected LockedFile.Multi.Generic (1)
19:56:58.0335 3412  [ A840213F1ACDCC175B4D1D5AAEAC0D7A ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
19:56:58.0335 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\Wdf01000.sys. md5: A840213F1ACDCC175B4D1D5AAEAC0D7A
19:56:58.0395 3412  Wdf01000 ( LockedFile.Multi.Generic ) - warning
19:56:58.0395 3412  Wdf01000 - detected LockedFile.Multi.Generic (1)
19:56:58.0445 3412  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
19:56:58.0555 3412  WdiServiceHost - ok
19:56:58.0655 3412  [ 46EF9DC96265FD0B423DB72E7C38C2A5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
19:56:58.0705 3412  WdiSystemHost - ok
19:56:58.0775 3412  [ A9D880F97530D5B8FEE278923349929D ] WebClient       C:\Windows\System32\webclnt.dll
19:56:58.0845 3412  WebClient - ok
19:56:58.0925 3412  [ 760F0AFE937A77CFF27153206534F275 ] Wecsvc          C:\Windows\system32\wecsvc.dll
19:56:58.0995 3412  Wecsvc - ok
19:56:59.0045 3412  [ AC804569BB2364FB6017370258A4091B ] wercplsupport   C:\Windows\System32\wercplsupport.dll
19:56:59.0115 3412  wercplsupport - ok
19:56:59.0205 3412  [ 08E420D873E4FD85241EE2421B02C4A4 ] WerSvc          C:\Windows\System32\WerSvc.dll
19:56:59.0295 3412  WerSvc - ok
19:56:59.0365 3412  [ 8B9A943F3B53861F2BFAF6C186168F79 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
19:56:59.0365 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 8B9A943F3B53861F2BFAF6C186168F79
19:56:59.0435 3412  WfpLwf ( LockedFile.Multi.Generic ) - warning
19:56:59.0445 3412  WfpLwf - detected LockedFile.Multi.Generic (1)
19:56:59.0505 3412  [ 5CF95B35E59E2A38023836FFF31BE64C ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
19:56:59.0505 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\wimmount.sys. md5: 5CF95B35E59E2A38023836FFF31BE64C
19:56:59.0595 3412  WIMMount ( LockedFile.Multi.Generic ) - warning
19:56:59.0595 3412  WIMMount - detected LockedFile.Multi.Generic (1)
19:56:59.0725 3412  [ 082CF481F659FAE0DE51AD060881EB47 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
19:56:59.0795 3412  WinDefend - ok
19:56:59.0865 3412  WinHttpAutoProxySvc - ok
19:56:59.0955 3412  [ F62E510B6AD4C21EB9FE8668ED251826 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
19:57:00.0025 3412  Winmgmt - ok
19:57:00.0145 3412  [ 1B91CD34EA3A90AB6A4EF0550174F4CC ] WinRM           C:\Windows\system32\WsmSvc.dll
19:57:00.0265 3412  WinRM - ok
19:57:00.0405 3412  [ 16935C98FF639D185086A3529B1F2067 ] Wlansvc         C:\Windows\System32\wlansvc.dll
19:57:00.0495 3412  Wlansvc - ok
19:57:00.0555 3412  [ 0217679B8FCA58714C3BF2726D2CA84E ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
19:57:00.0555 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: 0217679B8FCA58714C3BF2726D2CA84E
19:57:00.0595 3412  WmiAcpi ( LockedFile.Multi.Generic ) - warning
19:57:00.0595 3412  WmiAcpi - detected LockedFile.Multi.Generic (1)
19:57:00.0675 3412  [ 6EB6B66517B048D87DC1856DDF1F4C3F ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
19:57:00.0735 3412  wmiApSrv - ok
19:57:00.0855 3412  [ 3B40D3A61AA8C21B88AE57C58AB3122E ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
19:57:00.0975 3412  WMPNetworkSvc - ok
19:57:01.0065 3412  [ A2F0EC770A92F2B3F9DE6D518E11409C ] WPCSvc          C:\Windows\System32\wpcsvc.dll
19:57:01.0175 3412  WPCSvc - ok
19:57:01.0245 3412  [ AA53356D60AF47EACC85BC617A4F3F66 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
19:57:01.0335 3412  WPDBusEnum - ok
19:57:01.0415 3412  [ 6DB3276587B853BF886B69528FDB048C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
19:57:01.0425 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6DB3276587B853BF886B69528FDB048C
19:57:01.0495 3412  ws2ifsl ( LockedFile.Multi.Generic ) - warning
19:57:01.0495 3412  ws2ifsl - detected LockedFile.Multi.Generic (1)
19:57:01.0555 3412  [ 6F5D49EFE0E7164E03AE773A3FE25340 ] wscsvc          C:\Windows\system32\wscsvc.dll
19:57:01.0605 3412  wscsvc - ok
19:57:01.0625 3412  WSearch - ok
19:57:01.0765 3412  [ FC3EC24FCE372C89423E015A2AC1A31E ] wuauserv        C:\Windows\system32\wuaueng.dll
19:57:01.0865 3412  wuauserv - ok
19:57:01.0965 3412  [ 06E6F32C8D0A3F66D956F57B43A2E070 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
19:57:01.0965 3412  Suspicious file (NoAccess): C:\Windows\system32\drivers\WudfPf.sys. md5: 06E6F32C8D0A3F66D956F57B43A2E070
19:57:02.0025 3412  WudfPf ( LockedFile.Multi.Generic ) - warning
19:57:02.0025 3412  WudfPf - detected LockedFile.Multi.Generic (1)
19:57:02.0065 3412  [ 867C301E8B790040AE9CF6486E8041DF ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
19:57:02.0065 3412  Suspicious file (NoAccess): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 867C301E8B790040AE9CF6486E8041DF
19:57:02.0065 3412  WUDFRd ( LockedFile.Multi.Generic ) - warning
19:57:02.0065 3412  WUDFRd - detected LockedFile.Multi.Generic (1)
19:57:02.0165 3412  [ FE47B7BC8EA320C2D9B5E5BF6E303765 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
19:57:02.0240 3412  wudfsvc - ok
19:57:02.0327 3412  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4 ] WwanSvc         C:\Windows\System32\wwansvc.dll
19:57:02.0408 3412  WwanSvc - ok
19:57:02.0479 3412  ================ Scan global ===============================
19:57:02.0579 3412  [ DAB748AE0439955ED2FA22357533DDDB ] C:\Windows\system32\basesrv.dll
19:57:02.0629 3412  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:57:02.0649 3412  [ 1F5F07091D50244F17DD8D5147A628CC ] C:\Windows\system32\winsrv.dll
19:57:02.0709 3412  [ 364455805E64882844EE9ACB72522830 ] C:\Windows\system32\sxssrv.dll
19:57:02.0749 3412  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6 ] C:\Windows\system32\services.exe
19:57:02.0759 3412  [Global] - ok
19:57:02.0769 3412  ================ Scan MBR ==================================
19:57:02.0792 3412  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
19:57:03.0281 3412  \Device\Harddisk0\DR0 - ok
19:57:03.0281 3412  ================ Scan VBR ==================================
19:57:03.0321 3412  [ 9F8DE8744ABB2570032765D01C293F5B ] \Device\Harddisk0\DR0\Partition1
19:57:03.0321 3412  \Device\Harddisk0\DR0\Partition1 - ok
19:57:03.0351 3412  [ B37BB17F058E3DB9866A10C984B212A2 ] \Device\Harddisk0\DR0\Partition2
19:57:03.0361 3412  \Device\Harddisk0\DR0\Partition2 - ok
19:57:03.0361 3412  ============================================================
19:57:03.0361 3412  Scan finished
19:57:03.0361 3412  ============================================================
19:57:03.0391 3420  Detected object count: 15
19:57:03.0391 3420  Actual detected object count: 15
19:59:10.0500 3420  C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys - copied to quarantine
19:59:10.0560 3420  HKLM\SYSTEM\ControlSet001\services\150e123a6f6ee7c0 - will be deleted on reboot
19:59:10.0640 3420  HKLM\SYSTEM\ControlSet002\services\150e123a6f6ee7c0 - will be deleted on reboot
19:59:11.0260 3420  C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys - will be deleted on reboot
19:59:11.0260 3420  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - User select action: Delete 
19:59:11.0260 3420  vsmraid ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0260 3420  vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0270 3420  vwifibus ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0270 3420  vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0270 3420  vwififlt ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0270 3420  vwififlt ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0280 3420  WacomPen ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0280 3420  WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0280 3420  WANARP ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0280 3420  WANARP ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0290 3420  Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0290 3420  Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0290 3420  Wd ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0290 3420  Wd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0300 3420  Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0300 3420  Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0310 3420  WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0310 3420  WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0310 3420  WIMMount ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0310 3420  WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0320 3420  WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0320 3420  WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0320 3420  ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0320 3420  ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0330 3420  WudfPf ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0330 3420  WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:11.0330 3420  WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
19:59:11.0330 3420  WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip 
19:59:28.0002 3292  Deinitialize success

Ich hoffe damit kann man was anfangen.

Danke im Vorraus

PS: Ist auf zwei Post aufgeteilt, wegen der Länge.

Klösp · 26.01.2014, 11:42

Code:

ATTFilter

20:59:52.0970 0x0284  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
21:00:19.0163 0x0284  ============================================================
21:00:19.0163 0x0284  Current date / time: 2014/01/21 21:00:19.0163
21:00:19.0163 0x0284  SystemInfo:
21:00:19.0163 0x0284  
21:00:19.0163 0x0284  OS Version: 6.1.7601 ServicePack: 1.0
21:00:19.0163 0x0284  Product type: Workstation
21:00:19.0163 0x0284  ComputerName: NAME-NB
21:00:19.0163 0x0284  UserName: BENUTZER
21:00:19.0163 0x0284  Windows directory: C:\Windows
21:00:19.0163 0x0284  System windows directory: C:\Windows
21:00:19.0163 0x0284  Processor architecture: Intel x86
21:00:19.0163 0x0284  Number of processors: 2
21:00:19.0163 0x0284  Page size: 0x1000
21:00:19.0163 0x0284  Boot type: Normal boot
21:00:19.0163 0x0284  ============================================================
21:00:19.0802 0x0284  KLMD registered as C:\Windows\system32\drivers\74769217.sys
21:00:37.0243 0x0284  System UUID: {2B6A7476-D5A1-D22F-5BCC-88F68823EF39}
21:00:38.0132 0x0284  !crdlk
21:00:38.0132 0x0284  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'A'
21:00:38.0148 0x0284  ============================================================
21:00:38.0148 0x0284  \Device\Harddisk0\DR0:
21:00:38.0148 0x0284  MBR partitions:
21:00:38.0148 0x0284  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
21:00:38.0148 0x0284  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x23FFB800
21:00:38.0148 0x0284  ============================================================
21:00:38.0195 0x0284  C: <-> \Device\Harddisk0\DR0\Partition2
21:00:38.0226 0x0284  ============================================================
21:00:38.0226 0x0284  Initialize success
21:00:38.0226 0x0284  ============================================================
21:01:47.0918 0x0974  ============================================================
21:01:47.0918 0x0974  Scan started
21:01:47.0918 0x0974  Mode: Manual; SigCheck; TDLFS; 
21:01:47.0918 0x0974  ============================================================
21:01:47.0918 0x0974  KSN ping started
21:01:50.0726 0x0974  KSN ping finished: true
21:01:51.0100 0x0974  ================ Scan system memory ========================
21:01:51.0100 0x0974  System memory - ok
21:01:51.0100 0x0974  ================ Scan services =============================
21:01:51.0366 0x0974  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
21:01:51.0631 0x0974  1394ohci - ok
21:01:51.0662 0x0974  Suspicious service (NoAccess): 150e123a6f6ee7c0
21:01:51.0724 0x0974  [ 49E3ECB210CB029A905B095BF7C5EE80, C78E50D1A2A32597DF52117159B5E164FE57CD9D5503E33B48E9D1DC532EDF78 ] 150e123a6f6ee7c0 C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys
21:01:51.0724 0x0974  Suspicious file ( NoAccess ): C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys. md5: 49E3ECB210CB029A905B095BF7C5EE80, sha256: C78E50D1A2A32597DF52117159B5E164FE57CD9D5503E33B48E9D1DC532EDF78
21:01:51.0818 0x0974  150e123a6f6ee7c0 - detected Rootkit.Win32.Necurs.gen ( 0 )
21:01:52.0052 0x0974  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - infected
21:01:52.0052 0x0974  Force sending object to P2P due to detect: C:\Windows\System32\Drivers\150e123a6f6ee7c0.sys
21:01:54.0954 0x0974  Object send P2P result: true
21:01:57.0855 0x0974  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
21:01:57.0887 0x0974  ACPI - ok
21:01:57.0918 0x0974  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
21:01:58.0027 0x0974  AcpiPmi - ok
21:01:58.0199 0x0974  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
21:01:58.0245 0x0974  AdobeARMservice - ok
21:01:58.0339 0x0974  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
21:01:58.0386 0x0974  AdobeFlashPlayerUpdateSvc - ok
21:01:58.0511 0x0974  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
21:01:58.0589 0x0974  adp94xx - ok
21:01:58.0635 0x0974  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
21:01:58.0667 0x0974  adpahci - ok
21:01:58.0776 0x0974  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
21:01:58.0823 0x0974  adpu320 - ok
21:01:58.0947 0x0974  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
21:01:59.0150 0x0974  AeLookupSvc - ok
21:01:59.0291 0x0974  [ 9EBBBA55060F786F0FCAA3893BFA2806, 2E5A0FA2995989E9391771024839F5AD040A041CEE56787286D8FC421E26FE90 ] AFD             C:\Windows\system32\drivers\afd.sys
21:01:59.0400 0x0974  AFD - ok
21:01:59.0478 0x0974  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
21:01:59.0509 0x0974  agp440 - ok
21:01:59.0556 0x0974  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
21:01:59.0587 0x0974  aic78xx - ok
21:01:59.0681 0x0974  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
21:01:59.0790 0x0974  ALG - ok
21:01:59.0868 0x0974  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
21:01:59.0915 0x0974  aliide - ok
21:01:59.0977 0x0974  [ CDE41D99DB840FF9454FC981EBD0EC50, 01A48A41936293B97C2C568B32DF6BAAA302D39C18878C060ACCC9B4C69A956E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
21:02:00.0102 0x0974  AMD External Events Utility - ok
21:02:00.0211 0x0974  AMD FUEL Service - ok
21:02:00.0273 0x0974  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
21:02:00.0320 0x0974  amdagp - ok
21:02:00.0414 0x0974  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
21:02:00.0461 0x0974  amdide - ok
21:02:00.0554 0x0974  [ FF258424F0B2EF25EB98F04EE386E6E3, 09DC3854BF0D52FB80AB08DC4E0DD4A9E37ACAA500083A56F9836C837EBCFA82 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
21:02:00.0601 0x0974  amdiox86 - ok
21:02:00.0695 0x0974  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
21:02:00.0741 0x0974  AmdK8 - ok
21:02:01.0350 0x0974  [ FFD082F1F1D4FF5C87F66DF62486BCFA, F793C798E3919889B78975DEBB0E087683DE7BE4B54F92C5D6549BE8CCB27CAE ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
21:02:02.0177 0x0974  amdkmdag - ok
21:02:02.0286 0x0974  [ C541DA5B72FA638469E8DC1E66079330, 6286EA9C92D678220BFE2D497DB32A641F29D04FCBFCF970EABE740157378765 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
21:02:02.0364 0x0974  amdkmdap - ok
21:02:02.0442 0x0974  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
21:02:02.0520 0x0974  AmdPPM - ok
21:02:02.0598 0x0974  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
21:02:02.0645 0x0974  amdsata - ok
21:02:02.0707 0x0974  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
21:02:02.0754 0x0974  amdsbs - ok
21:02:02.0863 0x0974  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
21:02:02.0879 0x0974  amdxata - ok
21:02:02.0925 0x0974  [ E91675D350F5FCD98005F5B2C97F6B61, 4AABC84FDA09FE1AE8B30EC74EED38C861DEA08A1E26AB66EFD7B78BD12EF31F ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
21:02:02.0957 0x0974  amd_sata - ok
21:02:03.0050 0x0974  [ 5B43A272F8233A743533992248ECBC73, 005666EFDAB1DF5D7149DE3EB9A6281C66194E9326DAA83C0239BEB6577BB488 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
21:02:03.0081 0x0974  amd_xata - ok
21:02:03.0144 0x0974  [ DF6DE9E8E4B6994853CCF038BFAE964B, F122A283CA8AB80FE5033E538B3ED45A71209A98D3562E8434532AD62DA76D7D ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
21:02:03.0175 0x0974  AODDriver4.1 - ok
21:02:03.0269 0x0974  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
21:02:03.0362 0x0974  AppID - ok
21:02:03.0487 0x0974  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
21:02:03.0627 0x0974  AppIDSvc - ok
21:02:03.0752 0x0974  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
21:02:03.0877 0x0974  Appinfo - ok
21:02:03.0986 0x0974  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
21:02:04.0127 0x0974  AppMgmt - ok
21:02:04.0220 0x0974  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
21:02:04.0267 0x0974  arc - ok
21:02:04.0329 0x0974  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
21:02:04.0376 0x0974  arcsas - ok
21:02:04.0392 0x0974  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
21:02:04.0563 0x0974  AsyncMac - ok
21:02:04.0641 0x0974  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
21:02:04.0688 0x0974  atapi - ok
21:02:04.0953 0x0974  [ CFE432E8EEACBCEA3DBF53EA76978A65, 1495A2E450B4000FBB8DCF7AC2AFE96A08AD23CBE0C7DC2BFB6A70E68CF1AEAA ] athr            C:\Windows\system32\DRIVERS\athr.sys
21:02:05.0250 0x0974  athr - ok
21:02:05.0375 0x0974  [ 4D201D8B576BE4473405B2A86A2D28B3, 97D14459C5ED6EA67220485CC8828C07E9C39C4D04A371AB86AB6379E664DC7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
21:02:05.0421 0x0974  AtiHDAudioService - ok
21:02:05.0531 0x0974  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
21:02:05.0858 0x0974  AudioEndpointBuilder - ok
21:02:06.0123 0x0974  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
21:02:06.0248 0x0974  Audiosrv - ok
21:02:06.0357 0x0974  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
21:02:06.0451 0x0974  AxInstSV - ok
21:02:06.0591 0x0974  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
21:02:06.0701 0x0974  b06bdrv - ok
21:02:06.0825 0x0974  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
21:02:06.0997 0x0974  b57nd60x - ok
21:02:07.0122 0x0974  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
21:02:07.0184 0x0974  BDESVC - ok
21:02:07.0278 0x0974  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
21:02:07.0371 0x0974  Beep - ok
21:02:07.0512 0x0974  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
21:02:07.0621 0x0974  BFE - ok
21:02:07.0793 0x0974  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
21:02:07.0917 0x0974  BITS - ok
21:02:08.0011 0x0974  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
21:02:08.0073 0x0974  blbdrive - ok
21:02:08.0183 0x0974  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
21:02:08.0229 0x0974  bowser - ok
21:02:08.0323 0x0974  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
21:02:08.0385 0x0974  BrFiltLo - ok
21:02:08.0479 0x0974  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
21:02:08.0573 0x0974  BrFiltUp - ok
21:02:08.0635 0x0974  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
21:02:08.0713 0x0974  BridgeMP - ok
21:02:08.0869 0x0974  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
21:02:08.0947 0x0974  Browser - ok
21:02:09.0087 0x0974  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
21:02:09.0197 0x0974  Brserid - ok
21:02:09.0290 0x0974  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
21:02:09.0368 0x0974  BrSerWdm - ok
21:02:09.0493 0x0974  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
21:02:09.0555 0x0974  BrUsbMdm - ok
21:02:09.0665 0x0974  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
21:02:09.0743 0x0974  BrUsbSer - ok
21:02:09.0852 0x0974  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
21:02:09.0930 0x0974  BTHMODEM - ok
21:02:10.0070 0x0974  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
21:02:10.0195 0x0974  bthserv - ok
21:02:10.0398 0x0974  catchme - ok
21:02:10.0491 0x0974  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
21:02:10.0601 0x0974  cdfs - ok
21:02:10.0710 0x0974  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
21:02:10.0788 0x0974  cdrom - ok
21:02:10.0928 0x0974  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
21:02:11.0037 0x0974  CertPropSvc - ok
21:02:11.0115 0x0974  CFcatchme - ok
21:02:11.0193 0x0974  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
21:02:11.0287 0x0974  circlass - ok
21:02:11.0381 0x0974  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
21:02:11.0427 0x0974  CLFS - ok
21:02:11.0537 0x0974  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:02:11.0583 0x0974  clr_optimization_v2.0.50727_32 - ok
21:02:11.0849 0x0974  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:02:11.0880 0x0974  clr_optimization_v4.0.30319_32 - ok
21:02:12.0005 0x0974  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
21:02:12.0083 0x0974  CmBatt - ok
21:02:12.0176 0x0974  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
21:02:12.0223 0x0974  cmdide - ok
21:02:12.0348 0x0974  [ 247B4CE2DAB1160CD422D532D5241E1F, CFE04DBE48B23B084C3F4C3D0F483B26F322E4693176D8739A412BE5D8BE597E ] CNG             C:\Windows\system32\Drivers\cng.sys
21:02:12.0457 0x0974  CNG - ok
21:02:12.0566 0x0974  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
21:02:12.0613 0x0974  Compbatt - ok
21:02:12.0722 0x0974  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
21:02:12.0785 0x0974  CompositeBus - ok
21:02:12.0863 0x0974  COMSysApp - ok
21:02:12.0941 0x0974  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
21:02:12.0987 0x0974  crcdisk - ok
21:02:13.0143 0x0974  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
21:02:13.0237 0x0974  CryptSvc - ok
21:02:13.0362 0x0974  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
21:02:13.0502 0x0974  CSC - ok
21:02:13.0674 0x0974  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
21:02:13.0799 0x0974  CscService - ok
21:02:13.0939 0x0974  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
21:02:14.0079 0x0974  DcomLaunch - ok
21:02:14.0204 0x0974  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
21:02:14.0313 0x0974  defragsvc - ok
21:02:14.0407 0x0974  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
21:02:14.0703 0x0974  DfsC - ok
21:02:14.0891 0x0974  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
21:02:15.0000 0x0974  Dhcp - ok
21:02:15.0156 0x0974  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
21:02:15.0249 0x0974  discache - ok
21:02:15.0327 0x0974  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
21:02:15.0359 0x0974  Disk - ok
21:02:15.0452 0x0974  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
21:02:15.0530 0x0974  dmvsc - ok
21:02:15.0671 0x0974  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
21:02:15.0795 0x0974  Dnscache - ok
21:02:15.0920 0x0974  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
21:02:16.0014 0x0974  dot3svc - ok
21:02:16.0154 0x0974  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
21:02:16.0263 0x0974  DPS - ok
21:02:16.0341 0x0974  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
21:02:16.0404 0x0974  drmkaud - ok
21:02:16.0544 0x0974  [ 16498EBC04AE9DD07049A8884B205C05, 134EA1C7A2DB984B8EBADF6C25B28DBADF02215AA2ED298FA124556FC4992084 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
21:02:16.0638 0x0974  DXGKrnl - ok
21:02:16.0747 0x0974  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
21:02:16.0841 0x0974  EapHost - ok
21:02:17.0184 0x0974  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
21:02:17.0543 0x0974  ebdrv - ok
21:02:17.0652 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] EFS             C:\Windows\System32\lsass.exe
21:02:17.0699 0x0974  EFS - ok
21:02:17.0917 0x0974  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
21:02:18.0011 0x0974  ehRecvr - ok
21:02:18.0135 0x0974  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
21:02:18.0198 0x0974  ehSched - ok
21:02:18.0354 0x0974  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
21:02:18.0479 0x0974  elxstor - ok
21:02:18.0603 0x0974  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
21:02:18.0806 0x0974  ErrDev - ok
21:02:19.0165 0x0974  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
21:02:19.0259 0x0974  EventSystem - ok
21:02:19.0383 0x0974  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
21:02:19.0446 0x0974  exfat - ok
21:02:19.0602 0x0974  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
21:02:19.0711 0x0974  fastfat - ok
21:02:19.0867 0x0974  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
21:02:19.0992 0x0974  Fax - ok
21:02:20.0101 0x0974  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
21:02:20.0210 0x0974  fdc - ok
21:02:20.0351 0x0974  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
21:02:20.0429 0x0974  fdPHost - ok
21:02:20.0538 0x0974  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
21:02:20.0631 0x0974  FDResPub - ok
21:02:20.0772 0x0974  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
21:02:20.0803 0x0974  FileInfo - ok
21:02:20.0943 0x0974  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
21:02:21.0021 0x0974  Filetrace - ok
21:02:21.0146 0x0974  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
21:02:21.0240 0x0974  flpydisk - ok
21:02:21.0365 0x0974  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
21:02:21.0396 0x0974  FltMgr - ok
21:02:21.0614 0x0974  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
21:02:21.0723 0x0974  FontCache - ok
21:02:21.0879 0x0974  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
21:02:21.0911 0x0974  FontCache3.0.0.0 - ok
21:02:22.0020 0x0974  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
21:02:22.0067 0x0974  FsDepends - ok
21:02:22.0129 0x0974  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
21:02:22.0160 0x0974  Fs_Rec - ok
21:02:22.0316 0x0974  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
21:02:22.0379 0x0974  fvevol - ok
21:02:22.0503 0x0974  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
21:02:22.0581 0x0974  gagp30kx - ok
21:02:22.0815 0x0974  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
21:02:23.0003 0x0974  gpsvc - ok
21:02:23.0096 0x0974  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
21:02:23.0174 0x0974  hcw85cir - ok
21:02:23.0299 0x0974  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
21:02:23.0377 0x0974  HdAudAddService - ok
21:02:23.0486 0x0974  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
21:02:23.0533 0x0974  HDAudBus - ok
21:02:23.0564 0x0974  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
21:02:23.0611 0x0974  HidBatt - ok
21:02:23.0736 0x0974  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
21:02:23.0814 0x0974  HidBth - ok
21:02:23.0892 0x0974  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
21:02:23.0954 0x0974  HidIr - ok
21:02:24.0079 0x0974  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
21:02:24.0188 0x0974  hidserv - ok
21:02:24.0297 0x0974  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
21:02:24.0375 0x0974  HidUsb - ok
21:02:24.0500 0x0974  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
21:02:24.0609 0x0974  hkmsvc - ok
21:02:24.0734 0x0974  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
21:02:24.0828 0x0974  HomeGroupListener - ok
21:02:24.0968 0x0974  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
21:02:25.0077 0x0974  HomeGroupProvider - ok
21:02:25.0187 0x0974  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
21:02:25.0233 0x0974  HpSAMD - ok
21:02:25.0327 0x0974  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
21:02:25.0421 0x0974  HTTP - ok
21:02:25.0452 0x0974  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
21:02:25.0467 0x0974  hwpolicy - ok
21:02:25.0499 0x0974  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
21:02:25.0530 0x0974  i8042prt - ok
21:02:25.0608 0x0974  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
21:02:25.0655 0x0974  iaStorV - ok
21:02:25.0857 0x0974  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
21:02:25.0935 0x0974  idsvc - ok
21:02:26.0045 0x0974  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
21:02:26.0091 0x0974  iirsp - ok
21:02:26.0279 0x0974  [ F95622F161474511B8D80D6B093AA610, F2320E25EB9B4AA9A8366BD3AA23EABEBE111A5610D3A62EBA47D90427D5BC26 ] IKEEXT          C:\Windows\System32\ikeext.dll
21:02:26.0419 0x0974  IKEEXT - ok
21:02:26.0528 0x0974  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
21:02:26.0559 0x0974  intelide - ok
21:02:26.0606 0x0974  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
21:02:26.0637 0x0974  intelppm - ok
21:02:26.0747 0x0974  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
21:02:26.0840 0x0974  IPBusEnum - ok
21:02:26.0949 0x0974  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
21:02:27.0043 0x0974  IpFilterDriver - ok
21:02:27.0215 0x0974  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
21:02:27.0308 0x0974  iphlpsvc - ok
21:02:27.0417 0x0974  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
21:02:27.0480 0x0974  IPMIDRV - ok
21:02:27.0542 0x0974  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
21:02:27.0651 0x0974  IPNAT - ok
21:02:27.0761 0x0974  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
21:02:27.0854 0x0974  IRENUM - ok
21:02:27.0948 0x0974  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
21:02:27.0995 0x0974  isapnp - ok
21:02:28.0073 0x0974  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
21:02:28.0135 0x0974  iScsiPrt - ok
21:02:28.0244 0x0974  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
21:02:28.0275 0x0974  kbdclass - ok
21:02:28.0307 0x0974  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
21:02:28.0353 0x0974  kbdhid - ok
21:02:28.0463 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] KeyIso          C:\Windows\system32\lsass.exe
21:02:28.0509 0x0974  KeyIso - ok
21:02:28.0587 0x0974  [ B7895B4182C0D16F6EFADEB8081E8D36, BAC3BAD22207C8826125FD7721C96F2C7A238960FD9398A3D4573E14648E9DB9 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
21:02:28.0634 0x0974  KSecDD - ok
21:02:28.0775 0x0974  [ D30159AC9237519FBC62C6EC247D2D46, 10BDE041C95D0CCD3591ED497002043FEC3A5F732D7AE311FBA457E0FE16CE4B ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
21:02:28.0837 0x0974  KSecPkg - ok
21:02:28.0915 0x0974  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
21:02:29.0009 0x0974  KtmRm - ok
21:02:29.0149 0x0974  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
21:02:29.0274 0x0974  LanmanServer - ok
21:02:29.0383 0x0974  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
21:02:29.0445 0x0974  LanmanWorkstation - ok
21:02:29.0508 0x0974  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
21:02:29.0601 0x0974  lltdio - ok
21:02:29.0711 0x0974  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
21:02:29.0804 0x0974  lltdsvc - ok
21:02:29.0835 0x0974  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
21:02:29.0913 0x0974  lmhosts - ok
21:02:30.0023 0x0974  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
21:02:30.0085 0x0974  LSI_FC - ok
21:02:30.0225 0x0974  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
21:02:30.0288 0x0974  LSI_SAS - ok
21:02:30.0475 0x0974  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
21:02:30.0553 0x0974  LSI_SAS2 - ok
21:02:30.0678 0x0974  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
21:02:30.0709 0x0974  LSI_SCSI - ok
21:02:30.0818 0x0974  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
21:02:30.0896 0x0974  luafv - ok
21:02:31.0005 0x0974  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
21:02:31.0052 0x0974  Mcx2Svc - ok
21:02:31.0130 0x0974  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
21:02:31.0177 0x0974  megasas - ok
21:02:31.0208 0x0974  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
21:02:31.0255 0x0974  MegaSR - ok
21:02:31.0317 0x0974  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
21:02:31.0395 0x0974  MMCSS - ok
21:02:31.0505 0x0974  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
21:02:31.0614 0x0974  Modem - ok
21:02:31.0770 0x0974  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
21:02:31.0832 0x0974  monitor - ok
21:02:31.0910 0x0974  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
21:02:31.0941 0x0974  mouclass - ok
21:02:31.0973 0x0974  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
21:02:32.0019 0x0974  mouhid - ok
21:02:32.0144 0x0974  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
21:02:32.0175 0x0974  mountmgr - ok
21:02:32.0253 0x0974  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
21:02:32.0300 0x0974  MozillaMaintenance - ok
21:02:32.0409 0x0974  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
21:02:32.0456 0x0974  mpio - ok
21:02:32.0581 0x0974  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
21:02:32.0643 0x0974  mpsdrv - ok
21:02:32.0799 0x0974  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
21:02:32.0924 0x0974  MpsSvc - ok
21:02:33.0033 0x0974  [ CEB46AB7C01C9F825F8CC6BABC18166A, AA98898204FC58878502C170FE6ED8BA681396DDD8BF3689D0C3642DEA87BEF8 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
21:02:33.0143 0x0974  MRxDAV - ok
21:02:33.0252 0x0974  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
21:02:33.0299 0x0974  mrxsmb - ok
21:02:33.0439 0x0974  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
21:02:33.0501 0x0974  mrxsmb10 - ok
21:02:33.0611 0x0974  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
21:02:33.0689 0x0974  mrxsmb20 - ok
21:02:33.0782 0x0974  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
21:02:33.0829 0x0974  msahci - ok
21:02:33.0891 0x0974  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
21:02:33.0938 0x0974  msdsm - ok
21:02:34.0032 0x0974  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
21:02:34.0110 0x0974  MSDTC - ok
21:02:34.0219 0x0974  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
21:02:34.0297 0x0974  Msfs - ok
21:02:34.0344 0x0974  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
21:02:34.0422 0x0974  mshidkmdf - ok
21:02:34.0500 0x0974  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
21:02:34.0531 0x0974  msisadrv - ok
21:02:34.0593 0x0974  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
21:02:34.0671 0x0974  MSiSCSI - ok
21:02:34.0718 0x0974  msiserver - ok
21:02:34.0765 0x0974  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
21:02:34.0843 0x0974  MSKSSRV - ok
21:02:34.0859 0x0974  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
21:02:34.0968 0x0974  MSPCLOCK - ok
21:02:35.0061 0x0974  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
21:02:35.0171 0x0974  MSPQM - ok
21:02:35.0280 0x0974  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
21:02:35.0342 0x0974  MsRPC - ok
21:02:35.0467 0x0974  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
21:02:35.0498 0x0974  mssmbios - ok
21:02:35.0623 0x0974  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
21:02:35.0701 0x0974  MSTEE - ok
21:02:35.0810 0x0974  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
21:02:35.0873 0x0974  MTConfig - ok
21:02:35.0982 0x0974  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
21:02:36.0029 0x0974  Mup - ok
21:02:36.0091 0x0974  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
21:02:36.0465 0x0974  napagent - ok
21:02:36.0590 0x0974  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
21:02:36.0731 0x0974  NativeWifiP - ok
21:02:36.0918 0x0974  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
21:02:36.0996 0x0974  NDIS - ok
21:02:37.0074 0x0974  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
21:02:37.0167 0x0974  NdisCap - ok
21:02:37.0261 0x0974  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
21:02:37.0370 0x0974  NdisTapi - ok
21:02:37.0448 0x0974  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
21:02:37.0557 0x0974  Ndisuio - ok
21:02:37.0651 0x0974  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
21:02:37.0760 0x0974  NdisWan - ok
21:02:37.0854 0x0974  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
21:02:37.0916 0x0974  NDProxy - ok
21:02:37.0963 0x0974  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
21:02:38.0057 0x0974  NetBIOS - ok
21:02:38.0135 0x0974  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
21:02:38.0244 0x0974  NetBT - ok
21:02:38.0337 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] Netlogon        C:\Windows\system32\lsass.exe
21:02:38.0369 0x0974  Netlogon - ok
21:02:38.0447 0x0974  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
21:02:38.0540 0x0974  Netman - ok
21:02:38.0696 0x0974  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
21:02:38.0790 0x0974  netprofm - ok
21:02:38.0899 0x0974  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
21:02:38.0946 0x0974  NetTcpPortSharing - ok
21:02:38.0993 0x0974  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
21:02:39.0008 0x0974  nfrd960 - ok
21:02:39.0149 0x0974  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
21:02:39.0227 0x0974  NlaSvc - ok
21:02:39.0336 0x0974  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
21:02:39.0429 0x0974  Npfs - ok
21:02:39.0539 0x0974  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
21:02:39.0663 0x0974  nsi - ok
21:02:39.0773 0x0974  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
21:02:39.0866 0x0974  nsiproxy - ok
21:02:40.0131 0x0974  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
21:02:40.0225 0x0974  Ntfs - ok
21:02:40.0365 0x0974  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
21:02:40.0459 0x0974  Null - ok
21:02:40.0568 0x0974  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
21:02:40.0615 0x0974  nvraid - ok
21:02:40.0662 0x0974  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
21:02:40.0709 0x0974  nvstor - ok
21:02:40.0833 0x0974  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
21:02:40.0865 0x0974  nv_agp - ok
21:02:41.0208 0x0974  [ 238E050669DB40721B42E0FDB190E9FA, 5FB7CF96223395CF94690FCF35AB9BC3A3AE8B6E9A04C1B3832906D087F932CB ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
21:02:41.0301 0x0974  OfficeSvc - ok
21:02:41.0395 0x0974  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
21:02:41.0457 0x0974  ohci1394 - ok
21:02:41.0613 0x0974  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:02:41.0645 0x0974  ose - ok
21:02:42.0128 0x0974  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:02:42.0581 0x0974  osppsvc - ok
21:02:42.0721 0x0974  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
21:02:42.0783 0x0974  p2pimsvc - ok
21:02:42.0924 0x0974  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
21:02:43.0033 0x0974  p2psvc - ok
21:02:43.0142 0x0974  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
21:02:43.0189 0x0974  Parport - ok
21:02:43.0267 0x0974  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
21:02:43.0314 0x0974  partmgr - ok
21:02:43.0423 0x0974  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
21:02:43.0470 0x0974  Parvdm - ok
21:02:43.0532 0x0974  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
21:02:43.0595 0x0974  PcaSvc - ok
21:02:43.0704 0x0974  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
21:02:43.0751 0x0974  pci - ok
21:02:43.0797 0x0974  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
21:02:43.0813 0x0974  pciide - ok
21:02:43.0938 0x0974  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
21:02:44.0000 0x0974  pcmcia - ok
21:02:44.0109 0x0974  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
21:02:44.0156 0x0974  pcw - ok
21:02:44.0250 0x0974  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
21:02:44.0437 0x0974  PEAUTH - ok
21:02:44.0624 0x0974  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
21:02:44.0765 0x0974  PeerDistSvc - ok
21:02:45.0030 0x0974  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
21:02:45.0482 0x0974  pla - ok
21:02:45.0685 0x0974  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
21:02:45.0779 0x0974  PlugPlay - ok
21:02:45.0888 0x0974  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
21:02:45.0950 0x0974  PNRPAutoReg - ok
21:02:46.0059 0x0974  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
21:02:46.0122 0x0974  PNRPsvc - ok
21:02:46.0262 0x0974  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
21:02:46.0403 0x0974  PolicyAgent - ok
21:02:46.0543 0x0974  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
21:02:46.0637 0x0974  Power - ok
21:02:46.0730 0x0974  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
21:02:46.0808 0x0974  PptpMiniport - ok
21:02:46.0902 0x0974  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
21:02:46.0949 0x0974  Processor - ok
21:02:47.0073 0x0974  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
21:02:47.0136 0x0974  ProfSvc - ok
21:02:47.0198 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] ProtectedStorage C:\Windows\system32\lsass.exe
21:02:47.0229 0x0974  ProtectedStorage - ok
21:02:47.0276 0x0974  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
21:02:47.0370 0x0974  Psched - ok
21:02:47.0541 0x0974  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
21:02:47.0666 0x0974  ql2300 - ok
21:02:47.0744 0x0974  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
21:02:47.0775 0x0974  ql40xx - ok
21:02:47.0838 0x0974  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
21:02:47.0916 0x0974  QWAVE - ok
21:02:48.0025 0x0974  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
21:02:48.0087 0x0974  QWAVEdrv - ok
21:02:48.0119 0x0974  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
21:02:48.0197 0x0974  RasAcd - ok
21:02:48.0290 0x0974  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
21:02:48.0353 0x0974  RasAgileVpn - ok
21:02:48.0399 0x0974  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
21:02:48.0493 0x0974  RasAuto - ok
21:02:48.0587 0x0974  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
21:02:48.0696 0x0974  Rasl2tp - ok
21:02:48.0852 0x0974  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
21:02:48.0992 0x0974  RasMan - ok
21:02:49.0086 0x0974  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
21:02:49.0179 0x0974  RasPppoe - ok
21:02:49.0226 0x0974  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
21:02:49.0304 0x0974  RasSstp - ok
21:02:49.0413 0x0974  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
21:02:49.0523 0x0974  rdbss - ok
21:02:49.0616 0x0974  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
21:02:49.0647 0x0974  rdpbus - ok
21:02:49.0679 0x0974  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
21:02:49.0741 0x0974  RDPCDD - ok
21:02:49.0866 0x0974  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
21:02:49.0991 0x0974  RDPDR - ok
21:02:50.0084 0x0974  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
21:02:50.0193 0x0974  RDPENCDD - ok
21:02:50.0303 0x0974  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
21:02:50.0412 0x0974  RDPREFMP - ok
21:02:50.0568 0x0974  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
21:02:50.0677 0x0974  RDPWD - ok
21:02:50.0833 0x0974  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
21:02:50.0895 0x0974  rdyboost - ok
21:02:51.0051 0x0974  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
21:02:51.0176 0x0974  RemoteRegistry - ok
21:02:51.0301 0x0974  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
21:02:51.0379 0x0974  RpcEptMapper - ok
21:02:51.0488 0x0974  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
21:02:51.0551 0x0974  RpcLocator - ok
21:02:51.0675 0x0974  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
21:02:51.0753 0x0974  RpcSs - ok
21:02:51.0878 0x0974  [ E5B5CCA5421CCBF926F520CE103DC9B4, 868A570BC6F6C0D2C2061A32BEDC74FE32DCBEBAAC6130E647155A808E9525C6 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
21:02:51.0925 0x0974  RSP2STOR - ok
21:02:51.0972 0x0974  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
21:02:52.0065 0x0974  rspndr - ok
21:02:52.0190 0x0974  [ 568C33723F09B341A11800D5EEA02038, F61CAAD43493EEC67ABFB31FED465BD0AE3935915751FC8D76955CD39B814AF6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
21:02:52.0268 0x0974  RTL8167 - ok
21:02:52.0315 0x0974  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
21:02:52.0362 0x0974  s3cap - ok
21:02:52.0440 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] SamSs           C:\Windows\system32\lsass.exe
21:02:52.0502 0x0974  SamSs - ok
21:02:52.0549 0x0974  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
21:02:52.0580 0x0974  sbp2port - ok
21:02:52.0721 0x0974  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
21:02:52.0830 0x0974  SCardSvr - ok
21:02:52.0892 0x0974  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
21:02:53.0017 0x0974  scfilter - ok
21:02:53.0173 0x0974  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
21:02:53.0313 0x0974  Schedule - ok
21:02:53.0391 0x0974  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
21:02:53.0454 0x0974  SCPolicySvc - ok
21:02:53.0501 0x0974  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
21:02:53.0610 0x0974  SDRSVC - ok
21:02:53.0703 0x0974  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
21:02:53.0797 0x0974  secdrv - ok
21:02:53.0875 0x0974  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
21:02:53.0969 0x0974  seclogon - ok
21:02:54.0047 0x0974  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
21:02:54.0140 0x0974  SENS - ok
21:02:54.0249 0x0974  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
21:02:54.0343 0x0974  SensrSvc - ok
21:02:54.0437 0x0974  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
21:02:54.0515 0x0974  Serenum - ok
21:02:54.0593 0x0974  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
21:02:54.0655 0x0974  Serial - ok
21:02:54.0717 0x0974  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
21:02:54.0780 0x0974  sermouse - ok
21:02:54.0951 0x0974  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
21:02:55.0061 0x0974  SessionEnv - ok
21:02:55.0123 0x0974  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
21:02:55.0185 0x0974  sffdisk - ok
21:02:55.0263 0x0974  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
21:02:55.0295 0x0974  sffp_mmc - ok
21:02:55.0326 0x0974  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
21:02:55.0373 0x0974  sffp_sd - ok
21:02:55.0451 0x0974  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
21:02:55.0529 0x0974  sfloppy - ok
21:02:55.0653 0x0974  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
21:02:55.0778 0x0974  SharedAccess - ok
21:02:55.0887 0x0974  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
21:02:55.0997 0x0974  ShellHWDetection - ok
21:02:56.0043 0x0974  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
21:02:56.0075 0x0974  sisagp - ok
21:02:56.0106 0x0974  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
21:02:56.0137 0x0974  SiSRaid2 - ok
21:02:56.0231 0x0974  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
21:02:56.0277 0x0974  SiSRaid4 - ok
21:02:56.0324 0x0974  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
21:02:56.0371 0x0974  SkypeUpdate - ok
21:02:56.0465 0x0974  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
21:02:56.0589 0x0974  Smb - ok
21:02:56.0667 0x0974  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
21:02:56.0714 0x0974  SNMPTRAP - ok
21:02:56.0730 0x0974  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
21:02:56.0761 0x0974  spldr - ok
21:02:56.0901 0x0974  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
21:02:57.0026 0x0974  Spooler - ok
21:02:57.0307 0x0974  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
21:02:57.0650 0x0974  sppsvc - ok
21:02:57.0728 0x0974  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
21:02:57.0806 0x0974  sppuinotify - ok
21:02:58.0009 0x0974  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
21:02:58.0118 0x0974  srv - ok
21:02:58.0212 0x0974  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
21:02:58.0290 0x0974  srv2 - ok
21:02:58.0383 0x0974  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
21:02:58.0430 0x0974  srvnet - ok
21:02:58.0508 0x0974  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
21:02:58.0602 0x0974  SSDPSRV - ok
21:02:58.0680 0x0974  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
21:02:58.0758 0x0974  SstpSvc - ok
21:02:58.0820 0x0974  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
21:02:58.0851 0x0974  stexstor - ok
21:02:58.0976 0x0974  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
21:02:59.0148 0x0974  StiSvc - ok
21:02:59.0241 0x0974  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
21:02:59.0288 0x0974  storflt - ok
21:02:59.0335 0x0974  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
21:02:59.0397 0x0974  StorSvc - ok
21:02:59.0491 0x0974  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
21:02:59.0538 0x0974  storvsc - ok
21:02:59.0585 0x0974  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
21:02:59.0616 0x0974  swenum - ok
21:02:59.0756 0x0974  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
21:02:59.0897 0x0974  swprv - ok
21:03:00.0053 0x0974  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
21:03:00.0177 0x0974  SysMain - ok
21:03:00.0271 0x0974  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
21:03:00.0333 0x0974  TabletInputService - ok
21:03:00.0365 0x0974  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
21:03:00.0474 0x0974  TapiSrv - ok
21:03:00.0567 0x0974  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
21:03:00.0677 0x0974  TBS - ok
21:03:00.0864 0x0974  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
21:03:00.0973 0x0974  Tcpip - ok
21:03:01.0098 0x0974  [ 4E8B9BE71B807B3BAEDB7F4243F85E3C, 0FA6A6F065A99B0F40A3D50A20DF69D692824EE5776AC3904F9ED1F6F8832BD3 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
21:03:01.0207 0x0974  TCPIP6 - ok
21:03:01.0363 0x0974  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
21:03:01.0410 0x0974  tcpipreg - ok
21:03:01.0472 0x0974  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
21:03:01.0550 0x0974  TDPIPE - ok
21:03:01.0628 0x0974  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
21:03:01.0675 0x0974  TDTCP - ok
21:03:01.0769 0x0974  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
21:03:01.0862 0x0974  tdx - ok
21:03:01.0956 0x0974  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
21:03:01.0987 0x0974  TermDD - ok
21:03:02.0081 0x0974  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
21:03:02.0174 0x0974  TermService - ok
21:03:02.0283 0x0974  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
21:03:02.0377 0x0974  Themes - ok
21:03:02.0471 0x0974  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
21:03:02.0564 0x0974  THREADORDER - ok
21:03:02.0627 0x0974  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
21:03:02.0751 0x0974  TrkWks - ok
21:03:02.0892 0x0974  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
21:03:03.0001 0x0974  TrustedInstaller - ok
21:03:03.0126 0x0974  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
21:03:03.0204 0x0974  tssecsrv - ok
21:03:03.0297 0x0974  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
21:03:03.0391 0x0974  TsUsbFlt - ok
21:03:03.0485 0x0974  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
21:03:03.0547 0x0974  TsUsbGD - ok
21:03:03.0625 0x0974  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
21:03:03.0703 0x0974  tunnel - ok
21:03:03.0750 0x0974  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
21:03:03.0781 0x0974  uagp35 - ok
21:03:03.0890 0x0974  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
21:03:03.0999 0x0974  udfs - ok
21:03:04.0124 0x0974  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
21:03:04.0202 0x0974  UI0Detect - ok
21:03:04.0280 0x0974  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
21:03:04.0327 0x0974  uliagpkx - ok
21:03:04.0358 0x0974  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
21:03:04.0421 0x0974  umbus - ok
21:03:04.0499 0x0974  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
21:03:04.0545 0x0974  UmPass - ok
21:03:04.0655 0x0974  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
21:03:04.0733 0x0974  UmRdpService - ok
21:03:04.0826 0x0974  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
21:03:04.0935 0x0974  upnphost - ok
21:03:04.0998 0x0974  [ BD9C55D7023C5DE374507ACC7A14E2AC, 1DBAFF733DE5C1A6A2374B15BD94512A22D9C0F4DF91F997801340828333AF3C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
21:03:05.0060 0x0974  usbccgp - ok
21:03:05.0169 0x0974  [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir          C:\Windows\system32\drivers\usbcir.sys
21:03:05.0232 0x0974  usbcir - ok
21:03:05.0279 0x0974  [ F92DE757E4B7CE9C07C5E65423F3AE3B, B3FDEE4A8F1C7EC12405D99ACABC3E633FA4ED08D2A2AA871526ED7927A35A91 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
21:03:05.0341 0x0974  usbehci - ok
21:03:05.0435 0x0974  [ 04322AECFC8718883EE3A0FE21FB5B70, F2AEE1999E9ACA8D4D61B0FC165EB22827892BB1E6B93E3B86694101AD06DA9C ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
21:03:05.0466 0x0974  usbfilter - ok
21:03:05.0559 0x0974  [ 8DC94AEC6A7E644A06135AE7506DC2E9, 3ACB621D57BC8691DBBCDEF27563AA6390370362F21AFA6E7BA35BC429E14590 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
21:03:05.0637 0x0974  usbhub - ok
21:03:05.0747 0x0974  [ E185D44FAC515A18D9DEDDC23C2CDF44, EF69D0253CC8F1D29929FD5E74F18737ECF5D238874B6E1505E2EAEE66D9D987 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
21:03:05.0793 0x0974  usbohci - ok
21:03:05.0903 0x0974  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
21:03:05.0981 0x0974  usbprint - ok
21:03:06.0090 0x0974  [ 576096CCBC07E7C4EA4F5E6686D6888F, 8C643F43BD0017979548389C4DB36A1EE872CCF19C86FAE3752A4989173E28ED ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
21:03:06.0152 0x0974  usbscan - ok
21:03:06.0230 0x0974  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
21:03:06.0324 0x0974  USBSTOR - ok
21:03:06.0386 0x0974  [ 68DF884CF41CDADA664BEB01DAF67E3D, 142781FE2FF93B269D8FA11D4C3F60967552A867E94533D94EF1C2D777A67872 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
21:03:06.0464 0x0974  usbuhci - ok
21:03:06.0573 0x0974  [ 45F4E7BF43DB40A6C6B4D92C76CBC3F2, F9B72DE82078FDB5551D48988190F46EECA9B99655C591B7865FEA1AFB31F637 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
21:03:06.0636 0x0974  usbvideo - ok
21:03:06.0714 0x0974  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
21:03:06.0807 0x0974  UxSms - ok
21:03:06.0885 0x0974  [ 81951F51E318AECC2D68559E47485CC4, ACF76395EF4A2ED03AB919A9DA04D3A4C03B4D0EDC60BE123B3BE1AFE78BC71B ] VaultSvc        C:\Windows\system32\lsass.exe
21:03:06.0917 0x0974  VaultSvc - ok
21:03:06.0963 0x0974  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
21:03:07.0010 0x0974  vdrvroot - ok
21:03:07.0166 0x0974  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
21:03:07.0275 0x0974  vds - ok
21:03:07.0353 0x0974  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
21:03:07.0416 0x0974  vga - ok
21:03:07.0478 0x0974  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
21:03:07.0541 0x0974  VgaSave - ok
21:03:07.0572 0x0974  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
21:03:07.0603 0x0974  vhdmp - ok
21:03:07.0697 0x0974  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
21:03:07.0728 0x0974  viaagp - ok
21:03:07.0759 0x0974  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
21:03:07.0806 0x0974  ViaC7 - ok
21:03:07.0899 0x0974  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
21:03:07.0915 0x0974  viaide - ok
21:03:07.0993 0x0974  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
21:03:08.0055 0x0974  vmbus - ok
21:03:08.0149 0x0974  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
21:03:08.0211 0x0974  VMBusHID - ok
21:03:08.0305 0x0974  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
21:03:08.0336 0x0974  volmgr - ok
21:03:08.0383 0x0974  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
21:03:08.0430 0x0974  volmgrx - ok
21:03:08.0461 0x0974  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
21:03:08.0508 0x0974  volsnap - ok
21:03:08.0617 0x0974  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
21:03:08.0617 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\vsmraid.sys. md5: 9DFA0CC2F8855A04816729651175B631, sha256: 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3
21:03:08.0695 0x0974  vsmraid - detected LockedFile.Multi.Generic ( 1 )
21:03:08.0695 0x0974  Object is SCO, delete is not allowed
21:03:08.0695 0x0974  vsmraid ( LockedFile.Multi.Generic ) - warning
21:03:11.0690 0x0974  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
21:03:11.0893 0x0974  VSS - ok
21:03:11.0987 0x0974  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
21:03:11.0987 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\vwifibus.sys. md5: 90567B1E658001E79D7C8BBD3DDE5AA6, sha256: EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557
21:03:12.0049 0x0974  vwifibus - detected LockedFile.Multi.Generic ( 1 )
21:03:12.0049 0x0974  vwifibus ( LockedFile.Multi.Generic ) - warning
21:03:12.0049 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\DRIVERS\vwifibus.sys
21:03:14.0935 0x0974  Object send P2P result: true
21:03:17.0774 0x0974  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
21:03:17.0774 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\vwififlt.sys. md5: 7090D3436EEB4E7DA3373090A23448F7, sha256: 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2
21:03:17.0852 0x0974  vwififlt - detected LockedFile.Multi.Generic ( 1 )
21:03:17.0852 0x0974  vwififlt ( LockedFile.Multi.Generic ) - warning
21:03:20.0801 0x0974  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
21:03:20.0957 0x0974  W32Time - ok
21:03:21.0035 0x0974  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
21:03:21.0035 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wacompen.sys. md5: DE3721E89C653AA281428C8A69745D90, sha256: 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516
21:03:21.0113 0x0974  WacomPen - detected LockedFile.Multi.Generic ( 1 )
21:03:21.0113 0x0974  Object is SCO, delete is not allowed
21:03:21.0113 0x0974  WacomPen ( LockedFile.Multi.Generic ) - warning
21:03:21.0113 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\drivers\wacompen.sys
21:03:23.0983 0x0974  Object send P2P result: true
21:03:26.0947 0x0974  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
21:03:26.0947 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E, sha256: 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7
21:03:27.0025 0x0974  WANARP - detected LockedFile.Multi.Generic ( 1 )
21:03:27.0025 0x0974  Object is SCO, delete is not allowed
21:03:27.0025 0x0974  WANARP ( LockedFile.Multi.Generic ) - warning
21:03:29.0911 0x0974  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
21:03:29.0911 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wanarp.sys. md5: 3C3C78515F5AB448B022BDF5B8FFDD2E, sha256: 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7
21:03:30.0005 0x0974  Wanarpv6 - detected LockedFile.Multi.Generic ( 1 )
21:03:30.0005 0x0974  Object is SCO, delete is not allowed
21:03:30.0005 0x0974  Wanarpv6 ( LockedFile.Multi.Generic ) - warning
21:03:33.0031 0x0974  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
21:03:33.0171 0x0974  wbengine - ok
21:03:33.0265 0x0974  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
21:03:33.0359 0x0974  WbioSrvc - ok
21:03:33.0452 0x0974  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
21:03:33.0530 0x0974  wcncsvc - ok
21:03:33.0577 0x0974  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
21:03:33.0686 0x0974  WcsPlugInService - ok
21:03:33.0795 0x0974  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
21:03:33.0795 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wd.sys. md5: 1112A9BADACB47B7C0BB0392E3158DFF, sha256: 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4
21:03:33.0858 0x0974  Wd - detected LockedFile.Multi.Generic ( 1 )
21:03:33.0858 0x0974  Object is SCO, delete is not allowed
21:03:33.0858 0x0974  Wd ( LockedFile.Multi.Generic ) - warning
21:03:36.0884 0x0974  [ A840213F1ACDCC175B4D1D5AAEAC0D7A, B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
21:03:36.0884 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\Wdf01000.sys. md5: A840213F1ACDCC175B4D1D5AAEAC0D7A, sha256: B20F7CAEEA790290072BC170EBEEADB4C19E1C40DB0B3FE0D4A640D0D82300D6
21:03:36.0962 0x0974  Wdf01000 - detected LockedFile.Multi.Generic ( 1 )
21:03:36.0962 0x0974  Object is SCO, delete is not allowed
21:03:36.0962 0x0974  Wdf01000 ( LockedFile.Multi.Generic ) - warning
21:03:36.0962 0x0974  Force sending object to P2P due to detect: C:\Windows\system32\drivers\Wdf01000.sys
21:03:39.0989 0x0974  Object send P2P result: true
21:03:42.0921 0x0974  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
21:03:43.0062 0x0974  WdiServiceHost - ok
21:03:43.0155 0x0974  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
21:03:43.0202 0x0974  WdiSystemHost - ok
21:03:43.0280 0x0974  [ A9D880F97530D5B8FEE278923349929D, 6A293E2DB9B7C434EA8B4CD4861E11905D46BD60E014AE27B74DC8C4B2DDF834 ] WebClient       C:\Windows\System32\webclnt.dll
21:03:43.0343 0x0974  WebClient - ok
21:03:43.0452 0x0974  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
21:03:43.0530 0x0974  Wecsvc - ok
21:03:43.0577 0x0974  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
21:03:43.0639 0x0974  wercplsupport - ok
21:03:43.0748 0x0974  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
21:03:43.0873 0x0974  WerSvc - ok
21:03:43.0935 0x0974  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
21:03:43.0935 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wfplwf.sys. md5: 8B9A943F3B53861F2BFAF6C186168F79, sha256: 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713
21:03:44.0029 0x0974  WfpLwf - detected LockedFile.Multi.Generic ( 1 )
21:03:44.0029 0x0974  WfpLwf ( LockedFile.Multi.Generic ) - warning
21:03:46.0977 0x0974  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
21:03:46.0977 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\wimmount.sys. md5: 5CF95B35E59E2A38023836FFF31BE64C, sha256: CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D
21:03:47.0055 0x0974  WIMMount - detected LockedFile.Multi.Generic ( 1 )
21:03:47.0055 0x0974  WIMMount ( LockedFile.Multi.Generic ) - warning
21:03:50.0082 0x0974  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
21:03:50.0191 0x0974  WinDefend - ok
21:03:50.0269 0x0974  WinHttpAutoProxySvc - ok
21:03:50.0378 0x0974  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
21:03:50.0456 0x0974  Winmgmt - ok
21:03:50.0612 0x0974  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
21:03:50.0784 0x0974  WinRM - ok
21:03:50.0940 0x0974  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
21:03:51.0065 0x0974  Wlansvc - ok
21:03:51.0127 0x0974  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
21:03:51.0127 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\wmiacpi.sys. md5: 0217679B8FCA58714C3BF2726D2CA84E, sha256: 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A
21:03:51.0205 0x0974  WmiAcpi - detected LockedFile.Multi.Generic ( 1 )
21:03:51.0205 0x0974  Object is SCO, delete is not allowed
21:03:51.0205 0x0974  WmiAcpi ( LockedFile.Multi.Generic ) - warning
21:03:54.0185 0x0974  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
21:03:54.0278 0x0974  wmiApSrv - ok
21:03:54.0466 0x0974  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
21:03:54.0622 0x0974  WMPNetworkSvc - ok
21:03:54.0715 0x0974  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
21:03:54.0793 0x0974  WPCSvc - ok
21:03:54.0918 0x0974  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
21:03:55.0027 0x0974  WPDBusEnum - ok
21:03:55.0121 0x0974  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
21:03:55.0136 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\ws2ifsl.sys. md5: 6DB3276587B853BF886B69528FDB048C, sha256: 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C
21:03:55.0214 0x0974  ws2ifsl - detected LockedFile.Multi.Generic ( 1 )
21:03:55.0214 0x0974  Object is SCO, delete is not allowed
21:03:55.0214 0x0974  ws2ifsl ( LockedFile.Multi.Generic ) - warning
21:03:58.0163 0x0974  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
21:03:58.0225 0x0974  wscsvc - ok
21:03:58.0241 0x0974  WSearch - ok
21:03:58.0475 0x0974  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
21:03:58.0615 0x0974  wuauserv - ok
21:03:58.0740 0x0974  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
21:03:58.0740 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\drivers\WudfPf.sys. md5: 06E6F32C8D0A3F66D956F57B43A2E070, sha256: 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943
21:03:58.0818 0x0974  WudfPf - detected LockedFile.Multi.Generic ( 1 )
21:03:58.0818 0x0974  Object is SCO, delete is not allowed
21:03:58.0818 0x0974  WudfPf ( LockedFile.Multi.Generic ) - warning
21:04:01.0907 0x0974  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
21:04:01.0922 0x0974  Suspicious file ( NoAccess ): C:\Windows\system32\DRIVERS\WUDFRd.sys. md5: 867C301E8B790040AE9CF6486E8041DF, sha256: D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855
21:04:01.0985 0x0974  WUDFRd - detected LockedFile.Multi.Generic ( 1 )
21:04:01.0985 0x0974  Object is SCO, delete is not allowed
21:04:01.0985 0x0974  WUDFRd ( LockedFile.Multi.Generic ) - warning
21:04:04.0918 0x0974  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
21:04:04.0980 0x0974  wudfsvc - ok
21:04:05.0105 0x0974  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
21:04:05.0214 0x0974  WwanSvc - ok
21:04:05.0308 0x0974  ================ Scan global ===============================
21:04:05.0417 0x0974  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
21:04:05.0464 0x0974  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
21:04:05.0510 0x0974  [ 1F5F07091D50244F17DD8D5147A628CC, 2F2B84BD1C052F44662960953C0EC91F9233D4D8DD06512E3E3BE43CE216BCB6 ] C:\Windows\system32\winsrv.dll
21:04:05.0588 0x0974  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
21:04:05.0635 0x0974  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
21:04:05.0666 0x0974  [ Global ] - ok
21:04:05.0666 0x0974  ================ Scan MBR ==================================
21:04:05.0698 0x0974  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:04:06.0493 0x0974  \Device\Harddisk0\DR0 - ok
21:04:06.0493 0x0974  ================ Scan VBR ==================================
21:04:06.0540 0x0974  [ 9F8DE8744ABB2570032765D01C293F5B ] \Device\Harddisk0\DR0\Partition1
21:04:06.0540 0x0974  \Device\Harddisk0\DR0\Partition1 - ok
21:04:06.0556 0x0974  [ B37BB17F058E3DB9866A10C984B212A2 ] \Device\Harddisk0\DR0\Partition2
21:04:06.0571 0x0974  \Device\Harddisk0\DR0\Partition2 - ok
21:04:06.0649 0x0974  Win FW state via NFP2: enabled
21:04:09.0442 0x0974  ============================================================
21:04:09.0442 0x0974  Scan finished
21:04:09.0442 0x0974  ============================================================
21:04:09.0488 0x0264  Detected object count: 15
21:04:09.0488 0x0264  Actual detected object count: 15
21:05:05.0305 0x0264  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - skipped by user
21:05:05.0305 0x0264  150e123a6f6ee7c0 ( Rootkit.Win32.Necurs.gen ) - User select action: Skip 
21:05:05.0305 0x0264  vsmraid ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0305 0x0264  vsmraid ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0321 0x0264  vwifibus ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0321 0x0264  vwifibus ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0321 0x0264  vwififlt ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0321 0x0264  vwififlt ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  WacomPen ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  WacomPen ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  WANARP ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  WANARP ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wanarpv6 ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wanarpv6 ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wd ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wd ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0336 0x0264  Wdf01000 ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0336 0x0264  Wdf01000 ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WfpLwf ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WfpLwf ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WIMMount ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WIMMount ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  WmiAcpi ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  WmiAcpi ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0352 0x0264  ws2ifsl ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0352 0x0264  ws2ifsl ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0368 0x0264  WudfPf ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0368 0x0264  WudfPf ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:05.0368 0x0264  WUDFRd ( LockedFile.Multi.Generic ) - skipped by user
21:05:05.0368 0x0264  WUDFRd ( LockedFile.Multi.Generic ) - User select action: Skip 
21:05:12.0341 0x09c8  Deinitialize success

schrauber · 27.01.2014, 08:37

Das zweite Log ist ein Scan nachdem er Cure gewählt hat?

Klösp · 27.01.2014, 12:01

Er sagt, dass das ganze scheinbar zweimal durchgeführt wurde.

Aber der zweite Log ist wohl nach dem Entfernen gewählt hat.

Ich frag nochmal genau nach.

schrauber · 28.01.2014, 10:26

Zur Not dann jetzt Delete wählen und nochmal laufen lassen, dann bitte das Log posten.

Klösp · 30.01.2014, 00:16

Okay, nochmal Delete ausgeführt.
Hier der Inhalt der Log-Datei.

Code:

ATTFilter

17:47:12.0035 0x18b4  TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50
17:47:22.0379 0x18b4  ============================================================
17:47:22.0379 0x18b4  Current date / time: 2014/01/29 17:47:22.0379
17:47:22.0379 0x18b4  SystemInfo:
17:47:22.0379 0x18b4  
17:47:22.0379 0x18b4  OS Version: 6.1.7601 ServicePack: 1.0
17:47:22.0379 0x18b4  Product type: Workstation
17:47:22.0380 0x18b4  ComputerName: NAME-NB
17:47:22.0382 0x18b4  UserName: BENUTZER
17:47:22.0382 0x18b4  Windows directory: C:\Windows
17:47:22.0382 0x18b4  System windows directory: C:\Windows
17:47:22.0382 0x18b4  Processor architecture: Intel x86
17:47:22.0382 0x18b4  Number of processors: 2
17:47:22.0382 0x18b4  Page size: 0x1000
17:47:22.0382 0x18b4  Boot type: Normal boot
17:47:22.0382 0x18b4  ============================================================
17:47:23.0186 0x18b4  KLMD registered as C:\Windows\system32\drivers\53033379.sys
17:47:23.0820 0x18b4  System UUID: {2B6A7476-D5A1-D22F-5BCC-88F68823EF39}
17:47:25.0125 0x18b4  Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:47:25.0127 0x18b4  ============================================================
17:47:25.0128 0x18b4  \Device\Harddisk0\DR0:
17:47:25.0128 0x18b4  MBR partitions:
17:47:25.0128 0x18b4  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1400800, BlocksNum 0x32000
17:47:25.0128 0x18b4  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1432800, BlocksNum 0x23FFB800
17:47:25.0128 0x18b4  ============================================================
17:47:25.0171 0x18b4  C: <-> \Device\Harddisk0\DR0\Partition2
17:47:25.0189 0x18b4  ============================================================
17:47:25.0190 0x18b4  Initialize success
17:47:25.0190 0x18b4  ============================================================
17:48:28.0661 0x1a08  ============================================================
17:48:28.0661 0x1a08  Scan started
17:48:28.0661 0x1a08  Mode: Manual; SigCheck; TDLFS; 
17:48:28.0661 0x1a08  ============================================================
17:48:28.0661 0x1a08  KSN ping started
17:48:31.0597 0x1a08  KSN ping finished: true
17:48:31.0917 0x1a08  ================ Scan system memory ========================
17:48:31.0917 0x1a08  System memory - ok
17:48:31.0921 0x1a08  ================ Scan services =============================
17:48:32.0477 0x1a08  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:48:32.0909 0x1a08  1394ohci - ok
17:48:32.0966 0x1a08  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:48:33.0018 0x1a08  ACPI - ok
17:48:33.0047 0x1a08  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:48:33.0156 0x1a08  AcpiPmi - ok
17:48:33.0274 0x1a08  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
17:48:33.0332 0x1a08  AdobeARMservice - ok
17:48:33.0413 0x1a08  [ 1BA1AB4141A92EB34DA99F1249CA2D4D, 43ADF35146E61E0DE58D2ACC2994538F6025135ECEB30073BEF05A804BB38107 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:48:33.0452 0x1a08  AdobeFlashPlayerUpdateSvc - ok
17:48:33.0498 0x1a08  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:48:33.0555 0x1a08  adp94xx - ok
17:48:33.0644 0x1a08  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:48:33.0717 0x1a08  adpahci - ok
17:48:33.0789 0x1a08  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:48:33.0843 0x1a08  adpu320 - ok
17:48:33.0937 0x1a08  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:48:34.0153 0x1a08  AeLookupSvc - ok
17:48:34.0222 0x1a08  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
17:48:34.0330 0x1a08  AFD - ok
17:48:34.0374 0x1a08  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
17:48:34.0409 0x1a08  agp440 - ok
17:48:34.0448 0x1a08  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\drivers\djsvs.sys
17:48:34.0478 0x1a08  aic78xx - ok
17:48:34.0537 0x1a08  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
17:48:34.0635 0x1a08  ALG - ok
17:48:34.0708 0x1a08  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:48:34.0735 0x1a08  aliide - ok
17:48:34.0785 0x1a08  [ CDE41D99DB840FF9454FC981EBD0EC50, 01A48A41936293B97C2C568B32DF6BAAA302D39C18878C060ACCC9B4C69A956E ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:48:34.0882 0x1a08  AMD External Events Utility - ok
17:48:34.0937 0x1a08  AMD FUEL Service - ok
17:48:34.0987 0x1a08  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
17:48:35.0014 0x1a08  amdagp - ok
17:48:35.0083 0x1a08  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:48:35.0109 0x1a08  amdide - ok
17:48:35.0159 0x1a08  [ FF258424F0B2EF25EB98F04EE386E6E3, 09DC3854BF0D52FB80AB08DC4E0DD4A9E37ACAA500083A56F9836C837EBCFA82 ] amdiox86        C:\Windows\system32\DRIVERS\amdiox86.sys
17:48:35.0197 0x1a08  amdiox86 - ok
17:48:35.0211 0x1a08  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:48:35.0273 0x1a08  AmdK8 - ok
17:48:35.0971 0x1a08  [ FFD082F1F1D4FF5C87F66DF62486BCFA, F793C798E3919889B78975DEBB0E087683DE7BE4B54F92C5D6549BE8CCB27CAE ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:48:36.0858 0x1a08  amdkmdag - ok
17:48:36.0918 0x1a08  [ C541DA5B72FA638469E8DC1E66079330, 6286EA9C92D678220BFE2D497DB32A641F29D04FCBFCF970EABE740157378765 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:48:36.0991 0x1a08  amdkmdap - ok
17:48:37.0023 0x1a08  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:48:37.0083 0x1a08  AmdPPM - ok
17:48:37.0135 0x1a08  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:48:37.0164 0x1a08  amdsata - ok
17:48:37.0200 0x1a08  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:48:37.0244 0x1a08  amdsbs - ok
17:48:37.0289 0x1a08  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:48:37.0315 0x1a08  amdxata - ok
17:48:37.0361 0x1a08  [ E91675D350F5FCD98005F5B2C97F6B61, 4AABC84FDA09FE1AE8B30EC74EED38C861DEA08A1E26AB66EFD7B78BD12EF31F ] amd_sata        C:\Windows\system32\DRIVERS\amd_sata.sys
17:48:37.0390 0x1a08  amd_sata - ok
17:48:37.0413 0x1a08  [ 5B43A272F8233A743533992248ECBC73, 005666EFDAB1DF5D7149DE3EB9A6281C66194E9326DAA83C0239BEB6577BB488 ] amd_xata        C:\Windows\system32\DRIVERS\amd_xata.sys
17:48:37.0456 0x1a08  amd_xata - ok
17:48:37.0508 0x1a08  [ DF6DE9E8E4B6994853CCF038BFAE964B, F122A283CA8AB80FE5033E538B3ED45A71209A98D3562E8434532AD62DA76D7D ] AODDriver4.1    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys
17:48:37.0553 0x1a08  AODDriver4.1 - ok
17:48:37.0613 0x1a08  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
17:48:37.0744 0x1a08  AppID - ok
17:48:37.0809 0x1a08  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:48:37.0922 0x1a08  AppIDSvc - ok
17:48:37.0993 0x1a08  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
17:48:38.0086 0x1a08  Appinfo - ok
17:48:38.0141 0x1a08  [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:48:38.0257 0x1a08  AppMgmt - ok
17:48:38.0292 0x1a08  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\drivers\arc.sys
17:48:38.0322 0x1a08  arc - ok
17:48:38.0338 0x1a08  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:48:38.0370 0x1a08  arcsas - ok
17:48:38.0388 0x1a08  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:48:38.0537 0x1a08  AsyncMac - ok
17:48:38.0574 0x1a08  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:48:38.0673 0x1a08  atapi - ok
17:48:39.0043 0x1a08  [ CFE432E8EEACBCEA3DBF53EA76978A65, 1495A2E450B4000FBB8DCF7AC2AFE96A08AD23CBE0C7DC2BFB6A70E68CF1AEAA ] athr            C:\Windows\system32\DRIVERS\athr.sys
17:48:39.0415 0x1a08  athr - ok
17:48:39.0480 0x1a08  [ 4D201D8B576BE4473405B2A86A2D28B3, 97D14459C5ED6EA67220485CC8828C07E9C39C4D04A371AB86AB6379E664DC7D ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW73.sys
17:48:39.0506 0x1a08  AtiHDAudioService - ok
17:48:39.0565 0x1a08  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:48:39.0687 0x1a08  AudioEndpointBuilder - ok
17:48:39.0723 0x1a08  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:48:39.0812 0x1a08  Audiosrv - ok
17:48:39.0847 0x1a08  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:48:39.0971 0x1a08  AxInstSV - ok
17:48:40.0054 0x1a08  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\drivers\bxvbdx.sys
17:48:40.0208 0x1a08  b06bdrv - ok
17:48:40.0247 0x1a08  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
17:48:40.0313 0x1a08  b57nd60x - ok
17:48:40.0374 0x1a08  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
17:48:40.0466 0x1a08  BDESVC - ok
17:48:40.0482 0x1a08  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:48:40.0560 0x1a08  Beep - ok
17:48:40.0629 0x1a08  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
17:48:40.0745 0x1a08  BFE - ok
17:48:40.0810 0x1a08  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
17:48:40.0925 0x1a08  BITS - ok
17:48:40.0974 0x1a08  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:48:41.0024 0x1a08  blbdrive - ok
17:48:41.0081 0x1a08  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:48:41.0173 0x1a08  bowser - ok
17:48:41.0204 0x1a08  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:48:41.0266 0x1a08  BrFiltLo - ok
17:48:41.0298 0x1a08  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:48:41.0363 0x1a08  BrFiltUp - ok
17:48:41.0378 0x1a08  [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
17:48:41.0453 0x1a08  BridgeMP - ok
17:48:41.0520 0x1a08  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
17:48:41.0593 0x1a08  Browser - ok
17:48:41.0653 0x1a08  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:48:41.0754 0x1a08  Brserid - ok
17:48:41.0767 0x1a08  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:48:41.0821 0x1a08  BrSerWdm - ok
17:48:41.0831 0x1a08  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:48:41.0869 0x1a08  BrUsbMdm - ok
17:48:41.0881 0x1a08  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:48:41.0935 0x1a08  BrUsbSer - ok
17:48:41.0948 0x1a08  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:48:41.0986 0x1a08  BTHMODEM - ok
17:48:42.0062 0x1a08  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
17:48:42.0190 0x1a08  bthserv - ok
17:48:42.0371 0x1a08  catchme - ok
17:48:42.0407 0x1a08  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:48:42.0512 0x1a08  cdfs - ok
17:48:42.0573 0x1a08  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:48:42.0655 0x1a08  cdrom - ok
17:48:42.0770 0x1a08  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:48:42.0855 0x1a08  CertPropSvc - ok
17:48:42.0897 0x1a08  CFcatchme - ok
17:48:42.0949 0x1a08  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:48:43.0102 0x1a08  circlass - ok
17:48:43.0179 0x1a08  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
17:48:43.0270 0x1a08  CLFS - ok
17:48:43.0374 0x1a08  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:48:43.0446 0x1a08  clr_optimization_v2.0.50727_32 - ok
17:48:43.0620 0x1a08  [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:48:43.0675 0x1a08  clr_optimization_v4.0.30319_32 - ok
17:48:43.0701 0x1a08  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
17:48:43.0764 0x1a08  CmBatt - ok
17:48:43.0839 0x1a08  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:48:43.0872 0x1a08  cmdide - ok
17:48:43.0939 0x1a08  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:48:44.0033 0x1a08  CNG - ok
17:48:44.0080 0x1a08  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
17:48:44.0106 0x1a08  Compbatt - ok
17:48:44.0125 0x1a08  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:48:44.0187 0x1a08  CompositeBus - ok
17:48:44.0206 0x1a08  COMSysApp - ok
17:48:44.0228 0x1a08  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:48:44.0275 0x1a08  crcdisk - ok
17:48:44.0346 0x1a08  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:48:44.0454 0x1a08  CryptSvc - ok
17:48:44.0536 0x1a08  [ 3C2177A897B4CA2788C6FB0C3FD81D4B, 98575CBD0664586E6211D02E71BDD52CBAA149A1658573550E29E74E5F7B1553 ] CSC             C:\Windows\system32\drivers\csc.sys
17:48:44.0687 0x1a08  CSC - ok
17:48:44.0795 0x1a08  [ 15F93B37F6801943360D9EB42485D5D3, DD6838C6496CB15F8BB57A6596F6A64ADD9C36B09F062295699131232712B558 ] CscService      C:\Windows\System32\cscsvc.dll
17:48:44.0893 0x1a08  CscService - ok
17:48:44.0964 0x1a08  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:48:45.0084 0x1a08  DcomLaunch - ok
17:48:45.0157 0x1a08  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
17:48:45.0279 0x1a08  defragsvc - ok
17:48:45.0321 0x1a08  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:48:45.0409 0x1a08  DfsC - ok
17:48:45.0557 0x1a08  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:48:45.0716 0x1a08  Dhcp - ok
17:48:45.0782 0x1a08  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
17:48:45.0882 0x1a08  discache - ok
17:48:45.0909 0x1a08  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\drivers\disk.sys
17:48:45.0941 0x1a08  Disk - ok
17:48:46.0020 0x1a08  [ 2A958EF85DB1B61FFCA65044FA4BCE9E, C83511685EE1CE85A5ADF9B5BE96C375A521601F66024BDC3EE044C0B6E85D69 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:48:46.0135 0x1a08  dmvsc - ok
17:48:46.0229 0x1a08  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:48:46.0309 0x1a08  Dnscache - ok
17:48:46.0373 0x1a08  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:48:46.0483 0x1a08  dot3svc - ok
17:48:46.0531 0x1a08  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
17:48:46.0660 0x1a08  DPS - ok
17:48:46.0726 0x1a08  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:48:46.0784 0x1a08  drmkaud - ok
17:48:46.0887 0x1a08  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:48:46.0965 0x1a08  DXGKrnl - ok
17:48:47.0019 0x1a08  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
17:48:47.0142 0x1a08  EapHost - ok
17:48:47.0416 0x1a08  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\drivers\evbdx.sys
17:48:47.0779 0x1a08  ebdrv - ok
17:48:47.0841 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
17:48:48.0178 0x1a08  EFS - ok
17:48:48.0504 0x1a08  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:48:48.0663 0x1a08  ehRecvr - ok
17:48:48.0692 0x1a08  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
17:48:48.0779 0x1a08  ehSched - ok
17:48:48.0861 0x1a08  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:48:48.0920 0x1a08  elxstor - ok
17:48:48.0946 0x1a08  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:48:49.0000 0x1a08  ErrDev - ok
17:48:49.0103 0x1a08  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
17:48:49.0243 0x1a08  EventSystem - ok
17:48:49.0318 0x1a08  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:48:49.0394 0x1a08  exfat - ok
17:48:49.0460 0x1a08  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:48:49.0577 0x1a08  fastfat - ok
17:48:49.0652 0x1a08  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
17:48:49.0801 0x1a08  Fax - ok
17:48:49.0829 0x1a08  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\drivers\fdc.sys
17:48:49.0880 0x1a08  fdc - ok
17:48:49.0927 0x1a08  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
17:48:50.0023 0x1a08  fdPHost - ok
17:48:50.0055 0x1a08  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:48:50.0130 0x1a08  FDResPub - ok
17:48:50.0174 0x1a08  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:48:50.0216 0x1a08  FileInfo - ok
17:48:50.0237 0x1a08  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:48:50.0332 0x1a08  Filetrace - ok
17:48:50.0356 0x1a08  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:48:50.0416 0x1a08  flpydisk - ok
17:48:50.0449 0x1a08  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:48:50.0505 0x1a08  FltMgr - ok
17:48:50.0641 0x1a08  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
17:48:50.0842 0x1a08  FontCache - ok
17:48:50.0952 0x1a08  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:48:50.0972 0x1a08  FontCache3.0.0.0 - ok
17:48:51.0019 0x1a08  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:48:51.0049 0x1a08  FsDepends - ok
17:48:51.0104 0x1a08  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:48:51.0136 0x1a08  Fs_Rec - ok
17:48:51.0211 0x1a08  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:48:51.0275 0x1a08  fvevol - ok
17:48:51.0329 0x1a08  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:48:51.0362 0x1a08  gagp30kx - ok
17:48:51.0458 0x1a08  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:48:51.0647 0x1a08  gpsvc - ok
17:48:51.0689 0x1a08  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:48:51.0789 0x1a08  hcw85cir - ok
17:48:51.0848 0x1a08  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:48:51.0933 0x1a08  HdAudAddService - ok
17:48:51.0980 0x1a08  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:48:52.0028 0x1a08  HDAudBus - ok
17:48:52.0057 0x1a08  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:48:52.0184 0x1a08  HidBatt - ok
17:48:52.0230 0x1a08  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:48:52.0303 0x1a08  HidBth - ok
17:48:52.0353 0x1a08  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:48:52.0417 0x1a08  HidIr - ok
17:48:52.0478 0x1a08  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
17:48:52.0577 0x1a08  hidserv - ok
17:48:52.0648 0x1a08  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
17:48:52.0760 0x1a08  HidUsb - ok
17:48:52.0805 0x1a08  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:48:52.0894 0x1a08  hkmsvc - ok
17:48:53.0029 0x1a08  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:48:53.0241 0x1a08  HomeGroupListener - ok
17:48:53.0343 0x1a08  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:48:53.0529 0x1a08  HomeGroupProvider - ok
17:48:53.0596 0x1a08  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:48:53.0624 0x1a08  HpSAMD - ok
17:48:53.0688 0x1a08  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:48:53.0794 0x1a08  HTTP - ok
17:48:53.0823 0x1a08  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:48:53.0851 0x1a08  hwpolicy - ok
17:48:53.0880 0x1a08  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
17:48:53.0920 0x1a08  i8042prt - ok
17:48:54.0052 0x1a08  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:48:54.0110 0x1a08  iaStorV - ok
17:48:54.0224 0x1a08  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:48:54.0333 0x1a08  idsvc - ok
17:48:54.0391 0x1a08  IEEtwCollectorService - ok
17:48:54.0465 0x1a08  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:48:54.0501 0x1a08  iirsp - ok
17:48:54.0671 0x1a08  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
17:48:54.0783 0x1a08  IKEEXT - ok
17:48:54.0808 0x1a08  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:48:54.0834 0x1a08  intelide - ok
17:48:54.0898 0x1a08  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:48:54.0942 0x1a08  intelppm - ok
17:48:54.0980 0x1a08  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:48:55.0163 0x1a08  IPBusEnum - ok
17:48:55.0189 0x1a08  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:48:55.0271 0x1a08  IpFilterDriver - ok
17:48:55.0461 0x1a08  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:48:55.0592 0x1a08  iphlpsvc - ok
17:48:55.0645 0x1a08  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:48:55.0679 0x1a08  IPMIDRV - ok
17:48:55.0729 0x1a08  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:48:55.0830 0x1a08  IPNAT - ok
17:48:55.0850 0x1a08  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:48:55.0913 0x1a08  IRENUM - ok
17:48:55.0940 0x1a08  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:48:55.0972 0x1a08  isapnp - ok
17:48:56.0045 0x1a08  [ CB7A9ABB12B8415BCE5D74994C7BA3AE, 464BFF3F5EEE985BE075E23E1813F5CB82A9A0771A92C6D889B13B867BCDF647 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:48:56.0089 0x1a08  iScsiPrt - ok
17:48:56.0114 0x1a08  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:48:56.0177 0x1a08  kbdclass - ok
17:48:56.0204 0x1a08  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
17:48:56.0269 0x1a08  kbdhid - ok
17:48:56.0311 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
17:48:56.0352 0x1a08  KeyIso - ok
17:48:56.0446 0x1a08  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:48:56.0475 0x1a08  KSecDD - ok
17:48:56.0502 0x1a08  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:48:56.0534 0x1a08  KSecPkg - ok
17:48:56.0590 0x1a08  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:48:56.0735 0x1a08  KtmRm - ok
17:48:56.0800 0x1a08  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
17:48:56.0929 0x1a08  LanmanServer - ok
17:48:56.0999 0x1a08  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:48:57.0074 0x1a08  LanmanWorkstation - ok
17:48:57.0114 0x1a08  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:48:57.0217 0x1a08  lltdio - ok
17:48:57.0275 0x1a08  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:48:57.0361 0x1a08  lltdsvc - ok
17:48:57.0387 0x1a08  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:48:57.0494 0x1a08  lmhosts - ok
17:48:57.0542 0x1a08  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:48:57.0576 0x1a08  LSI_FC - ok
17:48:57.0608 0x1a08  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:48:57.0649 0x1a08  LSI_SAS - ok
17:48:57.0703 0x1a08  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:48:57.0741 0x1a08  LSI_SAS2 - ok
17:48:57.0783 0x1a08  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:48:57.0817 0x1a08  LSI_SCSI - ok
17:48:57.0848 0x1a08  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:48:58.0033 0x1a08  luafv - ok
17:48:58.0098 0x1a08  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:48:58.0199 0x1a08  Mcx2Svc - ok
17:48:58.0288 0x1a08  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:48:58.0375 0x1a08  megasas - ok
17:48:58.0466 0x1a08  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:48:58.0539 0x1a08  MegaSR - ok
17:48:58.0592 0x1a08  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
17:48:58.0680 0x1a08  MMCSS - ok
17:48:58.0731 0x1a08  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
17:48:58.0837 0x1a08  Modem - ok
17:48:58.0857 0x1a08  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:48:58.0913 0x1a08  monitor - ok
17:48:58.0979 0x1a08  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:48:59.0011 0x1a08  mouclass - ok
17:48:59.0023 0x1a08  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:48:59.0090 0x1a08  mouhid - ok
17:48:59.0151 0x1a08  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:48:59.0185 0x1a08  mountmgr - ok
17:48:59.0260 0x1a08  [ 3B9398E0146855B1DC0E3D9769C80F01, DF69DB5CA30A5577648635C27DD468AF98515D07DF379B3FFDCC6B40744EDE66 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:48:59.0294 0x1a08  MozillaMaintenance - ok
17:48:59.0329 0x1a08  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:48:59.0364 0x1a08  mpio - ok
17:48:59.0406 0x1a08  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:48:59.0470 0x1a08  mpsdrv - ok
17:48:59.0583 0x1a08  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:48:59.0713 0x1a08  MpsSvc - ok
17:48:59.0778 0x1a08  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:48:59.0881 0x1a08  MRxDAV - ok
17:48:59.0938 0x1a08  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:49:00.0011 0x1a08  mrxsmb - ok
17:49:00.0095 0x1a08  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:49:00.0159 0x1a08  mrxsmb10 - ok
17:49:00.0208 0x1a08  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:49:00.0266 0x1a08  mrxsmb20 - ok
17:49:00.0325 0x1a08  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:49:00.0360 0x1a08  msahci - ok
17:49:00.0410 0x1a08  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:49:00.0442 0x1a08  msdsm - ok
17:49:00.0476 0x1a08  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
17:49:00.0546 0x1a08  MSDTC - ok
17:49:00.0580 0x1a08  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:49:00.0649 0x1a08  Msfs - ok
17:49:00.0680 0x1a08  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:49:00.0757 0x1a08  mshidkmdf - ok
17:49:00.0779 0x1a08  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:49:00.0807 0x1a08  msisadrv - ok
17:49:00.0859 0x1a08  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:49:00.0965 0x1a08  MSiSCSI - ok
17:49:00.0988 0x1a08  msiserver - ok
17:49:01.0024 0x1a08  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:49:01.0105 0x1a08  MSKSSRV - ok
17:49:01.0172 0x1a08  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:49:01.0289 0x1a08  MSPCLOCK - ok
17:49:01.0368 0x1a08  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:49:01.0472 0x1a08  MSPQM - ok
17:49:01.0519 0x1a08  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:49:01.0566 0x1a08  MsRPC - ok
17:49:01.0640 0x1a08  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:49:01.0671 0x1a08  mssmbios - ok
17:49:01.0695 0x1a08  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:49:01.0770 0x1a08  MSTEE - ok
17:49:01.0793 0x1a08  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:49:01.0863 0x1a08  MTConfig - ok
17:49:01.0901 0x1a08  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
17:49:01.0934 0x1a08  Mup - ok
17:49:02.0017 0x1a08  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
17:49:02.0131 0x1a08  napagent - ok
17:49:02.0183 0x1a08  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:49:02.0276 0x1a08  NativeWifiP - ok
17:49:02.0389 0x1a08  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:49:02.0472 0x1a08  NDIS - ok
17:49:02.0502 0x1a08  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:49:02.0594 0x1a08  NdisCap - ok
17:49:02.0629 0x1a08  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:49:02.0702 0x1a08  NdisTapi - ok
17:49:02.0742 0x1a08  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:49:02.0827 0x1a08  Ndisuio - ok
17:49:02.0857 0x1a08  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:49:03.0028 0x1a08  NdisWan - ok
17:49:03.0045 0x1a08  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:49:03.0157 0x1a08  NDProxy - ok
17:49:03.0197 0x1a08  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:49:03.0554 0x1a08  NetBIOS - ok
17:49:03.0576 0x1a08  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:49:03.0703 0x1a08  NetBT - ok
17:49:03.0745 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
17:49:03.0787 0x1a08  Netlogon - ok
17:49:03.0833 0x1a08  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
17:49:03.0972 0x1a08  Netman - ok
17:49:04.0006 0x1a08  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
17:49:04.0135 0x1a08  netprofm - ok
17:49:04.0183 0x1a08  [ F476EC40033CDB91EFBE73EB99B8362D, B17535037BC070F9AE1F6B381C2DBEE27658A8FDE15FB0E061F485EA7C7CBE59 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:49:04.0221 0x1a08  NetTcpPortSharing - ok
17:49:04.0254 0x1a08  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:49:04.0279 0x1a08  nfrd960 - ok
17:49:04.0335 0x1a08  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:49:04.0405 0x1a08  NlaSvc - ok
17:49:04.0418 0x1a08  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:49:04.0488 0x1a08  Npfs - ok
17:49:04.0533 0x1a08  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
17:49:04.0602 0x1a08  nsi - ok
17:49:04.0620 0x1a08  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:49:04.0692 0x1a08  nsiproxy - ok
17:49:04.0806 0x1a08  [ 5E43D2B0EE64123D4880DFA6626DEFDE, 164413A22DE58B19EA2B4120034B46D6BE1F424B80C3421E10BE5C81153D049F ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:49:04.0915 0x1a08  Ntfs - ok
17:49:04.0947 0x1a08  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
17:49:05.0034 0x1a08  Null - ok
17:49:05.0094 0x1a08  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:49:05.0126 0x1a08  nvraid - ok
17:49:05.0167 0x1a08  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:49:05.0206 0x1a08  nvstor - ok
17:49:05.0239 0x1a08  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:49:05.0275 0x1a08  nv_agp - ok
17:49:05.0559 0x1a08  [ 238E050669DB40721B42E0FDB190E9FA, 5FB7CF96223395CF94690FCF35AB9BC3A3AE8B6E9A04C1B3832906D087F932CB ] OfficeSvc       C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
17:49:05.0669 0x1a08  OfficeSvc - ok
17:49:05.0718 0x1a08  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:49:05.0772 0x1a08  ohci1394 - ok
17:49:05.0887 0x1a08  [ 30B5F9FB0C35AE6B4A0851D24CE2EE8B, 0340E77E8EC2ADC21B8DDD9C9CC95B3F4BCAFD54618A333C72D7D9587D593B83 ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:49:05.0923 0x1a08  ose - ok
17:49:06.0359 0x1a08  [ EE5756BDA5BE5891270E0CC6CEC44096, EA18073EEE0F461B14C539D49A7DD91D33AB0C503236F67F70A000835FAAC890 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:49:06.0848 0x1a08  osppsvc - ok
17:49:06.0978 0x1a08  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:49:07.0072 0x1a08  p2pimsvc - ok
17:49:07.0136 0x1a08  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:49:07.0222 0x1a08  p2psvc - ok
17:49:07.0279 0x1a08  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\drivers\parport.sys
17:49:07.0354 0x1a08  Parport - ok
17:49:07.0472 0x1a08  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:49:07.0499 0x1a08  partmgr - ok
17:49:07.0558 0x1a08  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\drivers\parvdm.sys
17:49:07.0587 0x1a08  Parvdm - ok
17:49:07.0643 0x1a08  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:49:07.0702 0x1a08  PcaSvc - ok
17:49:07.0771 0x1a08  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
17:49:07.0805 0x1a08  pci - ok
17:49:07.0913 0x1a08  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:49:08.0117 0x1a08  pciide - ok
17:49:08.0190 0x1a08  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:49:08.0266 0x1a08  pcmcia - ok
17:49:08.0290 0x1a08  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:49:08.0323 0x1a08  pcw - ok
17:49:08.0432 0x1a08  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:49:08.0552 0x1a08  PEAUTH - ok
17:49:08.0742 0x1a08  [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:49:08.0919 0x1a08  PeerDistSvc - ok
17:49:09.0117 0x1a08  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
17:49:09.0357 0x1a08  pla - ok
17:49:09.0477 0x1a08  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:49:09.0621 0x1a08  PlugPlay - ok
17:49:09.0688 0x1a08  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:49:09.0743 0x1a08  PNRPAutoReg - ok
17:49:09.0826 0x1a08  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:49:09.0921 0x1a08  PNRPsvc - ok
17:49:09.0987 0x1a08  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:49:10.0142 0x1a08  PolicyAgent - ok
17:49:10.0207 0x1a08  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
17:49:10.0326 0x1a08  Power - ok
17:49:10.0406 0x1a08  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:49:10.0496 0x1a08  PptpMiniport - ok
17:49:10.0534 0x1a08  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\drivers\processr.sys
17:49:10.0596 0x1a08  Processor - ok
17:49:10.0732 0x1a08  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:49:10.0836 0x1a08  ProfSvc - ok
17:49:10.0878 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:49:10.0915 0x1a08  ProtectedStorage - ok
17:49:10.0973 0x1a08  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:49:11.0090 0x1a08  Psched - ok
17:49:11.0250 0x1a08  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:49:11.0379 0x1a08  ql2300 - ok
17:49:11.0416 0x1a08  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:49:11.0455 0x1a08  ql40xx - ok
17:49:11.0503 0x1a08  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
17:49:11.0581 0x1a08  QWAVE - ok
17:49:11.0623 0x1a08  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:49:11.0668 0x1a08  QWAVEdrv - ok
17:49:11.0685 0x1a08  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:49:11.0785 0x1a08  RasAcd - ok
17:49:11.0839 0x1a08  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:49:11.0914 0x1a08  RasAgileVpn - ok
17:49:11.0961 0x1a08  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:49:12.0092 0x1a08  RasAuto - ok
17:49:12.0148 0x1a08  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:49:12.0267 0x1a08  Rasl2tp - ok
17:49:12.0368 0x1a08  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
17:49:12.0484 0x1a08  RasMan - ok
17:49:12.0531 0x1a08  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:49:12.0638 0x1a08  RasPppoe - ok
17:49:12.0667 0x1a08  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:49:12.0766 0x1a08  RasSstp - ok
17:49:12.0791 0x1a08  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:49:13.0174 0x1a08  rdbss - ok
17:49:13.0262 0x1a08  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:49:13.0409 0x1a08  rdpbus - ok
17:49:13.0425 0x1a08  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:49:13.0574 0x1a08  RDPCDD - ok
17:49:13.0638 0x1a08  [ B973FCFC50DC1434E1970A146F7E3885, BE797E5F5AE34D37F8DA1134CE94DD14DBE36D2BC405B97E992E2257848B7CA9 ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:49:13.0755 0x1a08  RDPDR - ok
17:49:13.0789 0x1a08  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:49:13.0869 0x1a08  RDPENCDD - ok
17:49:13.0903 0x1a08  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:49:13.0982 0x1a08  RDPREFMP - ok
17:49:14.0045 0x1a08  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:49:14.0160 0x1a08  RDPWD - ok
17:49:14.0230 0x1a08  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:49:14.0272 0x1a08  rdyboost - ok
17:49:14.0341 0x1a08  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:49:14.0452 0x1a08  RemoteRegistry - ok
17:49:14.0496 0x1a08  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:49:14.0596 0x1a08  RpcEptMapper - ok
17:49:14.0635 0x1a08  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
17:49:14.0684 0x1a08  RpcLocator - ok
17:49:14.0744 0x1a08  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
17:49:14.0842 0x1a08  RpcSs - ok
17:49:14.0891 0x1a08  [ E5B5CCA5421CCBF926F520CE103DC9B4, 868A570BC6F6C0D2C2061A32BEDC74FE32DCBEBAAC6130E647155A808E9525C6 ] RSP2STOR        C:\Windows\system32\DRIVERS\RtsP2Stor.sys
17:49:14.0931 0x1a08  RSP2STOR - ok
17:49:14.0976 0x1a08  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:49:15.0069 0x1a08  rspndr - ok
17:49:15.0161 0x1a08  [ 568C33723F09B341A11800D5EEA02038, F61CAAD43493EEC67ABFB31FED465BD0AE3935915751FC8D76955CD39B814AF6 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
17:49:15.0231 0x1a08  RTL8167 - ok
17:49:15.0289 0x1a08  [ 7FA7F2E249A5DCBB7970630E15E1F482, 9633B193F3FDA67BC551C6DCA4788AB83E9F45F77763EE579D02FE5D6B80DEDF ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:49:15.0335 0x1a08  s3cap - ok
17:49:15.0367 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
17:49:15.0433 0x1a08  SamSs - ok
17:49:15.0479 0x1a08  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:49:15.0511 0x1a08  sbp2port - ok
17:49:15.0557 0x1a08  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:49:15.0648 0x1a08  SCardSvr - ok
17:49:15.0660 0x1a08  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:49:15.0736 0x1a08  scfilter - ok
17:49:15.0827 0x1a08  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
17:49:15.0976 0x1a08  Schedule - ok
17:49:16.0015 0x1a08  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:49:16.0076 0x1a08  SCPolicySvc - ok
17:49:16.0128 0x1a08  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:49:16.0231 0x1a08  SDRSVC - ok
17:49:16.0304 0x1a08  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:49:16.0387 0x1a08  secdrv - ok
17:49:16.0421 0x1a08  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
17:49:16.0520 0x1a08  seclogon - ok
17:49:16.0559 0x1a08  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
17:49:16.0643 0x1a08  SENS - ok
17:49:16.0686 0x1a08  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:49:16.0792 0x1a08  SensrSvc - ok
17:49:16.0826 0x1a08  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\drivers\serenum.sys
17:49:16.0878 0x1a08  Serenum - ok
17:49:16.0894 0x1a08  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\drivers\serial.sys
17:49:16.0960 0x1a08  Serial - ok
17:49:16.0993 0x1a08  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:49:17.0046 0x1a08  sermouse - ok
17:49:17.0117 0x1a08  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:49:17.0217 0x1a08  SessionEnv - ok
17:49:17.0232 0x1a08  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:49:17.0284 0x1a08  sffdisk - ok
17:49:17.0306 0x1a08  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:49:17.0400 0x1a08  sffp_mmc - ok
17:49:17.0421 0x1a08  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:49:17.0477 0x1a08  sffp_sd - ok
17:49:17.0519 0x1a08  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:49:17.0557 0x1a08  sfloppy - ok
17:49:17.0669 0x1a08  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:49:17.0793 0x1a08  SharedAccess - ok
17:49:17.0873 0x1a08  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:49:18.0078 0x1a08  ShellHWDetection - ok
17:49:18.0189 0x1a08  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
17:49:18.0219 0x1a08  sisagp - ok
17:49:18.0291 0x1a08  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:49:18.0334 0x1a08  SiSRaid2 - ok
17:49:18.0360 0x1a08  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:49:18.0402 0x1a08  SiSRaid4 - ok
17:49:18.0443 0x1a08  [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
17:49:18.0490 0x1a08  SkypeUpdate - ok
17:49:18.0522 0x1a08  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:49:18.0620 0x1a08  Smb - ok
17:49:18.0683 0x1a08  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:49:18.0723 0x1a08  SNMPTRAP - ok
17:49:18.0748 0x1a08  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:49:18.0774 0x1a08  spldr - ok
17:49:18.0832 0x1a08  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
17:49:18.0910 0x1a08  Spooler - ok
17:49:19.0146 0x1a08  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
17:49:19.0479 0x1a08  sppsvc - ok
17:49:19.0539 0x1a08  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:49:19.0623 0x1a08  sppuinotify - ok
17:49:19.0704 0x1a08  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:49:19.0800 0x1a08  srv - ok
17:49:19.0856 0x1a08  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:49:19.0914 0x1a08  srv2 - ok
17:49:19.0939 0x1a08  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:49:19.0992 0x1a08  srvnet - ok
17:49:20.0063 0x1a08  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:49:20.0153 0x1a08  SSDPSRV - ok
17:49:20.0181 0x1a08  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:49:20.0278 0x1a08  SstpSvc - ok
17:49:20.0321 0x1a08  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:49:20.0345 0x1a08  stexstor - ok
17:49:20.0419 0x1a08  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
17:49:20.0512 0x1a08  StiSvc - ok
17:49:20.0556 0x1a08  [ 472AF0311073DCECEAA8FA18BA2BDF89, 089414057EB2047E42C96C1ACE79D509967461DC5A4D2836F63C04268637A3FC ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:49:20.0588 0x1a08  storflt - ok
17:49:20.0657 0x1a08  [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc         C:\Windows\system32\storsvc.dll
17:49:20.0781 0x1a08  StorSvc - ok
17:49:20.0806 0x1a08  [ DCAFFD62259E0BDB433DD67B5BB37619, CBD12FF9BBF33D18B0F3D322B12EC62E7DF3BF45C6AD43D2E91FF4C4762E05D0 ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:49:20.0836 0x1a08  storvsc - ok
17:49:20.0867 0x1a08  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:49:20.0892 0x1a08  swenum - ok
17:49:20.0942 0x1a08  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
17:49:21.0046 0x1a08  swprv - ok
17:49:21.0150 0x1a08  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
17:49:21.0280 0x1a08  SysMain - ok
17:49:21.0297 0x1a08  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
17:49:21.0352 0x1a08  TabletInputService - ok
17:49:21.0395 0x1a08  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:49:21.0510 0x1a08  TapiSrv - ok
17:49:21.0570 0x1a08  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
17:49:21.0671 0x1a08  TBS - ok
17:49:21.0805 0x1a08  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:49:21.0916 0x1a08  Tcpip - ok
17:49:22.0000 0x1a08  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:49:22.0116 0x1a08  TCPIP6 - ok
17:49:22.0235 0x1a08  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:49:22.0293 0x1a08  tcpipreg - ok
17:49:22.0395 0x1a08  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:49:22.0465 0x1a08  TDPIPE - ok
17:49:22.0531 0x1a08  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:49:22.0572 0x1a08  TDTCP - ok
17:49:22.0637 0x1a08  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:49:22.0721 0x1a08  tdx - ok
17:49:22.0746 0x1a08  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:49:22.0784 0x1a08  TermDD - ok
17:49:22.0891 0x1a08  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
17:49:23.0114 0x1a08  TermService - ok
17:49:23.0145 0x1a08  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
17:49:23.0247 0x1a08  Themes - ok
17:49:23.0292 0x1a08  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:49:23.0472 0x1a08  THREADORDER - ok
17:49:23.0527 0x1a08  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
17:49:23.0647 0x1a08  TrkWks - ok
17:49:23.0718 0x1a08  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:49:23.0812 0x1a08  TrustedInstaller - ok
17:49:23.0865 0x1a08  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:49:23.0956 0x1a08  tssecsrv - ok
17:49:23.0983 0x1a08  [ FD1D6C73E6333BE727CBCC6054247654, 6F7B9AE1A5986204DB3348D13B303F30FC17624939DA74D6BD114FAEED0FB30E ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:49:24.0085 0x1a08  TsUsbFlt - ok
17:49:24.0120 0x1a08  [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:49:24.0185 0x1a08  TsUsbGD - ok
17:49:24.0204 0x1a08  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:49:24.0297 0x1a08  tunnel - ok
17:49:24.0354 0x1a08  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:49:24.0382 0x1a08  uagp35 - ok
17:49:24.0468 0x1a08  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:49:24.0579 0x1a08  udfs - ok
17:49:24.0649 0x1a08  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:49:24.0706 0x1a08  UI0Detect - ok
17:49:24.0751 0x1a08  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:49:24.0781 0x1a08  uliagpkx - ok
17:49:24.0794 0x1a08  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:49:24.0855 0x1a08  umbus - ok
17:49:24.0867 0x1a08  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:49:24.0914 0x1a08  UmPass - ok
17:49:24.0964 0x1a08  [ 409994A8EACEEE4E328749C0353527A0, FFC57B647147DE2957A7DE4B330CC534DE7AC892A2FCE3BB164F7A516CAB1B56 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:49:25.0033 0x1a08  UmRdpService - ok
17:49:25.0100 0x1a08  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
17:49:25.0214 0x1a08  upnphost - ok
17:49:25.0278 0x1a08  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:49:25.0398 0x1a08  usbccgp - ok
17:49:25.0450 0x1a08  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:49:25.0529 0x1a08  usbcir - ok
17:49:25.0595 0x1a08  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:49:25.0622 0x1a08  usbehci - ok
17:49:25.0659 0x1a08  [ 04322AECFC8718883EE3A0FE21FB5B70, F2AEE1999E9ACA8D4D61B0FC165EB22827892BB1E6B93E3B86694101AD06DA9C ] usbfilter       C:\Windows\system32\DRIVERS\usbfilter.sys
17:49:25.0686 0x1a08  usbfilter - ok
17:49:25.0735 0x1a08  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:49:25.0791 0x1a08  usbhub - ok
17:49:25.0849 0x1a08  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:49:25.0887 0x1a08  usbohci - ok
17:49:25.0929 0x1a08  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
17:49:25.0988 0x1a08  usbprint - ok
17:49:26.0026 0x1a08  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
17:49:26.0108 0x1a08  usbscan - ok
17:49:26.0171 0x1a08  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:49:26.0251 0x1a08  USBSTOR - ok
17:49:26.0269 0x1a08  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:49:26.0317 0x1a08  usbuhci - ok
17:49:26.0353 0x1a08  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
17:49:26.0417 0x1a08  usbvideo - ok
17:49:26.0477 0x1a08  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
17:49:26.0562 0x1a08  UxSms - ok
17:49:26.0599 0x1a08  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
17:49:26.0629 0x1a08  VaultSvc - ok
17:49:26.0677 0x1a08  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:49:26.0702 0x1a08  vdrvroot - ok
17:49:26.0754 0x1a08  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
17:49:26.0867 0x1a08  vds - ok
17:49:26.0886 0x1a08  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:49:26.0934 0x1a08  vga - ok
17:49:26.0947 0x1a08  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:49:27.0011 0x1a08  VgaSave - ok
17:49:27.0055 0x1a08  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:49:27.0090 0x1a08  vhdmp - ok
17:49:27.0116 0x1a08  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
17:49:27.0144 0x1a08  viaagp - ok
17:49:27.0166 0x1a08  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\drivers\viac7.sys
17:49:27.0242 0x1a08  ViaC7 - ok
17:49:27.0291 0x1a08  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:49:27.0320 0x1a08  viaide - ok
17:49:27.0386 0x1a08  [ C2F2911156FDC7817C52829C86DA494E, FE499F189B5016FCE0018AA3DE3970B72275B7B15F3D4D608117F6DDEC6B90DC ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:49:27.0421 0x1a08  vmbus - ok
17:49:27.0449 0x1a08  [ D4D77455211E204F370D08F4963063CE, 2018B2A84C73E0834200A594C02A9D28C74906F126DAD3CCDDFC9CD9A61669E2 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:49:27.0503 0x1a08  VMBusHID - ok
17:49:27.0546 0x1a08  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:49:27.0574 0x1a08  volmgr - ok
17:49:27.0613 0x1a08  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:49:27.0667 0x1a08  volmgrx - ok
17:49:27.0696 0x1a08  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:49:27.0736 0x1a08  volsnap - ok
17:49:27.0756 0x1a08  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:49:27.0802 0x1a08  vsmraid - ok
17:49:27.0934 0x1a08  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
17:49:28.0283 0x1a08  VSS - ok
17:49:28.0327 0x1a08  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
17:49:28.0433 0x1a08  vwifibus - ok
17:49:28.0450 0x1a08  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:49:28.0535 0x1a08  vwififlt - ok
17:49:28.0591 0x1a08  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
17:49:28.0688 0x1a08  W32Time - ok
17:49:28.0739 0x1a08  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:49:28.0797 0x1a08  WacomPen - ok
17:49:28.0817 0x1a08  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:49:28.0893 0x1a08  WANARP - ok
17:49:28.0904 0x1a08  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:49:28.0975 0x1a08  Wanarpv6 - ok
17:49:29.0122 0x1a08  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:49:29.0242 0x1a08  WatAdminSvc - ok
17:49:29.0360 0x1a08  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
17:49:29.0512 0x1a08  wbengine - ok
17:49:29.0531 0x1a08  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:49:29.0611 0x1a08  WbioSrvc - ok
17:49:29.0682 0x1a08  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:49:29.0745 0x1a08  wcncsvc - ok
17:49:29.0758 0x1a08  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:49:29.0863 0x1a08  WcsPlugInService - ok
17:49:29.0898 0x1a08  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\drivers\wd.sys
17:49:29.0923 0x1a08  Wd - ok
17:49:29.0992 0x1a08  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:49:30.0067 0x1a08  Wdf01000 - ok
17:49:30.0085 0x1a08  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:49:30.0202 0x1a08  WdiServiceHost - ok
17:49:30.0213 0x1a08  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:49:30.0262 0x1a08  WdiSystemHost - ok
17:49:30.0315 0x1a08  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
17:49:30.0402 0x1a08  WebClient - ok
17:49:30.0439 0x1a08  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:49:30.0528 0x1a08  Wecsvc - ok
17:49:30.0553 0x1a08  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:49:30.0622 0x1a08  wercplsupport - ok
17:49:30.0643 0x1a08  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
17:49:30.0739 0x1a08  WerSvc - ok
17:49:30.0770 0x1a08  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:49:30.0836 0x1a08  WfpLwf - ok
17:49:30.0854 0x1a08  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:49:30.0884 0x1a08  WIMMount - ok
17:49:30.0998 0x1a08  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
17:49:31.0108 0x1a08  WinDefend - ok
17:49:31.0126 0x1a08  WinHttpAutoProxySvc - ok
17:49:31.0205 0x1a08  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:49:31.0279 0x1a08  Winmgmt - ok
17:49:31.0385 0x1a08  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
17:49:31.0572 0x1a08  WinRM - ok
17:49:31.0683 0x1a08  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:49:31.0809 0x1a08  Wlansvc - ok
17:49:31.0840 0x1a08  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:49:31.0901 0x1a08  WmiAcpi - ok
17:49:31.0964 0x1a08  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:49:32.0023 0x1a08  wmiApSrv - ok
17:49:32.0172 0x1a08  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
17:49:32.0367 0x1a08  WMPNetworkSvc - ok
17:49:32.0397 0x1a08  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:49:32.0488 0x1a08  WPCSvc - ok
17:49:32.0506 0x1a08  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:49:32.0615 0x1a08  WPDBusEnum - ok
17:49:32.0679 0x1a08  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:49:32.0799 0x1a08  ws2ifsl - ok
17:49:32.0843 0x1a08  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
17:49:32.0933 0x1a08  wscsvc - ok
17:49:32.0949 0x1a08  WSearch - ok
17:49:33.0179 0x1a08  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:49:33.0401 0x1a08  wuauserv - ok
17:49:33.0474 0x1a08  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:49:33.0563 0x1a08  WudfPf - ok
17:49:33.0593 0x1a08  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
17:49:33.0643 0x1a08  WUDFRd - ok
17:49:33.0666 0x1a08  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:49:33.0731 0x1a08  wudfsvc - ok
17:49:33.0802 0x1a08  [ 3C5E51C05BE9B56EAFF4E388C3AB25E4, 10D9FDEDAB1FB2E76D54661AFA5C1A6B1B0980525F38F5D061537077841C6AEE ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:49:33.0910 0x1a08  WwanSvc - ok
17:49:33.0929 0x1a08  ================ Scan global ===============================
17:49:34.0003 0x1a08  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
17:49:34.0046 0x1a08  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:49:34.0086 0x1a08  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
17:49:34.0138 0x1a08  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
17:49:34.0185 0x1a08  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
17:49:34.0205 0x1a08  [ Global ] - ok
17:49:34.0205 0x1a08  ================ Scan MBR ==================================
17:49:34.0227 0x1a08  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:49:34.0665 0x1a08  \Device\Harddisk0\DR0 - ok
17:49:34.0676 0x1a08  ================ Scan VBR ==================================
17:49:34.0711 0x1a08  [ 9F8DE8744ABB2570032765D01C293F5B ] \Device\Harddisk0\DR0\Partition1
17:49:34.0714 0x1a08  \Device\Harddisk0\DR0\Partition1 - ok
17:49:34.0745 0x1a08  [ B37BB17F058E3DB9866A10C984B212A2 ] \Device\Harddisk0\DR0\Partition2
17:49:34.0749 0x1a08  \Device\Harddisk0\DR0\Partition2 - ok
17:49:34.0957 0x1a08  Win FW state via NFP2: enabled
17:49:37.0722 0x1a08  ============================================================
17:49:37.0722 0x1a08  Scan finished
17:49:37.0722 0x1a08  ============================================================
17:49:37.0795 0x1a00  Detected object count: 0
17:49:37.0796 0x1a00  Actual detected object count: 0
17:50:59.0339 0x18b0  Deinitialize success

schrauber · 30.01.2014, 16:49

Besser, frisches FRST log bitte. Noch probleme?

Klösp · 31.01.2014, 18:14

Bisher keine weiteren Vorkommnisse
Hier nochmal FRST Logs:

FRST Logfile:

Code:

ATTFilter

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-01-2014 01
Ran by BENUTZER (administrator) on NAME-NB on 31-01-2014 17:42:17
Running from C:\Users\BENUTZER\Downloads
Microsoft Windows 7 Professional  Service Pack 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) ===================

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_11_9_900_170.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmplayer.exe
(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [StartCCC] - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-02-14] (Advanced Micro Devices, Inc.)
HKLM\...\Run: [Adobe ARM] - C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [SunJavaUpdateSched] - C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
SearchScopes: HKLM - DefaultScope value is missing.
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} hxxp://sdlc-esd.sun.com/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe?AuthParam=1360180396_2ceeabeffd890e19f85ed5b2aa8d944a&GroupName=JSC&FilePath=/ESD44/JSCDL/jdk/6u7/jre-6u7-windows-i586-p-s.exe&File=jre-6u7-windows-i586-p-s.exe&BHost=javadl.sun.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} https://fpdownload.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
Tcpip\..\Interfaces\{3745AD6A-3B2F-4B51-A280-F2776C8ECB82}: [NameServer]195.34.133.21,195.34.133.22

FireFox:
========
FF ProfilePath: C:\Users\BENUTZER\AppData\Roaming\Mozilla\Firefox\Profiles\s9u30li6.default
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/Lync,version=15.0 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml

========================== Services (Whitelisted) =================

R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2012-02-14] (Advanced Micro Devices, Inc.)
R2 OfficeSvc; C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [1320120 2013-10-31] (Microsoft Corporation)
S4 RemoteAccess; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

R0 amd_sata; C:\Windows\System32\DRIVERS\amd_sata.sys [70784 2011-12-13] (Advanced Micro Devices)
R0 amd_xata; C:\Windows\System32\DRIVERS\amd_xata.sys [34944 2011-12-13] (Advanced Micro Devices)
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [46720 2012-02-01] (Advanced Micro Devices)
R3 athr; C:\Windows\System32\DRIVERS\athr.sys [2957312 2012-06-20] (Qualcomm Atheros Communications, Inc.)
R3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [197224 2012-04-12] (Realtek Semiconductor Corp.)
S3 catchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\catchme.sys [x]
S3 CFcatchme; \??\C:\Users\BENUTZER\AppData\Local\Temp\CFcatchme.sys [x]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-01-31 17:36 - 2014-01-31 17:42 - 00007588 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-25 13:03 - 2013-11-26 11:11 - 17112576 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-01-25 13:03 - 2013-11-26 10:23 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-01-25 13:03 - 2013-11-26 10:22 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-01-25 13:03 - 2013-11-26 09:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-01-25 13:03 - 2013-11-26 09:52 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-01-25 13:03 - 2013-11-26 09:38 - 02166784 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-01-25 13:03 - 2013-11-26 09:38 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-01-25 13:03 - 2013-11-26 09:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-01-25 13:03 - 2013-11-26 09:32 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-01-25 13:03 - 2013-11-26 09:29 - 00112128 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-01-25 13:03 - 2013-11-26 09:29 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-01-25 13:03 - 2013-11-26 09:28 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-01-25 13:03 - 2013-11-26 09:16 - 04243968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-01-25 13:03 - 2013-11-26 09:13 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-01-25 13:03 - 2013-11-26 08:32 - 01928192 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-01-25 13:03 - 2013-11-26 08:26 - 11221504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-01-25 13:03 - 2013-11-26 07:34 - 00703488 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-01-25 13:03 - 2013-11-26 07:33 - 01820160 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-01-25 13:03 - 2013-11-26 07:27 - 01157632 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-01-25 12:54 - 2013-05-10 05:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-01-25 12:54 - 2013-05-10 05:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-01-24 17:00 - 2013-10-04 02:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-01-24 17:00 - 2013-10-04 02:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-01-24 17:00 - 2013-10-04 02:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-01-24 17:00 - 2013-09-25 03:01 - 00136640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-01-24 17:00 - 2013-09-25 03:01 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-01-24 17:00 - 2013-09-25 02:57 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-01-24 17:00 - 2013-07-04 13:16 - 00369848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-01-24 17:00 - 2013-07-04 12:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-01-24 17:00 - 2013-07-03 05:02 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-01-24 17:00 - 2013-07-03 04:36 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-01-24 17:00 - 2013-07-03 04:36 - 00025728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-01-24 16:59 - 2013-11-23 19:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-01-24 16:59 - 2013-11-12 03:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-01-24 16:59 - 2013-10-19 02:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-01-24 16:59 - 2013-10-12 03:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-01-24 16:59 - 2013-10-12 03:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-01-24 16:59 - 2013-10-12 02:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-01-24 16:59 - 2013-10-12 02:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-01-24 16:59 - 2013-09-25 02:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-01-24 16:59 - 2013-09-25 02:57 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-01-24 16:59 - 2013-09-25 02:56 - 01038848 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-01-24 16:59 - 2013-09-25 02:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-01-24 16:59 - 2013-09-25 01:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-01-24 16:59 - 2013-09-25 01:49 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-01-24 16:59 - 2013-08-01 12:03 - 00729024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-01-24 16:58 - 2013-11-26 11:10 - 02349056 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-01-24 16:58 - 2013-10-04 02:49 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-01-24 16:58 - 2013-10-04 02:17 - 00177152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-01-24 16:58 - 2013-08-28 01:57 - 00434688 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-01-24 16:58 - 2013-07-20 11:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-01-24 16:58 - 2013-06-06 05:52 - 00026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-01-24 16:58 - 2013-06-06 05:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-01-24 16:58 - 2013-06-06 05:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-01-24 16:58 - 2013-06-06 04:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-01-24 16:58 - 2013-06-06 04:01 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-01-24 16:57 - 2013-11-26 12:11 - 00240576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-24 16:57 - 2013-10-12 03:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-01-24 16:57 - 2013-10-12 03:01 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-01-24 16:57 - 2013-10-12 03:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-01-24 16:57 - 2013-10-03 02:58 - 00305152 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-01-24 16:57 - 2013-08-05 02:56 - 00133056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-01-24 16:57 - 2013-07-26 02:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-01-24 16:57 - 2013-07-26 02:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-01-24 16:57 - 2013-07-04 12:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-01-24 16:57 - 2013-07-04 12:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-01-24 16:57 - 2013-07-04 10:48 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-01-24 16:56 - 2013-11-27 02:14 - 00258560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-24 16:56 - 2013-11-27 02:13 - 00006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-24 16:56 - 2013-10-05 20:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-01-24 16:56 - 2013-08-02 02:50 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-01-24 16:56 - 2013-08-02 02:49 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-01-24 16:56 - 2013-08-02 02:49 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 02:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 01:52 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-01-24 16:56 - 2013-08-02 01:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 01:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 01:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-01-24 16:56 - 2013-08-02 01:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-01-24 16:56 - 2013-07-12 11:08 - 00146816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbvideo.sys
2014-01-24 16:56 - 2013-07-12 11:07 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-01-24 16:56 - 2013-06-25 23:56 - 00527064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-01-23 22:37 - 2014-01-23 22:37 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-23 22:37 - 2014-01-23 22:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-23 22:37 - 2014-01-23 22:37 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-23 22:37 - 2014-01-23 22:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-23 22:36 - 2014-01-23 22:36 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-23 22:36 - 2014-01-23 22:36 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-23 22:35 - 2014-01-23 22:41 - 00011832 _____ C:\Windows\IE11_main.log
2014-01-23 20:05 - 2014-01-23 20:05 - 04101441 _____ C:\Users\BENUTZER\Downloads\tdsskiller.zip
2014-01-23 19:59 - 2014-01-23 19:59 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-21 20:53 - 2014-01-21 20:53 - 00000000 ____D C:\ProgramData\Oracle
2014-01-21 20:53 - 2014-01-21 20:53 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-21 20:53 - 2014-01-21 20:52 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-21 20:50 - 2014-01-21 20:50 - 29141928 _____ (Oracle Corporation) C:\Users\BENUTZER\Downloads\jre-7u51-windows-i586.exe
2014-01-19 17:58 - 2014-01-19 17:58 - 00987425 _____ C:\Users\BENUTZER\Downloads\SecurityCheck.exe
2014-01-19 17:22 - 2014-01-19 17:22 - 00000798 _____ C:\Windows\PFRO.log
2014-01-19 15:55 - 2014-01-19 15:55 - 02347384 _____ (ESET) C:\Users\BENUTZER\Downloads\esetsmartinstaller_enu.exe
2014-01-18 13:57 - 2014-01-31 17:36 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:33 - 2014-01-18 13:35 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-15 20:42 - 2013-10-30 03:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:04 - 2011-06-26 07:45 - 00256000 _____ C:\Windows\PEV.exe
2014-01-15 20:04 - 2010-11-07 18:20 - 00208896 _____ C:\Windows\MBR.exe
2014-01-15 20:04 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00098816 _____ C:\Windows\sed.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00080412 _____ C:\Windows\grep.exe
2014-01-15 20:04 - 2000-08-31 01:00 - 00068096 _____ C:\Windows\zip.exe
2014-01-15 20:03 - 2014-01-15 20:24 - 00000000 ____D C:\Qoobox
2014-01-15 20:03 - 2014-01-15 20:22 - 00000000 ____D C:\Windows\erdnt
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-12 18:26 - 2014-01-31 17:42 - 00000000 ____D C:\FRST
2014-01-12 18:26 - 2014-01-31 17:36 - 01137152 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe

==================== One Month Modified Files and Folders =======

2014-01-31 17:42 - 2014-01-31 17:36 - 00007588 _____ C:\Users\BENUTZER\Downloads\FRST.txt
2014-01-31 17:42 - 2014-01-12 18:26 - 00000000 ____D C:\FRST
2014-01-31 17:36 - 2014-01-18 13:57 - 00000000 ____D C:\Users\BENUTZER\Downloads\FRST-OlderVersion
2014-01-31 17:36 - 2014-01-12 18:26 - 01137152 _____ (Farbar) C:\Users\BENUTZER\Downloads\FRST.exe
2014-01-31 17:23 - 2013-02-05 09:34 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-01-31 16:59 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:59 - 2009-07-14 05:34 - 00021872 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-01-31 16:57 - 2013-02-04 15:22 - 01160652 _____ C:\Windows\WindowsUpdate.log
2014-01-31 16:52 - 2009-07-14 05:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2014-01-31 16:52 - 2009-07-14 05:39 - 00083266 _____ C:\Windows\setupact.log
2014-01-26 20:55 - 2010-11-20 22:01 - 01535196 _____ C:\Windows\system32\PerfStringBackup.INI
2014-01-26 20:26 - 2013-10-05 20:14 - 00000000 ____D C:\Users\BENUTZER\AppData\Roaming\Skype
2014-01-26 15:39 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Microsoft.NET
2014-01-25 16:34 - 2009-07-14 05:33 - 00436088 _____ C:\Windows\system32\FNTCACHE.DAT
2014-01-25 13:22 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\de-DE
2014-01-25 12:48 - 2013-08-19 15:52 - 00000000 ____D C:\Windows\system32\MRT
2014-01-23 22:41 - 2014-01-23 22:35 - 00011832 _____ C:\Windows\IE11_main.log
2014-01-23 22:37 - 2014-01-23 22:37 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00646144 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00645120 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-01-23 22:37 - 2014-01-23 22:37 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-01-23 22:37 - 2014-01-23 22:37 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00238288 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00233472 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00208384 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00151552 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00074240 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-01-23 22:37 - 2014-01-23 22:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-01-23 22:37 - 2014-01-23 22:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-01-23 22:37 - 2014-01-23 22:37 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 03969472 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 03914176 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-01-23 22:36 - 2014-01-23 22:36 - 01294272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-01-23 22:36 - 2014-01-23 22:36 - 01289096 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00640512 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00619520 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-01-23 22:36 - 2014-01-23 22:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-01-23 22:36 - 2014-01-23 22:36 - 00231424 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-01-23 20:05 - 2014-01-23 20:05 - 04101441 _____ C:\Users\BENUTZER\Downloads\tdsskiller.zip
2014-01-23 20:01 - 2009-07-14 05:53 - 00032632 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-23 19:59 - 2014-01-23 19:59 - 00000000 ____D C:\TDSSKiller_Quarantine
2014-01-21 20:53 - 2014-01-21 20:53 - 00000000 ____D C:\ProgramData\Oracle
2014-01-21 20:53 - 2014-01-21 20:53 - 00000000 ____D C:\Program Files\Common Files\Java
2014-01-21 20:52 - 2014-01-21 20:53 - 00264616 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00175016 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00174504 _____ (Oracle Corporation) C:\Windows\system32\java.exe
2014-01-21 20:52 - 2014-01-21 20:52 - 00094632 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2014-01-21 20:50 - 2014-01-21 20:50 - 29141928 _____ (Oracle Corporation) C:\Users\BENUTZER\Downloads\jre-7u51-windows-i586.exe
2014-01-19 17:58 - 2014-01-19 17:58 - 00987425 _____ C:\Users\BENUTZER\Downloads\SecurityCheck.exe
2014-01-19 17:22 - 2014-01-19 17:22 - 00000798 _____ C:\Windows\PFRO.log
2014-01-19 15:55 - 2014-01-19 15:55 - 02347384 _____ (ESET) C:\Users\BENUTZER\Downloads\esetsmartinstaller_enu.exe
2014-01-18 13:45 - 2014-01-18 13:45 - 00000000 ____D C:\Windows\ERUNT
2014-01-18 13:41 - 2014-01-18 13:41 - 01037068 _____ (Thisisu) C:\Users\BENUTZER\Downloads\JRT.exe
2014-01-18 13:35 - 2014-01-18 13:33 - 00000000 ____D C:\AdwCleaner
2014-01-18 13:32 - 2013-02-04 15:38 - 00000000 ____D C:\Users\BENUTZER
2014-01-18 13:31 - 2014-01-18 13:31 - 01236282 _____ C:\Users\BENUTZER\Downloads\adwcleaner.exe
2014-01-16 21:59 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\wfp
2014-01-16 21:58 - 2009-07-14 03:37 - 00000000 ____D C:\Program Files\Common Files\microsoft shared
2014-01-16 21:57 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\registration
2014-01-16 21:52 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\system32\LogFiles
2014-01-15 20:42 - 2013-12-23 08:29 - 00000000 ____D C:\Program Files\Microsoft Office 15
2014-01-15 20:24 - 2014-01-15 20:24 - 00093654 _____ C:\ComboFix.txt
2014-01-15 20:24 - 2014-01-15 20:03 - 00000000 ____D C:\Qoobox
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 __RHD C:\Users\Default
2014-01-15 20:24 - 2009-07-14 03:37 - 00000000 ___RD C:\Users\Public
2014-01-15 20:22 - 2014-01-15 20:03 - 00000000 ____D C:\Windows\erdnt
2014-01-15 20:19 - 2013-08-19 20:23 - 00061184 _____ C:\Windows\system32\Drivers\7029c455ca8a987e.sys
2014-01-15 20:19 - 2009-07-14 03:04 - 00000215 _____ C:\Windows\system.ini
2014-01-15 20:18 - 2009-07-14 03:03 - 51118080 _____ C:\Windows\system32\config\SOFTWARE.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 14680064 _____ C:\Windows\system32\config\SYSTEM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SECURITY.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\SAM.bak
2014-01-15 20:18 - 2009-07-14 03:03 - 00262144 _____ C:\Windows\system32\config\DEFAULT.bak
2014-01-15 19:58 - 2014-01-15 19:58 - 05165717 _____ (Swearware) C:\Users\BENUTZER\Downloads\ComboFix(1).exe
2014-01-15 18:59 - 2013-08-19 20:00 - 00000000 ____D C:\Users\BENUTZER\AppData\Local\{0D5CCA6C-BE5C-6826-A097-1F118034549F}
2014-01-12 18:34 - 2009-07-14 03:37 - 00000000 ____D C:\Windows\Help
2014-01-08 17:24 - 2013-02-05 10:13 - 00000000 ____D C:\Users\BENUTZER\Desktop\Schach
2014-01-06 16:20 - 2013-02-04 16:52 - 83425928 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

Some content of TEMP:
====================
C:\Users\BENUTZER\AppData\Local\temp\D7721D21-037C-4176-9C31-3DEFECF5B638.exe
C:\Users\BENUTZER\AppData\Local\temp\jre-7u51-windows-i586-iftw.exe
C:\Users\BENUTZER\AppData\Local\temp\Quarantine.exe
C:\Users\BENUTZER\AppData\Local\temp\SkypeSetup.exe
C:\Users\BENUTZER\AppData\Local\temp\{759D2D57-E985-4DBE-8760-E53C9819468C}.exe


==================== Bamital & volsnap Check =================

C:\Windows\explorer.exe => MD5 is legit
C:\Windows\system32\winlogon.exe => MD5 is legit
C:\Windows\system32\wininit.exe => MD5 is legit
C:\Windows\system32\svchost.exe => MD5 is legit
C:\Windows\system32\services.exe => MD5 is legit
C:\Windows\system32\User32.dll => MD5 is legit
C:\Windows\system32\userinit.exe => MD5 is legit
C:\Windows\system32\rpcss.dll => MD5 is legit
C:\Windows\system32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-01-18 19:01

==================== End Of Log ============================

--- --- ---

Code:

ATTFilter

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 29-01-2014 01
Ran by BENUTZER at 2014-01-31 17:43:08
Running from C:\Users\BENUTZER\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

7-Zip 9.20 (Version:  - )
Adobe Flash Player 11 ActiveX (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (Version: 11.9.900.170 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06 - Adobe Systems Incorporated)
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
AMD Media Foundation Decoders (Version: 1.0.70214.2220 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.04.0000 - AMD) Hidden
AMD VISION Engine Control Center (Version: 2012.0214.2218.39913 - Ihr Firmenname) Hidden
Catalyst Control Center - Branding (Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
ccc-utility (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Free YouTube to MP3 Converter version 3.12.11.812 (Version: 3.12.11.812 - DVDVideoSoft Ltd.)
IrfanView (remove only) (Version: 4.35 - Irfan Skiljan)
Java 7 Update 51 (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Juniper Networks, Inc. Setup Client (HKCU Version: 7.4.6.40675 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (Version: 2.1.1.1 - Juniper Networks, Inc.)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Office 365 ProPlus - de-de (Version: 15.0.4551.1512 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (Version: 10.0.30319 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 de) (Version: 26.0 - Mozilla)
Mozilla Maintenance Service (Version: 26.0 - Mozilla)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4551.1512 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (Version: 7.54.309.2012 - Realtek)
Realtek PCIE Card Reader (Version: 6.1.7601.29018 - Realtek Semiconductor Corp.)
Skype™ 6.9 (Version: 6.9.106 - Skype Technologies S.A.)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (Version: 1 - Microsoft Corporation)
Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (Version: 3 - Microsoft Corporation)

==================== Restore Points  =========================

15-01-2014 19:04:13 ComboFix created restore point
15-01-2014 19:26:40 Windows Update
15-01-2014 19:58:20 Windows Defender Checkpoint
15-01-2014 21:35:09 Windows Update
21-01-2014 18:11:57 Installed Java 7 Update 51
21-01-2014 19:50:55 Installed Java 7 Update 51
23-01-2014 21:33:30 Windows Update
25-01-2014 11:42:43 Windows Update
28-01-2014 16:19:29 Windows Update

==================== Hosts content: ==========================

2009-07-14 03:04 - 2014-01-15 20:19 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

Task: {02A150B2-DAAA-4499-924D-ABD4E67CC2C3} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\integratedoffice.exe [2013-10-31] (Microsoft Corporation)
Task: {2247EED9-7847-427D-946D-231157CD3827} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {2B1071F0-7C15-448D-90AC-B0D140C4C52E} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-01-15] (Microsoft Corporation)
Task: {3F6E4502-2B89-4184-B397-9367B3D27211} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2013-12-23] (Microsoft Corporation)
Task: {889EAD67-6FF1-446E-987A-374EBEFD6629} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2012-02-14 23:15 - 2012-02-14 23:15 - 00065024 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-12-23 08:29 - 2013-08-23 13:45 - 00317096 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2rui.dll
2013-12-23 08:29 - 2013-10-31 08:47 - 00359592 _____ () C:\Program Files\Microsoft Office 15\ClientX86\c2r32.dll
2013-12-23 08:29 - 2013-10-31 08:47 - 00410792 _____ () C:\Program Files\Microsoft Office 15\ClientX86\StreamServer.dll
2013-12-20 15:34 - 2013-12-20 15:34 - 03559024 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2013-12-10 20:23 - 2013-12-10 20:23 - 16242056 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll
2012-02-14 23:15 - 2012-02-14 23:15 - 00095232 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-02-14 23:13 - 2012-02-14 23:13 - 00369152 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-11-09 09:55 - 2011-11-09 09:55 - 00016384 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\42735645.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\89576790.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\42735645.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\89576790.sys => ""="Driver"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/31/2014 04:54:00 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:39:49 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 04:37:06 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 07:40:27 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 05:13:41 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 07:43:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 05:16:34 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 08:43:52 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:05:30 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 09:59:09 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 26.0.0.5087, Zeitstempel: 0x52a0d273
Name des fehlerhaften Moduls: xul.dll, Version: 26.0.0.5087, Zeitstempel: 0x52a0d20a
Ausnahmecode: 0xc0000005
Fehleroffset: 0x0014e1a8
ID des fehlerhaften Prozesses: 0xb58
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3


System errors:
=============
Error: (01/29/2014 10:39:03 PM) (Source: DCOM) (User: )
Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF}

Error: (01/26/2014 08:52:18 PM) (Source: Microsoft-Windows-BitLocker-Driver) (User: NT-AUTORITÄT)
Description: Überprüfung des verschlüsselten Volumes: Die Volumeinformationen auf "E:" können nicht gelesen werden.

Error: (01/26/2014 08:52:15 PM) (Source: Disk) (User: )
Description: Der Treiber hat einen Controllerfehler auf \Device\Harddisk2\DR2 gefunden.

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2862330)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2872339)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2864202)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Kumulatives Sicherheitsupdate für Internet Explorer 10 unter Windows 7 Service Pack 1 (KB2898785)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2868038)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x800f0816 fehlgeschlagen: Sicherheitsupdate für Windows 7 (KB2868626)

Error: (01/23/2014 08:05:21 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für Windows 7 (KB2847077)


Microsoft Office Sessions:
=========================
Error: (01/31/2014 04:54:00 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 07:39:49 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/30/2014 04:37:06 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 07:40:27 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/29/2014 05:13:41 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 07:43:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/28/2014 05:16:34 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 08:43:52 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/27/2014 05:05:30 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (01/26/2014 09:59:09 PM) (Source: Application Error)(User: )
Description: firefox.exe26.0.0.508752a0d273xul.dll26.0.0.508752a0d20ac00000050014e1a8b5801cf1ac77f33231fC:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dllb2be02e6-86cc-11e3-b84a-74e543306e6e


==================== Memory info =========================== 

Percentage of memory in use: 57%
Total physical RAM: 1641.37 MB
Available physical RAM: 700 MB
Total Pagefile: 3282.73 MB
Available Pagefile: 1821.7 MB
Total Virtual: 2047.88 MB
Available Virtual: 1933.14 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:287.99 GB) (Free:248.67 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298 GB) (Disk ID: 3B99AC7F)
Partition 1: (Not Active) - (Size=10 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=288 GB) - (Type=07 NTFS)

==================== End Of Log ============================

schrauber · 01.02.2014, 11:32

Fertig

Falls Du Lob oder Kritik loswerden möchtest kannst Du das hier tun

Die Reihenfolge ist hier entscheidend.

Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
- Windowstaste + R > Combofix /Uninstall (eingeben) > OK
- Alternative: Combofix.exe in uninstall.exe umbenennen und starten
- Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
Downloade Dir bitte auf jeden Fall DelFix auf deinen Desktop:
- Schließe alle offenen Programme.
- Starte die delfix.exe mit einem Doppelklick.
- Setze vor jede Funktion ein Häkchen.
- Klicke auf Start.
- Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
- Starte deinen Rechner abschließend neu.
Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.

Hier noch ein paar Tipps zur Absicherung deines Systems.

Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.

Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
Windows Updates
- Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
- Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
Gehe sicher das die automatischen Updates aktiviert sind.
Software Updates
Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.

Anti- Viren Software

Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.

Zusätzlicher Schutz

MalwareBytes Anti Malware
Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
Ein Tutorial zur Verwendung findest Du hier.
WinPatrol
Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.

Sicheres Browsen

SpywareBlaster
Eine kurze Einführung findest du Hier
MVPs hosts file
Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
WOT (Web of trust)
Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.

Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.

Opera
Mozilla Firefox.
- Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
- NoScript
  Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
- AdblockPlus
  Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
  Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )

Don'ts

Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe

Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.

27.01.2014, 08:37	#24
schrauber /// the machine /// TB-Ausbilder	Spammails werden aus Netzwerk verschickt Das zweite Log ist ein Scan nachdem er Cure gewählt hat? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

28.01.2014, 10:26	#26
schrauber /// the machine /// TB-Ausbilder	Spammails werden aus Netzwerk verschickt Zur Not dann jetzt Delete wählen und nochmal laufen lassen, dann bitte das Log posten. __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

30.01.2014, 16:49	#28
schrauber /// the machine /// TB-Ausbilder	Spammails werden aus Netzwerk verschickt Besser, frisches FRST log bitte. Noch probleme? __________________ gruß, schrauber *Proud Member of UNITE and ASAP since 2009* Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM!

Spammails werden aus Netzwerk verschickt

Log-Analyse und Auswertung: Spammails werden aus Netzwerk verschickt