| |
| |||||||
Log-Analyse und Auswertung: Win 7/ Rootkit lässt sich nicht entfernen.Windows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.07.2014, 00:14
| #1 |
| |  Win 7/ Rootkit lässt sich nicht entfernen. Hallo, bin echt am verzweifelt  habe warscheinlich ein ganz bösen Kernel Rootkit auf mein Rechner.Ich habe Windows schon mehrfach Neu Installiert, Festplatten Formatiert und immer wieder das selbe. Gruppen rechte für den Admin werden gesperrt usw. und komische Automatisch Installierte Datein im Windows verzeichnis. Das ganz ist mir aufgefallen, weil ich bei mein Provider ein Netblock bekommen habe. Ich habe schon zich Viren Tools und Root Scanner ausprobiert, ich kann das Infecte Betriebssystem einfach nicht mehr Normal Steuern und weiß zu dem nicht was mit mein Rechner angestellt wird, scheinbar schon ordentlich mist, sonst hätte ich durch mein Provider nicht ein Netblock. Ich hoffe mir kann hier jemand weiter helfen. Ich Poste mal die Logs. defogger - log Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 00:34 on 04/07/2014 (Neu)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:03-07-2014
Ran by Neu (administrator) on Neu-PC on 04-07-2014 00:36:18
Running from C:\Users\Neu\Desktop
Platform: Microsoft Windows 7 Enterprise (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(PortableApps.com) C:\Users\Neu\Desktop\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Neu\Desktop\FirefoxPortable\App\Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
(Telefónica I+D) C:\Program Files\o2\Mobile Connection Manager\EMMSN.exe
(Telefónica I+D) C:\Program Files\o2\Nori\Nori.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
() C:\Users\Neu\Desktop\Defogger.exe
==================== Registry (Whitelisted) ==================
==================== Internet (Whitelisted) ====================
Tcpip\..\Interfaces\{D748268F-6327-4697-*-*}: [NameServer]193.*.*.* 193.*.*.*
FireFox:
========
========================== Services (Whitelisted) =================
R2 TGCM_ImportWiFiSvc; C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe [199600 2010-11-11] (Telefónica I+D)
==================== Drivers (Whitelisted) ====================
S3 massfilter_hs; C:\Windows\System32\drivers\massfilter_hs.sys [9728 2009-02-03] (ZTE Incorporated)
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-04 01:18 - 2014-07-04 01:18 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-07-04 01:18 - 2009-07-14 03:38 - 00383562 __RSH () C:\bootmgr
2014-07-04 00:36 - 2014-07-04 00:36 - 00002100 _____ () C:\Users\Neu\Desktop\FRST.txt
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\FRST
2014-07-04 00:35 - 2014-07-04 00:35 - 01073664 _____ (Farbar) C:\Users\Neu\Desktop\FRST.exe
2014-07-04 00:34 - 2014-07-04 00:34 - 00050477 _____ () C:\Users\Neu\Desktop\Defogger.exe
2014-07-04 00:34 - 2014-07-04 00:34 - 00000468 _____ () C:\Users\Neu\Desktop\defogger_disable.log
2014-07-04 00:34 - 2014-07-04 00:34 - 00000000 _____ () C:\Users\Neu\defogger_reenable
2014-07-04 00:28 - 2014-07-04 00:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-07-04 00:27 - 2014-07-04 00:27 - 00002062 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ____D () C:\Windows\massfilter
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ____D () C:\Users\Neu\AppData\Roaming\Telefónica
2014-07-04 00:27 - 2010-02-22 18:25 - 00014336 _____ (ZTE) C:\Windows\system32\Drivers\ZTEusbccid.sys
2014-07-04 00:27 - 2010-02-22 17:39 - 00105856 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbser6k.sys
2014-07-04 00:27 - 2010-02-22 17:39 - 00105856 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmeaext2.sys
2014-07-04 00:27 - 2010-02-22 17:39 - 00105856 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnmea.sys
2014-07-04 00:27 - 2010-02-22 17:39 - 00105856 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbmdm6k.sys
2014-07-04 00:27 - 2010-02-10 17:50 - 00186368 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\ZTEusbnet.sys
2014-07-04 00:27 - 2009-12-28 15:52 - 00010240 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\massfilter.sys
2014-07-04 00:27 - 2009-02-03 16:56 - 00009728 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys
2014-07-04 00:26 - 2014-07-04 00:31 - 00004520 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Users\Neu\AppData\Roaming\Mozilla
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Users\Neu\AppData\Local\Mozilla
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Program Files\o2
2014-07-04 00:25 - 2014-07-04 00:25 - 00001413 _____ () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 00:25 - 2014-07-04 00:25 - 00000000 ____D () C:\Users\Neu\Desktop\FirefoxPortable
2014-07-04 00:24 - 2014-07-04 00:34 - 00000000 ____D () C:\Users\Neu
2014-07-04 00:24 - 2014-07-04 00:24 - 00000020 ___SH () C:\Users\Neu\ntuser.ini
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Netzwerkumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Druckumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 __SHD () C:\Recovery
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 ____D () C:\Users\Neu\AppData\Local\VirtualStore
2014-07-04 00:24 - 2009-07-14 06:42 - 00000000 ___RD () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-04 00:24 - 2009-07-14 06:37 - 00000000 ___RD () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-04 00:20 - 2014-07-04 00:20 - 00000000 _____ () C:\Windows\system32\atiicdxx.dat
2014-07-04 00:20 - 2014-07-04 00:20 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-07-04 00:19 - 2014-07-04 00:19 - 00000000 ____D () C:\Windows\CSC
==================== One Month Modified Files and Folders =======
2014-07-04 01:18 - 2014-07-04 01:18 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-07-04 01:18 - 2009-07-14 06:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-07-04 01:18 - 2009-07-14 06:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
2014-07-04 00:36 - 2014-07-04 00:36 - 00002100 _____ () C:\Users\Neu\Desktop\FRST.txt
2014-07-04 00:36 - 2014-07-04 00:36 - 00000000 ____D () C:\FRST
2014-07-04 00:35 - 2014-07-04 00:35 - 01073664 _____ (Farbar) C:\Users\Neu\Desktop\FRST.exe
2014-07-04 00:34 - 2014-07-04 00:34 - 00050477 _____ () C:\Users\Neu\Desktop\Defogger.exe
2014-07-04 00:34 - 2014-07-04 00:34 - 00000468 _____ () C:\Users\Neu\Desktop\defogger_disable.log
2014-07-04 00:34 - 2014-07-04 00:34 - 00000000 _____ () C:\Users\Neu\defogger_reenable
2014-07-04 00:34 - 2014-07-04 00:24 - 00000000 ____D () C:\Users\Neu
2014-07-04 00:31 - 2014-07-04 00:26 - 00004520 _____ () C:\Windows\WindowsUpdate.log
2014-07-04 00:28 - 2014-07-04 00:28 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-07-04 00:28 - 2010-09-14 20:52 - 01498506 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-04 00:28 - 2009-07-14 06:39 - 00022175 _____ () C:\Windows\setupact.log
2014-07-04 00:27 - 2014-07-04 00:27 - 00002062 _____ () C:\Users\Public\Desktop\Mobile Connection Manager.lnk
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ____D () C:\Windows\massfilter
2014-07-04 00:27 - 2014-07-04 00:27 - 00000000 ____D () C:\Users\Neu\AppData\Roaming\Telefónica
2014-07-04 00:27 - 2009-07-14 06:34 - 00009984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-04 00:27 - 2009-07-14 06:34 - 00009984 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Users\Neu\AppData\Roaming\Mozilla
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Users\Neu\AppData\Local\Mozilla
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\o2
2014-07-04 00:26 - 2014-07-04 00:26 - 00000000 ____D () C:\Program Files\o2
2014-07-04 00:26 - 2009-07-14 06:52 - 00000000 ____D () C:\Windows\system32\restore
2014-07-04 00:25 - 2014-07-04 00:25 - 00001413 _____ () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-04 00:25 - 2014-07-04 00:25 - 00000000 ____D () C:\Users\Neu\Desktop\FirefoxPortable
2014-07-04 00:24 - 2014-07-04 00:24 - 00000020 ___SH () C:\Users\Neu\ntuser.ini
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Netzwerkumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Druckumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Neu\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 __SHD () C:\Recovery
2014-07-04 00:24 - 2014-07-04 00:24 - 00000000 ____D () C:\Users\Neu\AppData\Local\VirtualStore
2014-07-04 00:24 - 2010-09-14 21:40 - 00000000 ____D () C:\Windows\Panther
2014-07-04 00:24 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-04 00:24 - 2009-07-14 04:37 - 00000000 __RHD () C:\Users\Default
2014-07-04 00:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-07-04 00:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\rescache
2014-07-04 00:24 - 2009-07-14 04:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-07-04 00:21 - 2010-09-14 20:42 - 00003540 _____ () C:\Windows\TSSysprep.log
2014-07-04 00:20 - 2014-07-04 00:20 - 00000000 _____ () C:\Windows\system32\atiicdxx.dat
2014-07-04 00:20 - 2014-07-04 00:20 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-07-04 00:19 - 2014-07-04 00:19 - 00000000 ____D () C:\Windows\CSC
2014-07-04 00:19 - 2009-07-14 06:34 - 00002790 _____ () C:\Windows\DtcInstall.log
Some content of TEMP:
====================
C:\Users\Neu\AppData\Local\Temp\card_setup.exe
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2010-09-14 20:41
==================== End Of Log ============================
Addition -log FRST Additions Logfile: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version:03-07-2014
Ran by Neu at 2014-07-04 00:36:54
Running from C:\Users\Neu\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319 - Microsoft Corporation) Hidden
Mobile Connection Manager (HKLM\...\o2DE) (Version: - Mobile Connection Manager)
ZTE USB Driver (HKLM\...\ZTE USB Driver) (Version: 1.0.1.25_TME - ZTE Corporation)
==================== Restore Points =========================
03-07-2014 22:26:51 Instalado ZTE Drivers v1.2059.0.11
==================== Hosts content: ==========================
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
==================== Loaded Modules (whitelisted) =============
2014-07-04 00:26 - 2014-07-04 00:26 - 00029696 _____ () C:\Users\Neu\AppData\Local\Temp\nsgCED4.tmp\registry.dll
2014-07-04 00:26 - 2014-07-04 00:26 - 00008704 _____ () C:\Users\Neu\AppData\Local\Temp\nsgCED4.tmp\newadvsplash.dll
2014-07-04 00:26 - 2014-07-04 00:26 - 00011264 _____ () C:\Users\Neu\AppData\Local\Temp\nsgCED4.tmp\System.dll
2014-06-06 06:38 - 2014-06-06 06:38 - 03852912 _____ () C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\mozjs.dll
2010-11-11 18:07 - 2010-11-11 18:07 - 00125304 _____ () C:\Program Files\o2\Mobile Connection Manager\AgendaLib.dll
2010-11-11 18:07 - 2010-11-11 18:07 - 00508760 _____ () C:\Program Files\o2\Mobile Connection Manager\sqlite3.dll
2009-07-13 23:03 - 2009-07-14 03:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll
2010-11-11 17:52 - 2010-11-11 17:52 - 00018864 _____ () C:\Program Files\o2\Mobile Connection Manager\langs\de_DE_md.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00201136 _____ () C:\Program Files\o2\Nori\legplgs\plgalc.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00191920 _____ () C:\Program Files\o2\Nori\legplgs\plgati.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00240048 _____ () C:\Program Files\o2\Nori\legplgs\plghwi.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00190384 _____ () C:\Program Files\o2\Nori\legplgs\plgice.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00293296 _____ () C:\Program Files\o2\Nori\legplgs\plgnvt.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00193968 _____ () C:\Program Files\o2\Nori\legplgs\plgopt.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00193456 _____ () C:\Program Files\o2\Nori\legplgs\plgser.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00342448 _____ () C:\Program Files\o2\Nori\legplgs\plgsie.dll
2010-11-11 18:00 - 2010-11-11 18:00 - 00192944 _____ () C:\Program Files\o2\Nori\legplgs\plgzte.dll
2014-07-04 00:34 - 2014-07-04 00:34 - 00050477 _____ () C:\Users\Neu\Desktop\Defogger.exe
==================== Alternate Data Streams (whitelisted) =========
==================== Safe Mode (whitelisted) ===================
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (07/04/2014 00:26:50 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volumeschattenkopie-Dienstfehler: Beim Abfragen nach der Schnittstelle "IVssWriterCallback" ist ein unerwarteter Fehler aufgetreten. hr = 0x80070005, Zugriff verweigert
.
Die Ursache hierfür ist oft eine falsche Sicherheitseinstellung im Schreib- oder Anfrageprozess.
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {aa6d7fea-93d2-4e09-bafe-e0cd4e11c089}
System errors:
=============
Error: (07/04/2014 00:28:38 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{D748268F-6327-4697-95C8-EEB9982DAA0B} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.
Error: (09/14/2010 09:22:28 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
Microsoft Office Sessions:
=========================
Error: (07/04/2014 00:26:50 AM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Zugriff verweigert
Vorgang:
Generatordaten werden gesammelt
Kontext:
Generatorklassen-ID: {e8132975-6f93-4464-a53e-1050253ae220}
Generatorname: System Writer
Generatorinstanz-ID: {aa6d7fea-93d2-4e09-bafe-e0cd4e11c089}
==================== Memory info ===========================
Percentage of memory in use: 47%
Total physical RAM: 1790.49 MB
Available physical RAM: 944.89 MB
Total Pagefile: 3580.98 MB
Available Pagefile: 2624.65 MB
Total Virtual: 2047.88 MB
Available Virtual: 1889.46 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:335.34 GB) (Free:325.52 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:335.34 GB) (Free:335.13 GB) NTFS
Drive e: (bie786910g) (CDROM) (Total:2.64 GB) (Free:0 GB) CDFS
Drive f: () (Removable) (Total:0.03 GB) (Free:0.03 GB) FAT
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 335 GB) (Disk ID: 6C96BF96)
Partition 1: (Not Active) - (Size=335 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 335 GB) (Disk ID: BD4F7A07)
Partition 1: (Active) - (Size=335 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (Size: 29 MB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================
gmer - log GMER Logfile: Code:
ATTFilter GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-07-04 00:51:25
Windows 6.1.7600 \Device\Harddisk1\DR1 -> \Device\Ide\IdeDeviceP0T1L0-7 ST3360320AS rev.3.AAM 335,35GB
Running: i97e8zep.exe; Driver: C:\Users\Neu\AppData\Local\Temp\uwldqpow.sys
---- Kernel code sections - GMER 2.1 ----
.text ntkrnlpa.exe!ZwSaveKeyEx + 13AD 82851599 1 Byte [06]
.text ntkrnlpa.exe!KiDispatchInterrupt + 5A2 82875F52 19 Bytes [E0, 0F, BA, F0, 07, 73, 09, ...] {LOOPNZ 0x11; MOV EDX, 0x97307f0; MOV CR4, EAX; OR AL, 0x80; MOV CR4, EAX; RET ; MOV ECX, CR3}
.text C:\Windows\system32\DRIVERS\atikmdag.sys section is writeable [0x8CA24000, 0x227A14, 0xE8000020]
---- User code sections - GMER 2.1 ----
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtCreateFile 77D94A30 5 Bytes JMP 6620B8D0 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtFlushBuffersFile 77D94DC0 5 Bytes JMP 66207B07 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtQueryFullAttributesFile 77D95450 5 Bytes JMP 66207820 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtReadFile 77D95720 5 Bytes JMP 66207A00 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtReadFileScatter 77D95730 5 Bytes JMP 66A5CCC0 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtWriteFile 77D95ED0 5 Bytes JMP 6620BFE0 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!NtWriteFileGather 77D95EE0 5 Bytes JMP 66A5CC6F C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] ntdll.dll!LdrLoadDll 77DAF625 5 Bytes JMP 69901EAE C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\mozglue.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] kernel32.dll!K32GetDeviceDriverBaseNameW + 16F 7691C0CF 7 Bytes JMP 66A29E65 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] kernel32.dll!CloseHandle + 38 7692060F 7 Bytes JMP 66A29E88 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] kernel32.dll!GetExitCodeProcess + 2C 7692315D 7 Bytes JMP 66208236 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] USER32.dll!GetWindowInfo 761B6A82 5 Bytes JMP 66937585 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
.text C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\firefox.exe[2664] GDI32.dll!GetViewportOrgEx + 21C 769B85EB 7 Bytes JMP 66A29DE6 C:\Users\Neu\Desktop\FirefoxPortable\App\firefox\xul.dll
---- Devices - GMER 2.1 ----
AttachedDevice \FileSystem\fastfat \Fat fltmgr.sys
---- Registry - GMER 2.1 ----
Reg HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Epoch2@Epoch 22
---- EOF - GMER 2.1 ----
Ich hoffe echt mir kann Hier jemand weiterhelfen und bin über jede Hilfe dankbar. Zur Info, dass Windows wurde gerade erst Neu Installiert. Gruß Geändert von mmkai (04.07.2014 um 00:19 Uhr) |
|
04.07.2014, 06:53
| #2 |
| /// the machine /// TB-Ausbilder    | Win 7/ Rootkit lässt sich nicht entfernen. hi,
__________________Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.07.2014, 14:31
| #3 |
| | Win 7/ Rootkit lässt sich nicht entfernen. Danke für die Hilfe
__________________ Hier sind beide Logs. mbar-log-2014-07-04 (15-00-51) Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1012
www.malwarebytes.org
Database version: v2014.07.04.03
Windows 7 x86 NTFS
Internet Explorer 8.0.7600.16385
Neu :: NEU-PC [administrator]
04.07.2014 15:00:51
mbar-log-2014-07-04 (15-00-51).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 247304
Time elapsed: 6 minute(s), 38 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
Code:
ATTFilter 15:14:47.0985 0x0c20 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
15:14:53.0086 0x0c20 ============================================================
15:14:53.0086 0x0c20 Current date / time: 2014/07/04 15:14:53.0086
15:14:53.0086 0x0c20 SystemInfo:
15:14:53.0086 0x0c20
15:14:53.0086 0x0c20 OS Version: 6.1.7600 ServicePack: 0.0
15:14:53.0086 0x0c20 Product type: Workstation
15:14:53.0086 0x0c20 ComputerName: NEU-PC
15:14:53.0086 0x0c20 UserName: Neu
15:14:53.0086 0x0c20 Windows directory: C:\Windows
15:14:53.0086 0x0c20 System windows directory: C:\Windows
15:14:53.0086 0x0c20 Processor architecture: Intel x86
15:14:53.0086 0x0c20 Number of processors: 2
15:14:53.0086 0x0c20 Page size: 0x1000
15:14:53.0086 0x0c20 Boot type: Normal boot
15:14:53.0086 0x0c20 ============================================================
15:14:53.0663 0x0c20 KLMD registered as C:\Windows\system32\drivers\70914623.sys
15:14:53.0960 0x0c20 System UUID: {7654DA80-D196-7A16-0043-B13344BD10FA}
15:14:54.0490 0x0c20 Drive \Device\Harddisk1\DR1 - Size: 0x53D67B6000 ( 335.35 Gb ), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:14:54.0506 0x0c20 Drive \Device\Harddisk0\DR0 - Size: 0x53D67B6000 ( 335.35 Gb ), SectorSize: 0x200, Cylinders: 0xAB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:14:54.0506 0x0c20 Drive \Device\Harddisk2\DR2 - Size: 0x1D30000 ( 0.03 Gb ), SectorSize: 0x200, Cylinders: 0x3, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
15:14:54.0506 0x0c20 ============================================================
15:14:54.0506 0x0c20 \Device\Harddisk1\DR1:
15:14:54.0521 0x0c20 MBR partitions:
15:14:54.0521 0x0c20 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x29EAEAC1
15:14:54.0521 0x0c20 \Device\Harddisk0\DR0:
15:14:54.0521 0x0c20 MBR partitions:
15:14:54.0521 0x0c20 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x29EAEAC1
15:14:54.0521 0x0c20 \Device\Harddisk2\DR2:
15:14:54.0521 0x0c20 MBR partitions:
15:14:54.0521 0x0c20 \Device\Harddisk2\DR2\Partition1: MBR, Type 0x4, StartLBA 0x81, BlocksNum 0xE8FF
15:14:54.0521 0x0c20 ============================================================
15:14:54.0537 0x0c20 C: <-> \Device\Harddisk1\DR1\Partition1
15:14:54.0553 0x0c20 D: <-> \Device\Harddisk0\DR0\Partition1
15:14:54.0553 0x0c20 ============================================================
15:14:54.0553 0x0c20 Initialize success
15:14:54.0553 0x0c20 ============================================================
15:15:00.0855 0x01e8 ============================================================
15:15:00.0855 0x01e8 Scan started
15:15:00.0855 0x01e8 Mode: Manual; SigCheck; TDLFS;
15:15:00.0855 0x01e8 ============================================================
15:15:00.0855 0x01e8 KSN ping started
15:15:16.0018 0x01e8 KSN ping finished: true
15:15:16.0393 0x01e8 ================ Scan system memory ========================
15:15:16.0393 0x01e8 System memory - ok
15:15:16.0393 0x01e8 ================ Scan services =============================
15:15:16.0673 0x01e8 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:15:16.0767 0x01e8 1394ohci - ok
15:15:16.0798 0x01e8 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:15:16.0814 0x01e8 ACPI - ok
15:15:16.0829 0x01e8 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:15:16.0845 0x01e8 AcpiPmi - ok
15:15:16.0876 0x01e8 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:15:16.0907 0x01e8 adp94xx - ok
15:15:16.0939 0x01e8 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:15:16.0970 0x01e8 adpahci - ok
15:15:16.0985 0x01e8 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:15:17.0001 0x01e8 adpu320 - ok
15:15:17.0032 0x01e8 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:15:17.0048 0x01e8 AeLookupSvc - ok
15:15:17.0095 0x01e8 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
15:15:17.0157 0x01e8 AFD - ok
15:15:17.0157 0x01e8 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:15:17.0173 0x01e8 agp440 - ok
15:15:17.0204 0x01e8 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:15:17.0219 0x01e8 aic78xx - ok
15:15:17.0266 0x01e8 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
15:15:17.0282 0x01e8 ALG - ok
15:15:17.0313 0x01e8 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:15:17.0313 0x01e8 aliide - ok
15:15:17.0344 0x01e8 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
15:15:17.0360 0x01e8 amdagp - ok
15:15:17.0360 0x01e8 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:15:17.0375 0x01e8 amdide - ok
15:15:17.0391 0x01e8 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:15:17.0407 0x01e8 AmdK8 - ok
15:15:17.0422 0x01e8 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:15:17.0438 0x01e8 AmdPPM - ok
15:15:17.0469 0x01e8 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:15:17.0485 0x01e8 amdsata - ok
15:15:17.0500 0x01e8 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:15:17.0531 0x01e8 amdsbs - ok
15:15:17.0531 0x01e8 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:15:17.0547 0x01e8 amdxata - ok
15:15:17.0563 0x01e8 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
15:15:17.0594 0x01e8 AppID - ok
15:15:17.0625 0x01e8 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:15:17.0672 0x01e8 AppIDSvc - ok
15:15:17.0672 0x01e8 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
15:15:17.0719 0x01e8 Appinfo - ok
15:15:17.0750 0x01e8 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:15:17.0765 0x01e8 AppMgmt - ok
15:15:17.0797 0x01e8 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:15:17.0812 0x01e8 arc - ok
15:15:17.0828 0x01e8 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:15:17.0843 0x01e8 arcsas - ok
15:15:17.0859 0x01e8 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:15:17.0890 0x01e8 AsyncMac - ok
15:15:17.0906 0x01e8 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:15:17.0921 0x01e8 atapi - ok
15:15:18.0124 0x01e8 [ 712D8A95E45B070114C5309ADA7358FF, 1F0285CFB9982637186531489743798511BA75B612B202231E9BC1CF5372C0BB ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
15:15:18.0311 0x01e8 atikmdag - ok
15:15:18.0374 0x01e8 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:15:18.0436 0x01e8 AudioEndpointBuilder - ok
15:15:18.0467 0x01e8 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:15:18.0530 0x01e8 Audiosrv - ok
15:15:18.0686 0x01e8 [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] AVP C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
15:15:18.0733 0x01e8 AVP - ok
15:15:18.0764 0x01e8 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:15:18.0779 0x01e8 AxInstSV - ok
15:15:18.0826 0x01e8 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:15:18.0857 0x01e8 b06bdrv - ok
15:15:18.0889 0x01e8 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:15:18.0920 0x01e8 b57nd60x - ok
15:15:18.0951 0x01e8 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
15:15:18.0967 0x01e8 BDESVC - ok
15:15:18.0982 0x01e8 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
15:15:19.0029 0x01e8 Beep - ok
15:15:19.0076 0x01e8 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
15:15:19.0138 0x01e8 BFE - ok
15:15:19.0169 0x01e8 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\system32\qmgr.dll
15:15:19.0247 0x01e8 BITS - ok
15:15:19.0263 0x01e8 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:15:19.0279 0x01e8 blbdrive - ok
15:15:19.0310 0x01e8 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:15:19.0341 0x01e8 bowser - ok
15:15:19.0357 0x01e8 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:15:19.0372 0x01e8 BrFiltLo - ok
15:15:19.0388 0x01e8 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:15:19.0403 0x01e8 BrFiltUp - ok
15:15:19.0419 0x01e8 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
15:15:19.0466 0x01e8 BridgeMP - ok
15:15:19.0497 0x01e8 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
15:15:19.0528 0x01e8 Browser - ok
15:15:19.0559 0x01e8 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:15:19.0591 0x01e8 Brserid - ok
15:15:19.0606 0x01e8 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:15:19.0637 0x01e8 BrSerWdm - ok
15:15:19.0637 0x01e8 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:15:19.0669 0x01e8 BrUsbMdm - ok
15:15:19.0669 0x01e8 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:15:19.0684 0x01e8 BrUsbSer - ok
15:15:19.0700 0x01e8 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:15:19.0731 0x01e8 BTHMODEM - ok
15:15:19.0762 0x01e8 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
15:15:19.0793 0x01e8 bthserv - ok
15:15:19.0903 0x01e8 catchme - ok
15:15:19.0949 0x01e8 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:15:19.0996 0x01e8 cdfs - ok
15:15:20.0027 0x01e8 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:15:20.0059 0x01e8 cdrom - ok
15:15:20.0090 0x01e8 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
15:15:20.0137 0x01e8 CertPropSvc - ok
15:15:20.0168 0x01e8 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:15:20.0183 0x01e8 circlass - ok
15:15:20.0215 0x01e8 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
15:15:20.0230 0x01e8 CLFS - ok
15:15:20.0339 0x01e8 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:15:20.0355 0x01e8 clr_optimization_v2.0.50727_32 - ok
15:15:20.0449 0x01e8 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:15:20.0480 0x01e8 clr_optimization_v4.0.30319_32 - ok
15:15:20.0495 0x01e8 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:15:20.0511 0x01e8 CmBatt - ok
15:15:20.0527 0x01e8 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:15:20.0542 0x01e8 cmdide - ok
15:15:20.0558 0x01e8 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
15:15:20.0605 0x01e8 CNG - ok
15:15:20.0620 0x01e8 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:15:20.0636 0x01e8 Compbatt - ok
15:15:20.0651 0x01e8 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:15:20.0667 0x01e8 CompositeBus - ok
15:15:20.0698 0x01e8 COMSysApp - ok
15:15:20.0714 0x01e8 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:15:20.0729 0x01e8 crcdisk - ok
15:15:20.0761 0x01e8 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:15:20.0807 0x01e8 CryptSvc - ok
15:15:20.0839 0x01e8 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
15:15:20.0870 0x01e8 CSC - ok
15:15:20.0901 0x01e8 [ 64D579F38C5FADFB05182B34808469E1, 05A0184FA896A6BC9B53F70FC7DDDDEA0A29C5C9E63A49CA05624B53E7DEE956 ] CSCrySec C:\Windows\system32\DRIVERS\CSCrySec.sys
15:15:20.0917 0x01e8 CSCrySec - ok
15:15:20.0963 0x01e8 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
15:15:21.0010 0x01e8 CscService - ok
15:15:21.0104 0x01e8 [ 0B7E221689F370C87F640C6D2EED7D3F, 2EBA565DAC2DC7182C43174BAAA373610C7083B57279CAD5EA5765E25EA27BCF ] CSObjectsSrv C:\Program Files\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe
15:15:21.0135 0x01e8 CSObjectsSrv - ok
15:15:21.0182 0x01e8 [ 4CEDBC3811E655567D99D3123804647B, FEFFF908219C6036F362898D5613296D672D721DCCF327B92D96C0CB0D33AF04 ] CSVirtualDiskDrv C:\Windows\system32\DRIVERS\CSVirtualDiskDrv.sys
15:15:21.0182 0x01e8 CSVirtualDiskDrv - ok
15:15:21.0229 0x01e8 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
15:15:21.0275 0x01e8 DcomLaunch - ok
15:15:21.0322 0x01e8 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
15:15:21.0369 0x01e8 defragsvc - ok
15:15:21.0400 0x01e8 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:15:21.0431 0x01e8 DfsC - ok
15:15:21.0478 0x01e8 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:15:21.0525 0x01e8 Dhcp - ok
15:15:21.0541 0x01e8 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
15:15:21.0572 0x01e8 discache - ok
15:15:21.0603 0x01e8 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:15:21.0619 0x01e8 Disk - ok
15:15:21.0650 0x01e8 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:15:21.0697 0x01e8 Dnscache - ok
15:15:21.0712 0x01e8 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
15:15:21.0759 0x01e8 dot3svc - ok
15:15:21.0790 0x01e8 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
15:15:21.0837 0x01e8 DPS - ok
15:15:21.0868 0x01e8 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:15:21.0899 0x01e8 drmkaud - ok
15:15:21.0946 0x01e8 [ 8B6C3464D7FAC176500061DBFFF42AD4, 79B6F605C0716602B0C7C1C2682A06DDE43F400B351E4FB4248068CF69A6BE2D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:15:21.0993 0x01e8 DXGKrnl - ok
15:15:22.0024 0x01e8 [ 22EF8965101685ADD128F03A2B03CE16, 677F7B32C7A45C26F2F0DB67FFB526E9742E4B3A8BEAEA7B814CBCA2F56D6D5A ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
15:15:22.0055 0x01e8 E1G60 - ok
15:15:22.0071 0x01e8 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
15:15:22.0118 0x01e8 EapHost - ok
15:15:22.0274 0x01e8 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:15:22.0477 0x01e8 ebdrv - ok
15:15:22.0508 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
15:15:22.0539 0x01e8 EFS - ok
15:15:22.0617 0x01e8 [ 0F1A73C91CFA379F307F86E38C8C41AB, 9C8F087BFF14A965C4A7581F8077C58A1A6DE7DF4DB3D58616F7201065E4E211 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:15:22.0664 0x01e8 ehRecvr - ok
15:15:22.0679 0x01e8 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
15:15:22.0695 0x01e8 ehSched - ok
15:15:22.0757 0x01e8 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:15:22.0789 0x01e8 elxstor - ok
15:15:22.0789 0x01e8 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:15:22.0835 0x01e8 ErrDev - ok
15:15:22.0867 0x01e8 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
15:15:22.0929 0x01e8 EventSystem - ok
15:15:22.0945 0x01e8 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
15:15:22.0991 0x01e8 exfat - ok
15:15:23.0007 0x01e8 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:15:23.0054 0x01e8 fastfat - ok
15:15:23.0101 0x01e8 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
15:15:23.0147 0x01e8 Fax - ok
15:15:23.0179 0x01e8 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:15:23.0194 0x01e8 fdc - ok
15:15:23.0210 0x01e8 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
15:15:23.0241 0x01e8 fdPHost - ok
15:15:23.0257 0x01e8 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
15:15:23.0288 0x01e8 FDResPub - ok
15:15:23.0319 0x01e8 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:15:23.0335 0x01e8 FileInfo - ok
15:15:23.0350 0x01e8 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:15:23.0381 0x01e8 Filetrace - ok
15:15:23.0397 0x01e8 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:15:23.0413 0x01e8 flpydisk - ok
15:15:23.0428 0x01e8 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:15:23.0459 0x01e8 FltMgr - ok
15:15:23.0522 0x01e8 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
15:15:23.0600 0x01e8 FontCache - ok
15:15:23.0647 0x01e8 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:15:23.0678 0x01e8 FontCache3.0.0.0 - ok
15:15:23.0693 0x01e8 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:15:23.0709 0x01e8 FsDepends - ok
15:15:23.0725 0x01e8 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:15:23.0740 0x01e8 Fs_Rec - ok
15:15:23.0756 0x01e8 [ DAFBD9FE39197495AED6D51F3B85B5D2, 41FDBF786DF833D42CC20A326BA49417AAF100BE230E432EDF825182E1A55250 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:15:23.0803 0x01e8 fvevol - ok
15:15:23.0818 0x01e8 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:15:23.0834 0x01e8 gagp30kx - ok
15:15:23.0881 0x01e8 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
15:15:23.0943 0x01e8 gpsvc - ok
15:15:23.0974 0x01e8 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:15:24.0005 0x01e8 hcw85cir - ok
15:15:24.0037 0x01e8 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:15:24.0068 0x01e8 HdAudAddService - ok
15:15:24.0099 0x01e8 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:15:24.0130 0x01e8 HDAudBus - ok
15:15:24.0130 0x01e8 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:15:24.0161 0x01e8 HidBatt - ok
15:15:24.0161 0x01e8 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:15:24.0208 0x01e8 HidBth - ok
15:15:24.0224 0x01e8 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:15:24.0239 0x01e8 HidIr - ok
15:15:24.0255 0x01e8 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
15:15:24.0302 0x01e8 hidserv - ok
15:15:24.0317 0x01e8 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:15:24.0349 0x01e8 HidUsb - ok
15:15:24.0364 0x01e8 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:15:24.0411 0x01e8 hkmsvc - ok
15:15:24.0442 0x01e8 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:15:24.0489 0x01e8 HomeGroupListener - ok
15:15:24.0520 0x01e8 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:15:24.0536 0x01e8 HomeGroupProvider - ok
15:15:24.0567 0x01e8 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:15:24.0583 0x01e8 HpSAMD - ok
15:15:24.0614 0x01e8 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:15:24.0676 0x01e8 HTTP - ok
15:15:24.0676 0x01e8 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:15:24.0692 0x01e8 hwpolicy - ok
15:15:24.0707 0x01e8 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:15:24.0723 0x01e8 i8042prt - ok
15:15:24.0754 0x01e8 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:15:24.0785 0x01e8 iaStorV - ok
15:15:24.0848 0x01e8 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:15:24.0910 0x01e8 idsvc - ok
15:15:24.0941 0x01e8 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:15:24.0957 0x01e8 iirsp - ok
15:15:25.0019 0x01e8 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
15:15:25.0097 0x01e8 IKEEXT - ok
15:15:25.0113 0x01e8 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:15:25.0129 0x01e8 intelide - ok
15:15:25.0160 0x01e8 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:15:25.0175 0x01e8 intelppm - ok
15:15:25.0191 0x01e8 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:15:25.0238 0x01e8 IPBusEnum - ok
15:15:25.0253 0x01e8 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:15:25.0285 0x01e8 IpFilterDriver - ok
15:15:25.0331 0x01e8 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:15:25.0394 0x01e8 iphlpsvc - ok
15:15:25.0409 0x01e8 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:15:25.0441 0x01e8 IPMIDRV - ok
15:15:25.0456 0x01e8 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:15:25.0487 0x01e8 IPNAT - ok
15:15:25.0519 0x01e8 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:15:25.0534 0x01e8 IRENUM - ok
15:15:25.0550 0x01e8 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:15:25.0565 0x01e8 isapnp - ok
15:15:25.0597 0x01e8 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:15:25.0612 0x01e8 iScsiPrt - ok
15:15:25.0628 0x01e8 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:15:25.0643 0x01e8 kbdclass - ok
15:15:25.0659 0x01e8 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:15:25.0675 0x01e8 kbdhid - ok
15:15:25.0706 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
15:15:25.0721 0x01e8 KeyIso - ok
15:15:25.0753 0x01e8 [ 2AD446E7A867C48099227415DD66FB34, 7A5C80C19B870EC2AAB448949758972AD1AE2FD7C158ECF4E17DE54A5982B58A ] kl1 C:\Windows\system32\DRIVERS\kl1.sys
15:15:25.0768 0x01e8 kl1 - ok
15:15:25.0831 0x01e8 [ 8C547EB6709BF41E0625EFCDF13C63CE, ECD36806745748D110964C8D332D5FED235C5423885A6E33C733568AEC15FD80 ] KLIF C:\Windows\system32\DRIVERS\klif.sys
15:15:25.0862 0x01e8 KLIF - ok
15:15:25.0893 0x01e8 [ AF127FE7DD5ED2BBC9049FD8A00DEFC2, E4DB86FDCAA9C7875E68457776C7E7014282405C3D35FFC1FA06E3D8706E9D67 ] KLIM6 C:\Windows\system32\DRIVERS\klim6.sys
15:15:25.0909 0x01e8 KLIM6 - ok
15:15:25.0940 0x01e8 [ 249A266AF74ADE44AE8424E78D145E09, 2D83543DFD9E3C1060E231D776E1755E2041CFD0245139C2041D560956165C0E ] klkbdflt C:\Windows\system32\DRIVERS\klkbdflt.sys
15:15:25.0940 0x01e8 klkbdflt - ok
15:15:25.0955 0x01e8 [ 035724BA6D5676B76FD3AFB66AB4F1E3, 81B30112B96DD3E7250420EEFF2ACECD424A2BE155E83C44434321CEA7DBE117 ] klmouflt C:\Windows\system32\DRIVERS\klmouflt.sys
15:15:25.0971 0x01e8 klmouflt - ok
15:15:25.0987 0x01e8 [ 8FD802F86D4AB3FB329B8E51517BFF2A, 321750DC0C664FE5580C855D7B70AC74753DDD881F0C4482A2B4505BB2D88345 ] kltdi C:\Windows\system32\DRIVERS\kltdi.sys
15:15:26.0002 0x01e8 kltdi - ok
15:15:26.0033 0x01e8 [ 8F932DF10408BCABA2FCF6163C843F8E, 26BB4E2A2562CF6C687EC9F61C7B3C80992C1D57C47BBAEA8ED2AB6643A91C0E ] kneps C:\Windows\system32\DRIVERS\kneps.sys
15:15:26.0065 0x01e8 kneps - ok
15:15:26.0080 0x01e8 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:15:26.0096 0x01e8 KSecDD - ok
15:15:26.0111 0x01e8 [ 365C6154BBBC5377173F1CA7BFB6CC59, 6AECB6BB7E2EE0454C5E9C6A2926A6BF405E01A4197E660F9B7DA716AFFF2286 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:15:26.0143 0x01e8 KSecPkg - ok
15:15:26.0236 0x01e8 [ 6EFBC82722D0F7B35283993189ECE9D0, C992072A3248C35C5C46E0CCD463C60C6376E7E17AA67BAFF8260C200DC47900 ] KSS C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
15:15:26.0252 0x01e8 KSS - ok
15:15:26.0299 0x01e8 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:15:26.0361 0x01e8 KtmRm - ok
15:15:26.0392 0x01e8 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\System32\srvsvc.dll
15:15:26.0439 0x01e8 LanmanServer - ok
15:15:26.0455 0x01e8 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:15:26.0501 0x01e8 LanmanWorkstation - ok
15:15:26.0548 0x01e8 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:15:26.0579 0x01e8 lltdio - ok
15:15:26.0611 0x01e8 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:15:26.0657 0x01e8 lltdsvc - ok
15:15:26.0673 0x01e8 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:15:26.0704 0x01e8 lmhosts - ok
15:15:26.0735 0x01e8 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:15:26.0751 0x01e8 LSI_FC - ok
15:15:26.0767 0x01e8 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:15:26.0782 0x01e8 LSI_SAS - ok
15:15:26.0798 0x01e8 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:15:26.0813 0x01e8 LSI_SAS2 - ok
15:15:26.0829 0x01e8 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:15:26.0845 0x01e8 LSI_SCSI - ok
15:15:26.0860 0x01e8 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
15:15:26.0907 0x01e8 luafv - ok
15:15:26.0938 0x01e8 [ D5673785903639D186DC345FF86F423F, 3F9BC9A7C9BA3011268C74C909D86EA55F71DA8E29D933E523D176285463FDD0 ] massfilter C:\Windows\system32\drivers\massfilter.sys
15:15:26.0954 0x01e8 massfilter - ok
15:15:26.0969 0x01e8 [ 38BFA8FA6D838CBAB58A1C2B49EBF96B, DC3DE8BD62BB9EA8DC35FB3F5623A8B06EC51DFC197278DBF19D773A9537B951 ] massfilter_hs C:\Windows\system32\drivers\massfilter_hs.sys
15:15:26.0985 0x01e8 massfilter_hs - ok
15:15:27.0001 0x01e8 [ 8683C1B450F4B3872839308D836E0F92, C6CEEEA780D2191AEAC2537FD96324FF5501D92CE46313FB95ABB51765D919ED ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
15:15:27.0016 0x01e8 MBAMProtector - ok
15:15:27.0141 0x01e8 [ D84AEA3F3329D622DFC1297DDDF6163B, 316FE56CC30ED1473A917253F46B79EAA12F4ABD5B4B1ADB03929DFEE940F577 ] MBAMScheduler C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe
15:15:27.0235 0x01e8 MBAMScheduler - ok
15:15:27.0313 0x01e8 [ 4F45ED469906494F9BF754E476390DBD, D8FF6AFD73D8C191F5732DF9737E6F83B2B52B06A3A6CD4CC6EAC9464CBB2772 ] MBAMService C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe
15:15:27.0359 0x01e8 MBAMService - ok
15:15:27.0391 0x01e8 [ BD27D97297934FD4217A37FD28A7ABC7, 446F3D6D278A4B3B79B331AA325632FD038952E5E910FC927894E9171A623794 ] MBAMWebAccessControl C:\Windows\system32\drivers\mwac.sys
15:15:27.0391 0x01e8 MBAMWebAccessControl - ok
15:15:27.0422 0x01e8 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:15:27.0453 0x01e8 Mcx2Svc - ok
15:15:27.0469 0x01e8 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:15:27.0484 0x01e8 megasas - ok
15:15:27.0515 0x01e8 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:15:27.0531 0x01e8 MegaSR - ok
15:15:27.0562 0x01e8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
15:15:27.0593 0x01e8 MMCSS - ok
15:15:27.0609 0x01e8 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
15:15:27.0656 0x01e8 Modem - ok
15:15:27.0671 0x01e8 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:15:27.0687 0x01e8 monitor - ok
15:15:27.0703 0x01e8 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:15:27.0718 0x01e8 mouclass - ok
15:15:27.0734 0x01e8 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:15:27.0765 0x01e8 mouhid - ok
15:15:27.0765 0x01e8 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:15:27.0781 0x01e8 mountmgr - ok
15:15:27.0796 0x01e8 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:15:27.0827 0x01e8 mpio - ok
15:15:27.0843 0x01e8 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:15:27.0921 0x01e8 mpsdrv - ok
15:15:27.0968 0x01e8 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:15:28.0030 0x01e8 MpsSvc - ok
15:15:28.0046 0x01e8 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:15:28.0093 0x01e8 MRxDAV - ok
15:15:28.0108 0x01e8 [ F1B6AA08497EA86CA6EF6F7A08B0BFB8, DB540DD637BAF0BEFA3ACC6F915CCA276DB2B8A5E0E3BEDF27CBB4EB4E0B752E ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:15:28.0124 0x01e8 mrxsmb - ok
15:15:28.0155 0x01e8 [ 5613358B4050F46F5A9832DA8050D6E4, 32290D8984C5B10DE60D32FF4D1A27CC717D304C439A2B05567E74B0AB8B708A ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:15:28.0171 0x01e8 mrxsmb10 - ok
15:15:28.0186 0x01e8 [ 25C9792778D80FEB4C8201E62281BFDF, 12392B5A3758E1FE83E8DDE47A113F0A1447262BC1C2FC99B2D005DD7CF0AED4 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:15:28.0217 0x01e8 mrxsmb20 - ok
15:15:28.0233 0x01e8 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:15:28.0249 0x01e8 msahci - ok
15:15:28.0264 0x01e8 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:15:28.0280 0x01e8 msdsm - ok
15:15:28.0311 0x01e8 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
15:15:28.0327 0x01e8 MSDTC - ok
15:15:28.0342 0x01e8 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:15:28.0389 0x01e8 Msfs - ok
15:15:28.0405 0x01e8 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:15:28.0436 0x01e8 mshidkmdf - ok
15:15:28.0451 0x01e8 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:15:28.0467 0x01e8 msisadrv - ok
15:15:28.0498 0x01e8 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:15:28.0529 0x01e8 MSiSCSI - ok
15:15:28.0545 0x01e8 msiserver - ok
15:15:28.0561 0x01e8 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:15:28.0607 0x01e8 MSKSSRV - ok
15:15:28.0623 0x01e8 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:15:28.0654 0x01e8 MSPCLOCK - ok
15:15:28.0670 0x01e8 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:15:28.0701 0x01e8 MSPQM - ok
15:15:28.0717 0x01e8 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:15:28.0748 0x01e8 MsRPC - ok
15:15:28.0763 0x01e8 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:15:28.0779 0x01e8 mssmbios - ok
15:15:28.0795 0x01e8 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:15:28.0826 0x01e8 MSTEE - ok
15:15:28.0857 0x01e8 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:15:28.0873 0x01e8 MTConfig - ok
15:15:28.0873 0x01e8 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
15:15:28.0904 0x01e8 Mup - ok
15:15:28.0935 0x01e8 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
15:15:29.0013 0x01e8 napagent - ok
15:15:29.0060 0x01e8 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:15:29.0091 0x01e8 NativeWifiP - ok
15:15:29.0122 0x01e8 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:15:29.0153 0x01e8 NDIS - ok
15:15:29.0185 0x01e8 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:15:29.0216 0x01e8 NdisCap - ok
15:15:29.0231 0x01e8 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:15:29.0278 0x01e8 NdisTapi - ok
15:15:29.0294 0x01e8 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:15:29.0341 0x01e8 Ndisuio - ok
15:15:29.0341 0x01e8 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:15:29.0387 0x01e8 NdisWan - ok
15:15:29.0403 0x01e8 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:15:29.0434 0x01e8 NDProxy - ok
15:15:29.0450 0x01e8 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:15:29.0481 0x01e8 NetBIOS - ok
15:15:29.0497 0x01e8 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:15:29.0559 0x01e8 NetBT - ok
15:15:29.0575 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
15:15:29.0590 0x01e8 Netlogon - ok
15:15:29.0637 0x01e8 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
15:15:29.0699 0x01e8 Netman - ok
15:15:29.0715 0x01e8 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
15:15:29.0777 0x01e8 netprofm - ok
15:15:29.0809 0x01e8 [ FE2AA5A684B0DD9B1FAE57B7817C198B, 59137B15AD038C31BEB909EC11019E08C072DD7EE611B9618B7523880453BD4F ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:15:29.0824 0x01e8 NetTcpPortSharing - ok
15:15:29.0855 0x01e8 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:15:29.0871 0x01e8 nfrd960 - ok
15:15:29.0902 0x01e8 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:15:29.0965 0x01e8 NlaSvc - ok
15:15:29.0980 0x01e8 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:15:30.0011 0x01e8 Npfs - ok
15:15:30.0027 0x01e8 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
15:15:30.0074 0x01e8 nsi - ok
15:15:30.0089 0x01e8 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:15:30.0121 0x01e8 nsiproxy - ok
15:15:30.0183 0x01e8 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:15:30.0245 0x01e8 Ntfs - ok
15:15:30.0245 0x01e8 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
15:15:30.0292 0x01e8 Null - ok
15:15:30.0308 0x01e8 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:15:30.0323 0x01e8 nvraid - ok
15:15:30.0339 0x01e8 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:15:30.0370 0x01e8 nvstor - ok
15:15:30.0370 0x01e8 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:15:30.0401 0x01e8 nv_agp - ok
15:15:30.0417 0x01e8 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:15:30.0433 0x01e8 ohci1394 - ok
15:15:30.0464 0x01e8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:15:30.0511 0x01e8 p2pimsvc - ok
15:15:30.0542 0x01e8 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
15:15:30.0573 0x01e8 p2psvc - ok
15:15:30.0604 0x01e8 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:15:30.0635 0x01e8 Parport - ok
15:15:30.0635 0x01e8 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:15:30.0651 0x01e8 partmgr - ok
15:15:30.0667 0x01e8 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:15:30.0682 0x01e8 Parvdm - ok
15:15:30.0713 0x01e8 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:15:30.0745 0x01e8 PcaSvc - ok
15:15:30.0776 0x01e8 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
15:15:30.0791 0x01e8 pci - ok
15:15:30.0807 0x01e8 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:15:30.0823 0x01e8 pciide - ok
15:15:30.0838 0x01e8 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:15:30.0869 0x01e8 pcmcia - ok
15:15:30.0869 0x01e8 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
15:15:30.0885 0x01e8 pcw - ok
15:15:30.0932 0x01e8 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:15:30.0979 0x01e8 PEAUTH - ok
15:15:31.0057 0x01e8 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:15:31.0135 0x01e8 PeerDistSvc - ok
15:15:31.0244 0x01e8 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
15:15:31.0369 0x01e8 pla - ok
15:15:31.0415 0x01e8 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:15:31.0478 0x01e8 PlugPlay - ok
15:15:31.0509 0x01e8 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:15:31.0525 0x01e8 PNRPAutoReg - ok
15:15:31.0540 0x01e8 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:15:31.0571 0x01e8 PNRPsvc - ok
15:15:31.0618 0x01e8 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:15:31.0681 0x01e8 PolicyAgent - ok
15:15:31.0712 0x01e8 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
15:15:31.0759 0x01e8 Power - ok
15:15:31.0790 0x01e8 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:15:31.0821 0x01e8 PptpMiniport - ok
15:15:31.0837 0x01e8 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:15:31.0868 0x01e8 Processor - ok
15:15:31.0899 0x01e8 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
15:15:31.0946 0x01e8 ProfSvc - ok
15:15:31.0961 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:15:31.0977 0x01e8 ProtectedStorage - ok
15:15:32.0008 0x01e8 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:15:32.0039 0x01e8 Psched - ok
15:15:32.0133 0x01e8 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:15:32.0211 0x01e8 ql2300 - ok
15:15:32.0227 0x01e8 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:15:32.0242 0x01e8 ql40xx - ok
15:15:32.0289 0x01e8 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
15:15:32.0320 0x01e8 QWAVE - ok
15:15:32.0320 0x01e8 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:15:32.0351 0x01e8 QWAVEdrv - ok
15:15:32.0367 0x01e8 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:15:32.0414 0x01e8 RasAcd - ok
15:15:32.0445 0x01e8 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:15:32.0476 0x01e8 RasAgileVpn - ok
15:15:32.0507 0x01e8 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
15:15:32.0554 0x01e8 RasAuto - ok
15:15:32.0554 0x01e8 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:15:32.0601 0x01e8 Rasl2tp - ok
15:15:32.0648 0x01e8 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
15:15:32.0695 0x01e8 RasMan - ok
15:15:32.0726 0x01e8 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:15:32.0757 0x01e8 RasPppoe - ok
15:15:32.0788 0x01e8 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:15:32.0819 0x01e8 RasSstp - ok
15:15:32.0835 0x01e8 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:15:32.0882 0x01e8 rdbss - ok
15:15:32.0897 0x01e8 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:15:32.0913 0x01e8 rdpbus - ok
15:15:32.0929 0x01e8 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:15:32.0975 0x01e8 RDPCDD - ok
15:15:32.0991 0x01e8 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:15:33.0007 0x01e8 RDPDR - ok
15:15:33.0022 0x01e8 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:15:33.0069 0x01e8 RDPENCDD - ok
15:15:33.0100 0x01e8 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:15:33.0178 0x01e8 RDPREFMP - ok
15:15:33.0194 0x01e8 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:15:33.0241 0x01e8 RDPWD - ok
15:15:33.0256 0x01e8 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:15:33.0287 0x01e8 rdyboost - ok
15:15:33.0303 0x01e8 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:15:33.0350 0x01e8 RemoteAccess - ok
15:15:33.0381 0x01e8 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:15:33.0428 0x01e8 RemoteRegistry - ok
15:15:33.0443 0x01e8 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:15:33.0490 0x01e8 RpcEptMapper - ok
15:15:33.0521 0x01e8 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
15:15:33.0537 0x01e8 RpcLocator - ok
15:15:33.0553 0x01e8 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
15:15:33.0615 0x01e8 RpcSs - ok
15:15:33.0646 0x01e8 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:15:33.0693 0x01e8 rspndr - ok
15:15:33.0709 0x01e8 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:15:33.0724 0x01e8 s3cap - ok
15:15:33.0740 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
15:15:33.0755 0x01e8 SamSs - ok
15:15:33.0787 0x01e8 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:15:33.0802 0x01e8 sbp2port - ok
15:15:33.0833 0x01e8 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:15:33.0880 0x01e8 SCardSvr - ok
15:15:33.0880 0x01e8 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:15:33.0927 0x01e8 scfilter - ok
15:15:33.0989 0x01e8 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
15:15:34.0083 0x01e8 Schedule - ok
15:15:34.0099 0x01e8 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:15:34.0145 0x01e8 SCPolicySvc - ok
15:15:34.0161 0x01e8 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:15:34.0208 0x01e8 SDRSVC - ok
15:15:34.0223 0x01e8 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:15:34.0270 0x01e8 secdrv - ok
15:15:34.0286 0x01e8 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
15:15:34.0317 0x01e8 seclogon - ok
15:15:34.0333 0x01e8 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
15:15:34.0379 0x01e8 SENS - ok
15:15:34.0395 0x01e8 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:15:34.0411 0x01e8 SensrSvc - ok
15:15:34.0426 0x01e8 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:15:34.0457 0x01e8 Serenum - ok
15:15:34.0473 0x01e8 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:15:34.0489 0x01e8 Serial - ok
15:15:34.0504 0x01e8 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:15:34.0520 0x01e8 sermouse - ok
15:15:34.0567 0x01e8 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
15:15:34.0613 0x01e8 SessionEnv - ok
15:15:34.0629 0x01e8 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:15:34.0645 0x01e8 sffdisk - ok
15:15:34.0660 0x01e8 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:15:34.0676 0x01e8 sffp_mmc - ok
15:15:34.0676 0x01e8 [ A0708BBD07D245C06FF9DE549CA47185, 6A95ACD63A3E7CE6065D0A8B5C182C5B3F4540B8345AB5DCCBD3AC77E9D6CEAC ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:15:34.0707 0x01e8 sffp_sd - ok
15:15:34.0707 0x01e8 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:15:34.0723 0x01e8 sfloppy - ok
15:15:34.0769 0x01e8 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:15:34.0832 0x01e8 SharedAccess - ok
15:15:34.0863 0x01e8 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:15:34.0910 0x01e8 ShellHWDetection - ok
15:15:34.0941 0x01e8 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
15:15:34.0957 0x01e8 sisagp - ok
15:15:34.0972 0x01e8 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:15:34.0988 0x01e8 SiSRaid2 - ok
15:15:34.0988 0x01e8 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:15:35.0019 0x01e8 SiSRaid4 - ok
15:15:35.0035 0x01e8 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:15:35.0081 0x01e8 Smb - ok
15:15:35.0128 0x01e8 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:15:35.0144 0x01e8 SNMPTRAP - ok
15:15:35.0175 0x01e8 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
15:15:35.0191 0x01e8 spldr - ok
15:15:35.0222 0x01e8 [ D1BB750EB51694DE183E08B9C33BE5B2, 07B3A7EF51957615B6B8793F610BCC73EA0524B379B5CE457928CE2E021D0C06 ] Spooler C:\Windows\System32\spoolsv.exe
15:15:35.0253 0x01e8 Spooler - ok
15:15:35.0425 0x01e8 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
15:15:35.0612 0x01e8 sppsvc - ok
15:15:35.0643 0x01e8 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:15:35.0690 0x01e8 sppuinotify - ok
15:15:35.0737 0x01e8 [ DD0DD124D95390FDFFA7FB6283923ED4, 041297E1959E51EE2E2BBF42F9E81C49DF4D585DA3CB0B6BAE921BB706CB6036 ] srv C:\Windows\system32\DRIVERS\srv.sys
15:15:35.0768 0x01e8 srv - ok
15:15:35.0783 0x01e8 [ 59EF6D9C690E89D51B0692CCB13A06FC, 77C85E234C9C448FBCC9A0B312A1A77705DCE640D95CF30A07C510A9DE7B956D ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:15:35.0815 0x01e8 srv2 - ok
15:15:35.0830 0x01e8 [ 08F28676802B58138E48A2B40CAF6204, 68DB92149FA77AF3E25BB49C26265EADC9D00C4629113B6A1D6CD5CC54458439 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:15:35.0861 0x01e8 srvnet - ok
15:15:35.0893 0x01e8 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:15:35.0939 0x01e8 SSDPSRV - ok
15:15:35.0955 0x01e8 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:15:36.0002 0x01e8 SstpSvc - ok
15:15:36.0033 0x01e8 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:15:36.0049 0x01e8 stexstor - ok
15:15:36.0095 0x01e8 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
15:15:36.0142 0x01e8 StiSvc - ok
15:15:36.0158 0x01e8 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:15:36.0173 0x01e8 storflt - ok
15:15:36.0205 0x01e8 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
15:15:36.0220 0x01e8 StorSvc - ok
15:15:36.0236 0x01e8 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:15:36.0251 0x01e8 storvsc - ok
15:15:36.0267 0x01e8 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:15:36.0283 0x01e8 swenum - ok
15:15:36.0314 0x01e8 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
15:15:36.0376 0x01e8 swprv - ok
15:15:36.0439 0x01e8 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
15:15:36.0532 0x01e8 SysMain - ok
15:15:36.0548 0x01e8 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:15:36.0579 0x01e8 TabletInputService - ok
15:15:36.0595 0x01e8 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:15:36.0657 0x01e8 TapiSrv - ok
15:15:36.0673 0x01e8 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
15:15:36.0719 0x01e8 TBS - ok
15:15:36.0782 0x01e8 [ BB7F39C31C4A4417FD318E7CD184E225, AFEE528D89B2B21829FF9B78C048B2E6CB20DABD1A43739E3BB6BF78896F3E01 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:15:36.0844 0x01e8 Tcpip - ok
15:15:36.0922 0x01e8 [ BB7F39C31C4A4417FD318E7CD184E225, AFEE528D89B2B21829FF9B78C048B2E6CB20DABD1A43739E3BB6BF78896F3E01 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:15:36.0985 0x01e8 TCPIP6 - ok
15:15:37.0000 0x01e8 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:15:37.0047 0x01e8 tcpipreg - ok
15:15:37.0063 0x01e8 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:15:37.0094 0x01e8 TDPIPE - ok
15:15:37.0109 0x01e8 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:15:37.0156 0x01e8 TDTCP - ok
15:15:37.0172 0x01e8 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:15:37.0203 0x01e8 tdx - ok
15:15:37.0219 0x01e8 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:15:37.0250 0x01e8 TermDD - ok
15:15:37.0297 0x01e8 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
15:15:37.0375 0x01e8 TermService - ok
15:15:37.0421 0x01e8 [ 8F14DE79EBE73D6D717B8455E64DDA86, 7561D79B1F213AC4877E7972CCD2926228330CDDE244FA8E3B77F4FB192BACC8 ] TGCM_ImportWiFiSvc C:\Program Files\o2\Mobile Connection Manager\ImpWiFiSvc.exe
15:15:37.0437 0x01e8 TGCM_ImportWiFiSvc - ok
15:15:37.0468 0x01e8 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
15:15:37.0484 0x01e8 Themes - ok
15:15:37.0499 0x01e8 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
15:15:37.0546 0x01e8 THREADORDER - ok
15:15:37.0577 0x01e8 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
15:15:37.0624 0x01e8 TrkWks - ok
15:15:37.0655 0x01e8 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:15:37.0687 0x01e8 TrustedInstaller - ok
15:15:37.0702 0x01e8 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:15:37.0733 0x01e8 tssecsrv - ok
15:15:37.0765 0x01e8 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:15:37.0811 0x01e8 tunnel - ok
15:15:37.0827 0x01e8 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:15:37.0843 0x01e8 uagp35 - ok
15:15:37.0858 0x01e8 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:15:37.0905 0x01e8 udfs - ok
15:15:37.0952 0x01e8 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:15:37.0967 0x01e8 UI0Detect - ok
15:15:37.0999 0x01e8 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:15:38.0014 0x01e8 uliagpkx - ok
15:15:38.0030 0x01e8 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:15:38.0061 0x01e8 umbus - ok
15:15:38.0061 0x01e8 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:15:38.0092 0x01e8 UmPass - ok
15:15:38.0123 0x01e8 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
15:15:38.0155 0x01e8 UmRdpService - ok
15:15:38.0186 0x01e8 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
15:15:38.0279 0x01e8 upnphost - ok
15:15:38.0311 0x01e8 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:15:38.0326 0x01e8 usbccgp - ok
15:15:38.0342 0x01e8 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:15:38.0373 0x01e8 usbcir - ok
15:15:38.0389 0x01e8 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:15:38.0420 0x01e8 usbehci - ok
15:15:38.0435 0x01e8 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:15:38.0467 0x01e8 usbhub - ok
15:15:38.0482 0x01e8 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:15:38.0498 0x01e8 usbohci - ok
15:15:38.0513 0x01e8 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:15:38.0529 0x01e8 usbprint - ok
15:15:38.0545 0x01e8 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:15:38.0576 0x01e8 USBSTOR - ok
15:15:38.0591 0x01e8 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:15:38.0607 0x01e8 usbuhci - ok
15:15:38.0638 0x01e8 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
15:15:38.0669 0x01e8 UxSms - ok
15:15:38.0701 0x01e8 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
15:15:38.0716 0x01e8 VaultSvc - ok
15:15:38.0732 0x01e8 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:15:38.0747 0x01e8 vdrvroot - ok
15:15:38.0794 0x01e8 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
15:15:38.0841 0x01e8 vds - ok
15:15:38.0872 0x01e8 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:15:38.0903 0x01e8 vga - ok
15:15:38.0903 0x01e8 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:15:38.0950 0x01e8 VgaSave - ok
15:15:38.0966 0x01e8 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:15:38.0997 0x01e8 vhdmp - ok
15:15:39.0013 0x01e8 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
15:15:39.0028 0x01e8 viaagp - ok
15:15:39.0028 0x01e8 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:15:39.0059 0x01e8 ViaC7 - ok
15:15:39.0075 0x01e8 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:15:39.0075 0x01e8 viaide - ok
15:15:39.0091 0x01e8 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:15:39.0122 0x01e8 vmbus - ok
15:15:39.0122 0x01e8 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:15:39.0153 0x01e8 VMBusHID - ok
15:15:39.0153 0x01e8 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:15:39.0169 0x01e8 volmgr - ok
15:15:39.0200 0x01e8 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:15:39.0215 0x01e8 volmgrx - ok
15:15:39.0231 0x01e8 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:15:39.0262 0x01e8 volsnap - ok
15:15:39.0278 0x01e8 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:15:39.0293 0x01e8 vsmraid - ok
15:15:39.0403 0x01e8 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
15:15:39.0465 0x01e8 VSS - ok
15:15:39.0496 0x01e8 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:15:39.0512 0x01e8 vwifibus - ok
15:15:39.0559 0x01e8 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
15:15:39.0621 0x01e8 W32Time - ok
15:15:39.0652 0x01e8 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:15:39.0668 0x01e8 WacomPen - ok
15:15:39.0683 0x01e8 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:15:39.0730 0x01e8 WANARP - ok
15:15:39.0730 0x01e8 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:15:39.0777 0x01e8 Wanarpv6 - ok
15:15:39.0839 0x01e8 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
15:15:39.0933 0x01e8 wbengine - ok
15:15:39.0949 0x01e8 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:15:39.0980 0x01e8 WbioSrvc - ok
15:15:40.0011 0x01e8 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:15:40.0042 0x01e8 wcncsvc - ok
15:15:40.0058 0x01e8 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:15:40.0089 0x01e8 WcsPlugInService - ok
15:15:40.0105 0x01e8 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:15:40.0120 0x01e8 Wd - ok
15:15:40.0151 0x01e8 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:15:40.0183 0x01e8 Wdf01000 - ok
15:15:40.0198 0x01e8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:15:40.0229 0x01e8 WdiServiceHost - ok
15:15:40.0245 0x01e8 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:15:40.0261 0x01e8 WdiSystemHost - ok
15:15:40.0276 0x01e8 [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
15:15:40.0323 0x01e8 WebClient - ok
15:15:40.0339 0x01e8 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:15:40.0385 0x01e8 Wecsvc - ok
15:15:40.0401 0x01e8 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:15:40.0448 0x01e8 wercplsupport - ok
15:15:40.0463 0x01e8 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
15:15:40.0510 0x01e8 WerSvc - ok
15:15:40.0526 0x01e8 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:15:40.0557 0x01e8 WfpLwf - ok
15:15:40.0588 0x01e8 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:15:40.0604 0x01e8 WIMMount - ok
15:15:40.0666 0x01e8 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:15:40.0729 0x01e8 WinDefend - ok
15:15:40.0744 0x01e8 WinHttpAutoProxySvc - ok
15:15:40.0822 0x01e8 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:15:40.0869 0x01e8 Winmgmt - ok
15:15:40.0947 0x01e8 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
15:15:41.0056 0x01e8 WinRM - ok
15:15:41.0134 0x01e8 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:15:41.0197 0x01e8 Wlansvc - ok
15:15:41.0228 0x01e8 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:15:41.0243 0x01e8 WmiAcpi - ok
15:15:41.0275 0x01e8 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:15:41.0306 0x01e8 wmiApSrv - ok
15:15:41.0384 0x01e8 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:15:41.0477 0x01e8 WMPNetworkSvc - ok
15:15:41.0509 0x01e8 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:15:41.0524 0x01e8 WPCSvc - ok
15:15:41.0540 0x01e8 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:15:41.0555 0x01e8 WPDBusEnum - ok
15:15:41.0602 0x01e8 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:15:41.0633 0x01e8 ws2ifsl - ok
15:15:41.0665 0x01e8 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
15:15:41.0696 0x01e8 wscsvc - ok
15:15:41.0696 0x01e8 WSearch - ok
15:15:41.0789 0x01e8 [ A33408CC036F9C08142B11BE5E93F0A1, A6CE3681EE4DE3C9A8B8B5DA4E8E46DB4443A32D1339F7D0893F1F2153635D86 ] wuauserv C:\Windows\system32\wuaueng.dll
15:15:41.0961 0x01e8 wuauserv - ok
15:15:41.0992 0x01e8 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:15:42.0023 0x01e8 WudfPf - ok
15:15:42.0039 0x01e8 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:15:42.0086 0x01e8 WUDFRd - ok
15:15:42.0117 0x01e8 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:15:42.0148 0x01e8 wudfsvc - ok
15:15:42.0179 0x01e8 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:15:42.0211 0x01e8 WwanSvc - ok
15:15:42.0257 0x01e8 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
15:15:42.0289 0x01e8 yukonw7 - ok
15:15:42.0320 0x01e8 [ 19F17ECC68439C51497F1156C7F90B24, 197EE7F84BBB82BAB3F24BD8AD36BF18A0090C9E242CC167C2151A5C1106C53D ] ZTEusbmdm6k C:\Windows\system32\DRIVERS\ZTEusbmdm6k.sys
15:15:42.0335 0x01e8 ZTEusbmdm6k - ok
15:15:42.0367 0x01e8 [ 19F17ECC68439C51497F1156C7F90B24, 197EE7F84BBB82BAB3F24BD8AD36BF18A0090C9E242CC167C2151A5C1106C53D ] ZTEusbnmea C:\Windows\system32\DRIVERS\ZTEusbnmea.sys
15:15:42.0382 0x01e8 ZTEusbnmea - ok
15:15:42.0413 0x01e8 [ 19F17ECC68439C51497F1156C7F90B24, 197EE7F84BBB82BAB3F24BD8AD36BF18A0090C9E242CC167C2151A5C1106C53D ] ZTEusbser6k C:\Windows\system32\DRIVERS\ZTEusbser6k.sys
15:15:42.0429 0x01e8 ZTEusbser6k - ok
15:15:42.0429 0x01e8 ================ Scan global ===============================
15:15:42.0460 0x01e8 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
15:15:42.0491 0x01e8 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:15:42.0523 0x01e8 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:15:42.0538 0x01e8 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
15:15:42.0569 0x01e8 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
15:15:42.0585 0x01e8 [ Global ] - ok
15:15:42.0601 0x01e8 ================ Scan MBR ==================================
15:15:42.0601 0x01e8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:15:42.0835 0x01e8 \Device\Harddisk1\DR1 - ok
15:15:42.0866 0x01e8 [ 72B8CE41AF0DE751C946802B3ED844B4 ] \Device\Harddisk0\DR0
15:15:42.0928 0x01e8 \Device\Harddisk0\DR0 - ok
15:15:42.0944 0x01e8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk2\DR2
15:15:43.0256 0x01e8 \Device\Harddisk2\DR2 - ok
15:15:43.0256 0x01e8 ================ Scan VBR ==================================
15:15:43.0271 0x01e8 [ 6DD18CB5456E2BEA524DB00F207AD484 ] \Device\Harddisk1\DR1\Partition1
15:15:43.0271 0x01e8 \Device\Harddisk1\DR1\Partition1 - ok
15:15:43.0271 0x01e8 [ 64C5EC272C07370A845DDCCA8C3EB4B5 ] \Device\Harddisk0\DR0\Partition1
15:15:43.0287 0x01e8 \Device\Harddisk0\DR0\Partition1 - ok
15:15:43.0287 0x01e8 [ E7DCE49EF2073CCA615906BFA4B685A3 ] \Device\Harddisk2\DR2\Partition1
15:15:43.0287 0x01e8 \Device\Harddisk2\DR2\Partition1 - ok
15:15:43.0287 0x01e8 ================ Scan generic autorun ======================
15:15:43.0412 0x01e8 [ 7E91655B4947EC1B18B3BC1645839145, 4425326D019A7A6380B71D6710AD94D58A11E1BC5BA42159DD4A17437A296C48 ] C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe
15:15:43.0443 0x01e8 AVP - ok
15:15:43.0459 0x01e8 [ 6EFBC82722D0F7B35283993189ECE9D0, C992072A3248C35C5C46E0CCD463C60C6376E7E17AA67BAFF8260C200DC47900 ] C:\Program Files\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe
15:15:43.0474 0x01e8 KSS - ok
15:15:43.0474 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:44.0488 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:45.0502 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:46.0516 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:47.0530 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:48.0544 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:49.0558 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:50.0572 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:51.0586 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:52.0600 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:53.0614 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:54.0628 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:55.0642 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:56.0656 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:57.0670 0x01e8 Waiting for KSN requests completion. In queue: 320
15:15:58.0684 0x01e8 Waiting for KSN requests completion. In queue: 309
15:15:59.0698 0x01e8 Waiting for KSN requests completion. In queue: 309
15:16:00.0712 0x01e8 Waiting for KSN requests completion. In queue: 309
15:16:01.0726 0x01e8 Waiting for KSN requests completion. In queue: 309
15:16:02.0740 0x01e8 Waiting for KSN requests completion. In queue: 309
15:16:03.0770 0x01e8 AV detected via SS2: Kaspersky PURE 3.0, C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\wmiav.exe ( 13.0.2.558 ), 0x40010 ( disabled : outofdate )
15:16:03.0770 0x01e8 FW detected via SS2: Kaspersky PURE 3.0, C:\Program Files\Kaspersky Lab\Kaspersky PURE 3.0\wmifw.exe ( 13.0.2.558 ), 0x40010 ( disabled )
15:16:03.0785 0x01e8 Win FW state via NFP2: disabled
15:16:07.0342 0x01e8 ============================================================
15:16:07.0342 0x01e8 Scan finished
15:16:07.0342 0x01e8 ============================================================
15:16:07.0358 0x096c Detected object count: 0
15:16:07.0358 0x096c Actual detected object count: 0
15:19:43.0365 0x0f4c Deinitialize success
Gruß |
|
04.07.2014, 21:12
| #4 |
| | Win 7/ Rootkit lässt sich nicht entfernen. Bin Mittlerweile der Meinung dass mein Pc extern überwacht wird. Ich weiß nicht wieso und weshalb.. Nur diese "Policies" einträge stören mich.. Logs wie auch verbindungen werden gespeichert und übermittelt, dies konnte ich anhand verschiedener Logs im Windows Verzeichnis sehen. Man schaue sich mal die Windows Reg Daten an.  Habe jetz auch Kaspersky Pure laufen, nur leider wird nix gefunden obwoll ich im Hintergrund sehen kann, dass fleissig was am laufen ist. Ich wäre echt dankbar wenn mir jemand hier helfen könnte  Gruß Geändert von mmkai (04.07.2014 um 14:43 Uhr) |
|
05.07.2014, 18:11
| #5 |
| /// the machine /// TB-Ausbilder | Win 7/ Rootkit lässt sich nicht entfernen. öhm...schlau mich mal auf. Warum genau denkst du das? Was stört dich an obigem Bild?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Win 7/ Rootkit lässt sich nicht entfernen. |
| .dll, administrator, cdrom, defender, download, entfernen, explorer, explorer.exe, fehler, festplatte, gesperrt, harddisk, installation, microsoft, mozilla, neu, registry, rootkit, scan, security, services.exe, svchost.exe, viren, windows, winlogon.exe |
Linear-Darstellung
