| |
| |||||||
Log-Analyse und Auswertung: Virus 'BOO/TDss.O' im MasterbootsektorWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
03.09.2014, 11:24
| #1 |
 |  Virus 'BOO/TDss.O' im Masterbootsektor Hallo zusammen, ich habe wohl ein Virus im MBR. AntiVir meldet ein Virus 'BOO/TDss.O'. Habe ein Windows 7 Home Premium in 64 Bit. Ich habe auch schon mal 2 Logs erstellt: Defogger: Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 12:08 on 03/09/2014 (Home)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Home (administrator) on HOME-PC on 03-09-2014 12:11:44
Running from C:\Users\Home\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avscan.exe
(Enigma Software Group USA, LLC.) C:\Config.Msi\a9fc51.rbf
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Farbar) C:\Users\Home\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-22] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [GrpConv] => grpconv -o
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [967608 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [577536 2012-11-28] (Samsung Electronics)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\MountPoints2: {3b7b4c89-4296-11e2-946b-00262d818196} - F:\LaunchU3.exe -a
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\_uninst_77728856.lnk
ShortcutTarget: _uninst_77728856.lnk -> C:\Users\Home\AppData\Local\Temp\_uninst_77728856.bat ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBC8E255AA848CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - 809CF234490D49BB8030301225658AF6 URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1394292881&from=cor&uid=TOSHIBAXMK5055GSX_Y9ADC0O1TXXY9ADC0O1T&q={searchTerms}
SearchScopes: HKCU - {879047C3-BC5E-43A9-AC28-82DFBC646A00} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=FF92F338-7AC1-4EDF-B9C9-201A72BADEBB&apn_sauid=ABD7C0A3-3023-45BD-AFA2-57CE256EE98C
SearchScopes: HKCU - {E125ADC4-EFCF-4CC7-9598-F8FE8258FB58} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=266
SearchScopes: HKCU - {FCD925BA-A64E-4745-AAEC-B8BA631A98B5} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279453&CUI=UN11816603311929016
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.70.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://rts.dsrlte.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Users\Home\Desktop\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Users\Home\Desktop\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\dvdvideosoft-20-customized-web-search.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\lastminute-1.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-08]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Newhub) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoejbmmillcdifgagjpdlaamnalbielp [2014-03-17]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (Avira Browser Safety) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-04]
CHR Extension: (Adblock Advisor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo [2014-08-04]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Google Mail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR HKLM\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
CHR HKCU\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 77728856; C:\Windows\System32\DRIVERS\77728856.sys [458336 2014-08-19] (Kaspersky Lab ZAO)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
R3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 12:11 - 2014-09-03 12:12 - 00016897 _____ () C:\Users\Home\Desktop\FRST.txt
2014-09-03 12:11 - 2014-09-03 12:11 - 02104832 _____ (Farbar) C:\Users\Home\Desktop\FRST64(1).exe
2014-09-03 12:11 - 2014-09-03 12:11 - 00000000 ____D () C:\FRST
2014-09-03 12:08 - 2014-09-03 12:08 - 00000470 _____ () C:\Users\Home\Desktop\defogger_disable.log
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 _____ () C:\Users\Home\defogger_reenable
2014-09-03 12:05 - 2014-09-03 12:05 - 00050477 _____ () C:\Users\Home\Desktop\Defogger(1).exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Users\Home\AppData\Roaming\TeamViewer
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-03 12:00 - 2014-09-03 12:00 - 06304880 _____ (TeamViewer GmbH) C:\Users\Home\Downloads\TeamViewer_Setup_de.exe
2014-09-03 09:37 - 2014-09-03 09:37 - 00000000 _____ () C:\autoexec.bat
2014-09-03 09:36 - 2014-09-03 09:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-03 09:35 - 2014-09-03 12:10 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-03 09:34 - 2014-09-03 09:34 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Home\Downloads\SpyHunter-Installer.exe
2014-09-03 09:23 - 2014-09-03 09:23 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-03 09:23 - 2014-08-19 13:37 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\77728856.sys
2014-09-03 09:19 - 2014-09-03 09:22 - 154669008 _____ () C:\Users\Home\Downloads\setup_11.0.3.7.x01_2014_08_19_13_38 (1).exe
2014-08-31 17:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-31 17:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-31 17:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 21:24 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-26 21:24 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-26 21:24 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-26 21:24 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-26 21:24 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-26 21:24 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-26 21:24 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-26 21:24 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 21:28 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 21:28 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 21:28 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 21:28 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 21:27 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 21:27 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 21:27 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 21:27 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-23 21:26 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-23 21:26 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-23 21:25 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-23 21:25 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-23 21:25 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-23 21:24 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-23 21:24 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-23 21:24 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-23 21:24 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-23 21:24 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-23 21:24 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-23 21:24 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-23 21:24 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-23 21:24 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-23 21:24 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-23 21:24 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-23 21:24 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-23 21:24 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-23 21:24 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-23 21:24 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-23 21:24 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-23 21:24 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-23 21:24 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-23 21:24 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-23 21:24 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-23 21:24 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-23 21:24 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-23 21:24 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-23 21:24 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-23 21:24 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-23 21:24 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-23 21:24 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-23 21:24 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-23 21:24 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-23 21:24 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-23 21:24 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-23 21:24 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-23 21:24 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-23 21:24 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-23 21:24 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-23 21:24 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-23 21:24 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-23 21:24 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-23 21:24 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-23 21:24 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-23 21:24 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-23 21:24 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-23 21:24 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-23 21:24 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-23 21:24 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-23 21:24 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-23 21:24 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-23 21:24 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-23 21:24 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-23 21:24 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-23 21:24 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-23 21:24 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-23 21:24 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-23 21:24 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-23 21:24 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-23 21:24 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-23 21:24 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-23 21:24 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-23 21:24 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-23 21:24 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-23 21:24 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-23 21:24 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-23 21:24 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-23 20:32 - 2014-08-23 20:32 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-05 15:36 - 2014-08-05 15:38 - 00000000 ____D () C:\AdwCleaner
2014-08-05 15:35 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302 (1).exe
2014-08-05 15:34 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302.exe
2014-08-05 13:07 - 2014-08-05 13:06 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-04 18:59 - 2014-08-04 18:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Avira
2014-08-04 18:53 - 2014-07-23 13:29 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-08-04 18:53 - 2014-07-23 13:29 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-08-04 18:53 - 2014-07-23 13:29 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-04 18:47 - 2014-08-04 18:53 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 18:46 - 2014-08-04 18:46 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Home\Downloads\avira_de_av___ws.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 12:12 - 2014-09-03 12:11 - 00016897 _____ () C:\Users\Home\Desktop\FRST.txt
2014-09-03 12:11 - 2014-09-03 12:11 - 02104832 _____ (Farbar) C:\Users\Home\Desktop\FRST64(1).exe
2014-09-03 12:11 - 2014-09-03 12:11 - 00000000 ____D () C:\FRST
2014-09-03 12:10 - 2014-09-03 09:35 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-03 12:08 - 2014-09-03 12:08 - 00000470 _____ () C:\Users\Home\Desktop\defogger_disable.log
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 _____ () C:\Users\Home\defogger_reenable
2014-09-03 12:08 - 2011-11-05 12:16 - 00000000 ____D () C:\Users\Home
2014-09-03 12:05 - 2014-09-03 12:05 - 00050477 _____ () C:\Users\Home\Desktop\Defogger(1).exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Users\Home\AppData\Roaming\TeamViewer
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-03 12:00 - 2014-09-03 12:00 - 06304880 _____ (TeamViewer GmbH) C:\Users\Home\Downloads\TeamViewer_Setup_de.exe
2014-09-03 11:19 - 2013-02-12 12:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 11:13 - 2012-12-21 09:20 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 10:36 - 2011-11-05 11:45 - 01997615 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 09:37 - 2014-09-03 09:37 - 00000000 _____ () C:\autoexec.bat
2014-09-03 09:36 - 2014-09-03 09:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-03 09:34 - 2014-09-03 09:34 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Home\Downloads\SpyHunter-Installer.exe
2014-09-03 09:23 - 2014-09-03 09:23 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-03 09:22 - 2014-09-03 09:19 - 154669008 _____ () C:\Users\Home\Downloads\setup_11.0.3.7.x01_2014_08_19_13_38 (1).exe
2014-09-03 09:13 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 09:13 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 09:05 - 2012-12-21 09:20 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 09:05 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 09:05 - 2009-07-14 06:51 - 00122578 _____ () C:\Windows\setupact.log
2014-09-02 18:28 - 2013-08-14 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-02 18:24 - 2009-07-14 06:45 - 00439224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-31 20:59 - 2012-12-15 14:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-31 20:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-27 23:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-26 21:31 - 2011-11-05 13:49 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-26 21:21 - 2014-05-06 23:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-23 20:32 - 2014-08-23 20:32 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-23 04:07 - 2014-08-31 17:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-31 17:34 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-31 17:34 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 13:37 - 2014-09-03 09:23 - 00458336 _____ (Kaspersky Lab ZAO) C:\Windows\system32\Drivers\77728856.sys
2014-08-07 04:06 - 2014-08-23 21:26 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-23 21:26 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 15:39 - 2011-11-05 13:05 - 00353890 _____ () C:\Windows\PFRO.log
2014-08-05 15:38 - 2014-08-05 15:36 - 00000000 ____D () C:\AdwCleaner
2014-08-05 15:38 - 2012-12-21 09:20 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 15:38 - 2012-12-21 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 15:38 - 2011-11-05 12:17 - 00000997 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-05 15:35 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302 (1).exe
2014-08-05 15:35 - 2014-08-05 15:34 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302.exe
2014-08-05 15:25 - 2014-03-08 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-05 13:06 - 2014-08-05 13:07 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-04 22:04 - 2009-07-14 19:58 - 00704520 _____ () C:\Windows\system32\perfh007.dat
2014-08-04 22:04 - 2009-07-14 19:58 - 00152326 _____ () C:\Windows\system32\perfc007.dat
2014-08-04 22:04 - 2009-07-14 07:13 - 01634360 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 19:00 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-08-04 18:59 - 2014-08-04 18:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Avira
2014-08-04 18:53 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 18:46 - 2014-08-04 18:46 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Home\Downloads\avira_de_av___ws.exe
Files to move or delete:
====================
C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\5jwggudp.dll
C:\Users\Home\AppData\Local\Temp\APNSetup.exe
C:\Users\Home\AppData\Local\Temp\ApnStub.exe
C:\Users\Home\AppData\Local\Temp\AskSLib.dll
C:\Users\Home\AppData\Local\Temp\avgnt.exe
C:\Users\Home\AppData\Local\Temp\contentDATs.exe
C:\Users\Home\AppData\Local\Temp\dsrlte.exe
C:\Users\Home\AppData\Local\Temp\esjz2asp.dll
C:\Users\Home\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Home\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Home\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\ose00000.exe
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Home\AppData\Local\Temp\SHSetup.exe
C:\Users\Home\AppData\Local\Temp\Sqlite3.dll
C:\Users\Home\AppData\Local\Temp\ucyxxl10.dll
C:\Users\Home\AppData\Local\Temp\v55855549.455.exe
C:\Users\Home\AppData\Local\Temp\vkswtrnf.dll
C:\Users\Home\AppData\Local\Temp\vlc-2.0.7-win32.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-31 20:22
==================== End Of Log ============================
|
|
03.09.2014, 11:25
| #2 |
| /// TB-Ausbilder   | Virus 'BOO/TDss.O' im Masterbootsektor Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
|
|
03.09.2014, 12:05
| #3 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi,
__________________habe ich gemacht: Code:
ATTFilter 12:59:10.0527 0x1048 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
12:59:16.0885 0x1048 ============================================================
12:59:16.0885 0x1048 Current date / time: 2014/09/03 12:59:16.0885
12:59:16.0885 0x1048 SystemInfo:
12:59:16.0885 0x1048
12:59:16.0885 0x1048 OS Version: 6.1.7601 ServicePack: 1.0
12:59:16.0885 0x1048 Product type: Workstation
12:59:16.0886 0x1048 ComputerName: HOME-PC
12:59:16.0886 0x1048 UserName: Home
12:59:16.0886 0x1048 Windows directory: C:\Windows
12:59:16.0886 0x1048 System windows directory: C:\Windows
12:59:16.0886 0x1048 Running under WOW64
12:59:16.0886 0x1048 Processor architecture: Intel x64
12:59:16.0886 0x1048 Number of processors: 4
12:59:16.0886 0x1048 Page size: 0x1000
12:59:16.0886 0x1048 Boot type: Normal boot
12:59:16.0886 0x1048 ============================================================
12:59:22.0435 0x1048 KLMD registered as C:\Windows\system32\drivers\32013543.sys
12:59:22.0631 0x1048 System UUID: {F9D2681A-06B1-12F9-B6DF-84DD56D67E09}
12:59:23.0120 0x1048 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:59:23.0124 0x1048 ============================================================
12:59:23.0124 0x1048 \Device\Harddisk0\DR0:
12:59:23.0124 0x1048 MBR partitions:
12:59:23.0124 0x1048 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
12:59:23.0124 0x1048 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
12:59:23.0124 0x1048 ============================================================
12:59:23.0166 0x1048 C: <-> \Device\Harddisk0\DR0\Partition2
12:59:23.0211 0x1048 D: <-> \Device\Harddisk0\DR0\Partition1
12:59:23.0211 0x1048 ============================================================
12:59:23.0211 0x1048 Initialize success
12:59:23.0211 0x1048 ============================================================
12:59:58.0638 0x1124 ============================================================
12:59:58.0638 0x1124 Scan started
12:59:58.0638 0x1124 Mode: Manual; SigCheck; TDLFS;
12:59:58.0638 0x1124 ============================================================
12:59:58.0638 0x1124 KSN ping started
13:00:01.0314 0x1124 KSN ping finished: true
13:00:03.0453 0x1124 ================ Scan system memory ========================
13:00:03.0453 0x1124 System memory - ok
13:00:03.0454 0x1124 ================ Scan services =============================
13:00:03.0664 0x1124 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
13:00:03.0757 0x1124 1394ohci - ok
13:00:03.0831 0x1124 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] 77728856 C:\Windows\system32\DRIVERS\77728856.sys
13:00:03.0863 0x1124 77728856 - ok
13:00:03.0915 0x1124 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
13:00:03.0934 0x1124 ACPI - ok
13:00:03.0987 0x1124 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
13:00:04.0103 0x1124 AcpiPmi - ok
13:00:04.0237 0x1124 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
13:00:04.0249 0x1124 AdobeARMservice - ok
13:00:04.0414 0x1124 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
13:00:04.0430 0x1124 AdobeFlashPlayerUpdateSvc - ok
13:00:04.0519 0x1124 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
13:00:04.0545 0x1124 adp94xx - ok
13:00:04.0583 0x1124 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
13:00:04.0604 0x1124 adpahci - ok
13:00:04.0654 0x1124 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
13:00:04.0670 0x1124 adpu320 - ok
13:00:04.0709 0x1124 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
13:00:04.0840 0x1124 AeLookupSvc - ok
13:00:04.0903 0x1124 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
13:00:04.0974 0x1124 AFD - ok
13:00:05.0077 0x1124 [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
13:00:05.0131 0x1124 AgereModemAudio - ok
13:00:05.0192 0x1124 [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
13:00:05.0275 0x1124 AgereSoftModem - ok
13:00:05.0321 0x1124 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
13:00:05.0333 0x1124 agp440 - ok
13:00:05.0392 0x1124 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
13:00:05.0433 0x1124 ALG - ok
13:00:05.0482 0x1124 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
13:00:05.0493 0x1124 aliide - ok
13:00:05.0542 0x1124 [ 9C48E5389917E41D238C6D1D66AD98E4, 787C76FE698E279E833A55DDB49CEDD20610DB5874E4A030A70065996A9478E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
13:00:05.0623 0x1124 AMD External Events Utility - ok
13:00:05.0668 0x1124 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
13:00:05.0679 0x1124 amdide - ok
13:00:05.0738 0x1124 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
13:00:05.0801 0x1124 AmdK8 - ok
13:00:05.0862 0x1124 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
13:00:05.0907 0x1124 AmdPPM - ok
13:00:05.0962 0x1124 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
13:00:05.0977 0x1124 amdsata - ok
13:00:06.0026 0x1124 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
13:00:06.0042 0x1124 amdsbs - ok
13:00:06.0066 0x1124 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
13:00:06.0077 0x1124 amdxata - ok
13:00:06.0133 0x1124 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
13:00:06.0182 0x1124 AmUStor - ok
13:00:06.0317 0x1124 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
13:00:06.0335 0x1124 AntiVirSchedulerService - ok
13:00:06.0414 0x1124 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
13:00:06.0430 0x1124 AntiVirService - ok
13:00:06.0486 0x1124 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
13:00:06.0678 0x1124 AppID - ok
13:00:06.0722 0x1124 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
13:00:06.0791 0x1124 AppIDSvc - ok
13:00:06.0860 0x1124 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
13:00:06.0914 0x1124 Appinfo - ok
13:00:07.0039 0x1124 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
13:00:07.0049 0x1124 Apple Mobile Device - ok
13:00:07.0103 0x1124 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
13:00:07.0116 0x1124 arc - ok
13:00:07.0137 0x1124 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
13:00:07.0150 0x1124 arcsas - ok
13:00:07.0309 0x1124 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
13:00:07.0324 0x1124 aspnet_state - ok
13:00:07.0351 0x1124 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
13:00:07.0414 0x1124 AsyncMac - ok
13:00:07.0478 0x1124 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
13:00:07.0489 0x1124 atapi - ok
13:00:07.0588 0x1124 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
13:00:07.0712 0x1124 athr - ok
13:00:08.0145 0x1124 [ D229CC2EBCF287ADAFECE59AB1E3D3BC, E7826F95D0A665AD537089FDFCE90CD7E434CBCE166167A4D82974DA4B7D46AE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
13:00:08.0457 0x1124 atikmdag - ok
13:00:08.0543 0x1124 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
13:00:08.0634 0x1124 AudioEndpointBuilder - ok
13:00:08.0696 0x1124 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
13:00:08.0754 0x1124 AudioSrv - ok
13:00:08.0817 0x1124 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
13:00:08.0829 0x1124 avgntflt - ok
13:00:08.0859 0x1124 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
13:00:08.0870 0x1124 avipbb - ok
13:00:09.0012 0x1124 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
13:00:09.0023 0x1124 Avira.OE.ServiceHost - ok
13:00:09.0035 0x1124 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
13:00:09.0046 0x1124 avkmgr - ok
13:00:09.0097 0x1124 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
13:00:09.0145 0x1124 AxInstSV - ok
13:00:09.0228 0x1124 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
13:00:09.0276 0x1124 b06bdrv - ok
13:00:09.0346 0x1124 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
13:00:09.0385 0x1124 b57nd60a - ok
13:00:09.0463 0x1124 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
13:00:09.0499 0x1124 BDESVC - ok
13:00:09.0554 0x1124 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
13:00:09.0621 0x1124 Beep - ok
13:00:09.0735 0x1124 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
13:00:09.0772 0x1124 BFE - ok
13:00:09.0870 0x1124 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
13:00:09.0936 0x1124 BITS - ok
13:00:09.0960 0x1124 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
13:00:09.0996 0x1124 blbdrive - ok
13:00:10.0117 0x1124 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
13:00:10.0141 0x1124 Bonjour Service - ok
13:00:10.0185 0x1124 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
13:00:10.0236 0x1124 bowser - ok
13:00:10.0282 0x1124 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
13:00:10.0324 0x1124 BrFiltLo - ok
13:00:10.0351 0x1124 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
13:00:10.0367 0x1124 BrFiltUp - ok
13:00:10.0421 0x1124 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
13:00:10.0461 0x1124 Browser - ok
13:00:10.0515 0x1124 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
13:00:10.0569 0x1124 Brserid - ok
13:00:10.0617 0x1124 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
13:00:10.0660 0x1124 BrSerWdm - ok
13:00:10.0688 0x1124 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
13:00:10.0724 0x1124 BrUsbMdm - ok
13:00:10.0781 0x1124 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
13:00:10.0812 0x1124 BrUsbSer - ok
13:00:10.0847 0x1124 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
13:00:10.0887 0x1124 BTHMODEM - ok
13:00:10.0946 0x1124 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
13:00:11.0009 0x1124 bthserv - ok
13:00:11.0052 0x1124 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
13:00:11.0120 0x1124 cdfs - ok
13:00:11.0195 0x1124 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
13:00:11.0216 0x1124 cdrom - ok
13:00:11.0260 0x1124 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
13:00:11.0320 0x1124 CertPropSvc - ok
13:00:11.0411 0x1124 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
13:00:11.0443 0x1124 circlass - ok
13:00:11.0513 0x1124 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
13:00:11.0538 0x1124 CLFS - ok
13:00:11.0629 0x1124 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
13:00:11.0642 0x1124 clr_optimization_v2.0.50727_32 - ok
13:00:11.0705 0x1124 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
13:00:11.0718 0x1124 clr_optimization_v2.0.50727_64 - ok
13:00:11.0865 0x1124 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
13:00:11.0880 0x1124 clr_optimization_v4.0.30319_32 - ok
13:00:11.0930 0x1124 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
13:00:11.0946 0x1124 clr_optimization_v4.0.30319_64 - ok
13:00:11.0984 0x1124 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
13:00:12.0014 0x1124 CmBatt - ok
13:00:12.0084 0x1124 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
13:00:12.0095 0x1124 cmdide - ok
13:00:12.0162 0x1124 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
13:00:12.0193 0x1124 CNG - ok
13:00:12.0242 0x1124 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
13:00:12.0252 0x1124 Compbatt - ok
13:00:12.0292 0x1124 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
13:00:12.0336 0x1124 CompositeBus - ok
13:00:12.0357 0x1124 COMSysApp - ok
13:00:12.0392 0x1124 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
13:00:12.0406 0x1124 crcdisk - ok
13:00:12.0458 0x1124 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
13:00:12.0500 0x1124 CryptSvc - ok
13:00:12.0576 0x1124 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
13:00:12.0651 0x1124 DcomLaunch - ok
13:00:12.0732 0x1124 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
13:00:12.0797 0x1124 defragsvc - ok
13:00:12.0861 0x1124 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
13:00:12.0919 0x1124 DfsC - ok
13:00:12.0998 0x1124 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
13:00:13.0010 0x1124 dg_ssudbus - ok
13:00:13.0095 0x1124 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
13:00:13.0132 0x1124 Dhcp - ok
13:00:13.0177 0x1124 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
13:00:13.0245 0x1124 discache - ok
13:00:13.0297 0x1124 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
13:00:13.0310 0x1124 Disk - ok
13:00:13.0360 0x1124 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
13:00:13.0400 0x1124 Dnscache - ok
13:00:13.0444 0x1124 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
13:00:13.0514 0x1124 dot3svc - ok
13:00:13.0590 0x1124 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
13:00:13.0659 0x1124 DPS - ok
13:00:13.0720 0x1124 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
13:00:13.0777 0x1124 drmkaud - ok
13:00:13.0853 0x1124 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
13:00:13.0888 0x1124 DXGKrnl - ok
13:00:13.0936 0x1124 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
13:00:14.0001 0x1124 EapHost - ok
13:00:14.0178 0x1124 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
13:00:14.0355 0x1124 ebdrv - ok
13:00:14.0423 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
13:00:14.0472 0x1124 EFS - ok
13:00:14.0583 0x1124 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
13:00:14.0643 0x1124 ehRecvr - ok
13:00:14.0708 0x1124 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
13:00:14.0748 0x1124 ehSched - ok
13:00:14.0823 0x1124 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
13:00:14.0850 0x1124 elxstor - ok
13:00:14.0887 0x1124 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
13:00:14.0932 0x1124 ErrDev - ok
13:00:15.0013 0x1124 esgiguard - ok
13:00:15.0075 0x1124 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
13:00:15.0153 0x1124 EventSystem - ok
13:00:15.0223 0x1124 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
13:00:15.0285 0x1124 exfat - ok
13:00:15.0328 0x1124 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
13:00:15.0388 0x1124 fastfat - ok
13:00:15.0489 0x1124 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
13:00:15.0524 0x1124 Fax - ok
13:00:15.0556 0x1124 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
13:00:15.0569 0x1124 fdc - ok
13:00:15.0595 0x1124 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
13:00:15.0653 0x1124 fdPHost - ok
13:00:15.0679 0x1124 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
13:00:15.0736 0x1124 FDResPub - ok
13:00:15.0774 0x1124 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
13:00:15.0786 0x1124 FileInfo - ok
13:00:15.0807 0x1124 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
13:00:15.0873 0x1124 Filetrace - ok
13:00:15.0913 0x1124 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
13:00:15.0946 0x1124 flpydisk - ok
13:00:15.0995 0x1124 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
13:00:16.0014 0x1124 FltMgr - ok
13:00:16.0143 0x1124 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
13:00:16.0229 0x1124 FontCache - ok
13:00:16.0300 0x1124 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
13:00:16.0312 0x1124 FontCache3.0.0.0 - ok
13:00:16.0353 0x1124 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
13:00:16.0366 0x1124 FsDepends - ok
13:00:16.0410 0x1124 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
13:00:16.0420 0x1124 Fs_Rec - ok
13:00:16.0482 0x1124 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
13:00:16.0501 0x1124 fvevol - ok
13:00:16.0553 0x1124 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
13:00:16.0566 0x1124 gagp30kx - ok
13:00:16.0610 0x1124 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:00:16.0619 0x1124 GEARAspiWDM - ok
13:00:16.0693 0x1124 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
13:00:16.0775 0x1124 gpsvc - ok
13:00:16.0838 0x1124 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
13:00:16.0880 0x1124 hcw85cir - ok
13:00:16.0964 0x1124 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
13:00:17.0016 0x1124 HdAudAddService - ok
13:00:17.0092 0x1124 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
13:00:17.0130 0x1124 HDAudBus - ok
13:00:17.0211 0x1124 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
13:00:17.0248 0x1124 HidBatt - ok
13:00:17.0283 0x1124 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
13:00:17.0319 0x1124 HidBth - ok
13:00:17.0344 0x1124 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
13:00:17.0361 0x1124 HidIr - ok
13:00:17.0416 0x1124 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
13:00:17.0482 0x1124 hidserv - ok
13:00:17.0542 0x1124 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
13:00:17.0555 0x1124 HidUsb - ok
13:00:17.0592 0x1124 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
13:00:17.0677 0x1124 hkmsvc - ok
13:00:17.0736 0x1124 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
13:00:17.0777 0x1124 HomeGroupListener - ok
13:00:17.0848 0x1124 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
13:00:17.0900 0x1124 HomeGroupProvider - ok
13:00:17.0963 0x1124 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
13:00:17.0976 0x1124 HpSAMD - ok
13:00:18.0028 0x1124 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
13:00:18.0121 0x1124 HTTP - ok
13:00:18.0248 0x1124 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
13:00:18.0258 0x1124 hwpolicy - ok
13:00:18.0295 0x1124 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
13:00:18.0311 0x1124 i8042prt - ok
13:00:18.0356 0x1124 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
13:00:18.0380 0x1124 iaStorV - ok
13:00:18.0462 0x1124 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
13:00:18.0504 0x1124 idsvc - ok
13:00:18.0539 0x1124 IEEtwCollectorService - ok
13:00:18.0583 0x1124 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
13:00:18.0595 0x1124 iirsp - ok
13:00:18.0670 0x1124 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
13:00:18.0736 0x1124 IKEEXT - ok
13:00:18.0916 0x1124 [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
13:00:18.0977 0x1124 IntcAzAudAddService - ok
13:00:19.0041 0x1124 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
13:00:19.0052 0x1124 intelide - ok
13:00:19.0108 0x1124 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
13:00:19.0151 0x1124 intelppm - ok
13:00:19.0187 0x1124 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
13:00:19.0247 0x1124 IPBusEnum - ok
13:00:19.0330 0x1124 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:00:19.0370 0x1124 IpFilterDriver - ok
13:00:19.0446 0x1124 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
13:00:19.0522 0x1124 iphlpsvc - ok
13:00:19.0560 0x1124 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
13:00:19.0606 0x1124 IPMIDRV - ok
13:00:19.0653 0x1124 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
13:00:19.0721 0x1124 IPNAT - ok
13:00:19.0803 0x1124 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
13:00:19.0840 0x1124 iPod Service - ok
13:00:19.0895 0x1124 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
13:00:19.0970 0x1124 IRENUM - ok
13:00:20.0002 0x1124 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
13:00:20.0014 0x1124 isapnp - ok
13:00:20.0096 0x1124 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
13:00:20.0115 0x1124 iScsiPrt - ok
13:00:20.0173 0x1124 [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
13:00:20.0193 0x1124 k57nd60a - ok
13:00:20.0240 0x1124 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
13:00:20.0252 0x1124 kbdclass - ok
13:00:20.0302 0x1124 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
13:00:20.0334 0x1124 kbdhid - ok
13:00:20.0360 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
13:00:20.0373 0x1124 KeyIso - ok
13:00:20.0418 0x1124 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
13:00:20.0431 0x1124 KSecDD - ok
13:00:20.0470 0x1124 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
13:00:20.0486 0x1124 KSecPkg - ok
13:00:20.0530 0x1124 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
13:00:20.0587 0x1124 ksthunk - ok
13:00:20.0664 0x1124 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
13:00:20.0741 0x1124 KtmRm - ok
13:00:20.0799 0x1124 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
13:00:20.0859 0x1124 LanmanServer - ok
13:00:20.0914 0x1124 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
13:00:20.0979 0x1124 LanmanWorkstation - ok
13:00:21.0041 0x1124 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
13:00:21.0081 0x1124 lltdio - ok
13:00:21.0125 0x1124 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
13:00:21.0177 0x1124 lltdsvc - ok
13:00:21.0191 0x1124 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
13:00:21.0230 0x1124 lmhosts - ok
13:00:21.0254 0x1124 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
13:00:21.0268 0x1124 LSI_FC - ok
13:00:21.0309 0x1124 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
13:00:21.0324 0x1124 LSI_SAS - ok
13:00:21.0342 0x1124 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
13:00:21.0355 0x1124 LSI_SAS2 - ok
13:00:21.0371 0x1124 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
13:00:21.0386 0x1124 LSI_SCSI - ok
13:00:21.0416 0x1124 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
13:00:21.0483 0x1124 luafv - ok
13:00:21.0583 0x1124 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
13:00:21.0626 0x1124 Mcx2Svc - ok
13:00:21.0673 0x1124 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
13:00:21.0684 0x1124 megasas - ok
13:00:21.0713 0x1124 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
13:00:21.0733 0x1124 MegaSR - ok
13:00:21.0861 0x1124 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
13:00:21.0873 0x1124 Microsoft Office Groove Audit Service - ok
13:00:21.0942 0x1124 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
13:00:22.0015 0x1124 MMCSS - ok
13:00:22.0103 0x1124 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
13:00:22.0169 0x1124 Modem - ok
13:00:22.0205 0x1124 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
13:00:22.0241 0x1124 monitor - ok
13:00:22.0299 0x1124 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
13:00:22.0311 0x1124 mouclass - ok
13:00:22.0369 0x1124 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
13:00:22.0406 0x1124 mouhid - ok
13:00:22.0471 0x1124 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
13:00:22.0484 0x1124 mountmgr - ok
13:00:22.0531 0x1124 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
13:00:22.0547 0x1124 mpio - ok
13:00:22.0594 0x1124 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
13:00:22.0637 0x1124 mpsdrv - ok
13:00:22.0717 0x1124 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
13:00:22.0802 0x1124 MpsSvc - ok
13:00:22.0907 0x1124 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
13:00:22.0944 0x1124 MRxDAV - ok
13:00:22.0987 0x1124 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
13:00:23.0052 0x1124 mrxsmb - ok
13:00:23.0090 0x1124 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:00:23.0126 0x1124 mrxsmb10 - ok
13:00:23.0179 0x1124 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:00:23.0222 0x1124 mrxsmb20 - ok
13:00:23.0259 0x1124 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
13:00:23.0270 0x1124 msahci - ok
13:00:23.0313 0x1124 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
13:00:23.0327 0x1124 msdsm - ok
13:00:23.0349 0x1124 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
13:00:23.0389 0x1124 MSDTC - ok
13:00:23.0451 0x1124 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
13:00:23.0491 0x1124 Msfs - ok
13:00:23.0515 0x1124 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
13:00:23.0572 0x1124 mshidkmdf - ok
13:00:23.0613 0x1124 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
13:00:23.0624 0x1124 msisadrv - ok
13:00:23.0683 0x1124 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
13:00:23.0740 0x1124 MSiSCSI - ok
13:00:23.0744 0x1124 msiserver - ok
13:00:23.0804 0x1124 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
13:00:23.0864 0x1124 MSKSSRV - ok
13:00:23.0892 0x1124 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
13:00:23.0950 0x1124 MSPCLOCK - ok
13:00:24.0009 0x1124 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
13:00:24.0065 0x1124 MSPQM - ok
13:00:24.0117 0x1124 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
13:00:24.0139 0x1124 MsRPC - ok
13:00:24.0184 0x1124 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
13:00:24.0195 0x1124 mssmbios - ok
13:00:24.0250 0x1124 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
13:00:24.0308 0x1124 MSTEE - ok
13:00:24.0331 0x1124 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
13:00:24.0367 0x1124 MTConfig - ok
13:00:24.0390 0x1124 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
13:00:24.0401 0x1124 Mup - ok
13:00:24.0485 0x1124 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
13:00:24.0562 0x1124 napagent - ok
13:00:24.0645 0x1124 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
13:00:24.0694 0x1124 NativeWifiP - ok
13:00:24.0784 0x1124 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
13:00:24.0820 0x1124 NDIS - ok
13:00:24.0867 0x1124 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
13:00:24.0921 0x1124 NdisCap - ok
13:00:24.0950 0x1124 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
13:00:25.0005 0x1124 NdisTapi - ok
13:00:25.0067 0x1124 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
13:00:25.0125 0x1124 Ndisuio - ok
13:00:25.0182 0x1124 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
13:00:25.0243 0x1124 NdisWan - ok
13:00:25.0292 0x1124 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
13:00:25.0355 0x1124 NDProxy - ok
13:00:25.0410 0x1124 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
13:00:25.0478 0x1124 NetBIOS - ok
13:00:25.0527 0x1124 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
13:00:25.0598 0x1124 NetBT - ok
13:00:25.0627 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
13:00:25.0640 0x1124 Netlogon - ok
13:00:25.0714 0x1124 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
13:00:25.0789 0x1124 Netman - ok
13:00:25.0862 0x1124 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:25.0892 0x1124 NetMsmqActivator - ok
13:00:25.0940 0x1124 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:25.0955 0x1124 NetPipeActivator - ok
13:00:26.0014 0x1124 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
13:00:26.0094 0x1124 netprofm - ok
13:00:26.0140 0x1124 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:26.0157 0x1124 NetTcpActivator - ok
13:00:26.0164 0x1124 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
13:00:26.0181 0x1124 NetTcpPortSharing - ok
13:00:26.0235 0x1124 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
13:00:26.0247 0x1124 nfrd960 - ok
13:00:26.0303 0x1124 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
13:00:26.0347 0x1124 NlaSvc - ok
13:00:26.0383 0x1124 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
13:00:26.0423 0x1124 Npfs - ok
13:00:26.0469 0x1124 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
13:00:26.0536 0x1124 nsi - ok
13:00:26.0595 0x1124 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
13:00:26.0667 0x1124 nsiproxy - ok
13:00:26.0900 0x1124 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
13:00:26.0986 0x1124 Ntfs - ok
13:00:27.0017 0x1124 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
13:00:27.0080 0x1124 Null - ok
13:00:27.0156 0x1124 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
13:00:27.0171 0x1124 nvraid - ok
13:00:27.0192 0x1124 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
13:00:27.0207 0x1124 nvstor - ok
13:00:27.0227 0x1124 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
13:00:27.0241 0x1124 nv_agp - ok
13:00:27.0369 0x1124 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
13:00:27.0392 0x1124 odserv - ok
13:00:27.0432 0x1124 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
13:00:27.0474 0x1124 ohci1394 - ok
13:00:27.0535 0x1124 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
13:00:27.0551 0x1124 ose - ok
13:00:27.0600 0x1124 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
13:00:27.0639 0x1124 p2pimsvc - ok
13:00:27.0679 0x1124 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
13:00:27.0709 0x1124 p2psvc - ok
13:00:27.0755 0x1124 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
13:00:27.0770 0x1124 Parport - ok
13:00:27.0809 0x1124 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
13:00:27.0822 0x1124 partmgr - ok
13:00:27.0873 0x1124 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
13:00:27.0926 0x1124 PcaSvc - ok
13:00:27.0964 0x1124 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
13:00:27.0980 0x1124 pci - ok
13:00:28.0015 0x1124 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
13:00:28.0026 0x1124 pciide - ok
13:00:28.0064 0x1124 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
13:00:28.0082 0x1124 pcmcia - ok
13:00:28.0094 0x1124 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
13:00:28.0105 0x1124 pcw - ok
13:00:28.0138 0x1124 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
13:00:28.0220 0x1124 PEAUTH - ok
13:00:28.0340 0x1124 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
13:00:28.0379 0x1124 PerfHost - ok
13:00:28.0506 0x1124 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
13:00:28.0618 0x1124 pla - ok
13:00:28.0691 0x1124 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
13:00:28.0737 0x1124 PlugPlay - ok
13:00:28.0758 0x1124 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
13:00:28.0792 0x1124 PNRPAutoReg - ok
13:00:28.0826 0x1124 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
13:00:28.0849 0x1124 PNRPsvc - ok
13:00:28.0906 0x1124 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
13:00:28.0980 0x1124 PolicyAgent - ok
13:00:29.0021 0x1124 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
13:00:29.0087 0x1124 Power - ok
13:00:29.0149 0x1124 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
13:00:29.0208 0x1124 PptpMiniport - ok
13:00:29.0282 0x1124 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
13:00:29.0326 0x1124 Processor - ok
13:00:29.0383 0x1124 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
13:00:29.0419 0x1124 ProfSvc - ok
13:00:29.0443 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
13:00:29.0455 0x1124 ProtectedStorage - ok
13:00:29.0504 0x1124 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
13:00:29.0563 0x1124 Psched - ok
13:00:29.0681 0x1124 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
13:00:29.0759 0x1124 ql2300 - ok
13:00:29.0800 0x1124 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
13:00:29.0814 0x1124 ql40xx - ok
13:00:29.0865 0x1124 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
13:00:29.0914 0x1124 QWAVE - ok
13:00:29.0935 0x1124 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
13:00:29.0973 0x1124 QWAVEdrv - ok
13:00:30.0001 0x1124 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
13:00:30.0062 0x1124 RasAcd - ok
13:00:30.0138 0x1124 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
13:00:30.0178 0x1124 RasAgileVpn - ok
13:00:30.0243 0x1124 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
13:00:30.0309 0x1124 RasAuto - ok
13:00:30.0370 0x1124 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
13:00:30.0434 0x1124 Rasl2tp - ok
13:00:30.0489 0x1124 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
13:00:30.0561 0x1124 RasMan - ok
13:00:30.0622 0x1124 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
13:00:30.0684 0x1124 RasPppoe - ok
13:00:30.0715 0x1124 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
13:00:30.0776 0x1124 RasSstp - ok
13:00:30.0837 0x1124 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
13:00:30.0903 0x1124 rdbss - ok
13:00:30.0952 0x1124 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
13:00:31.0001 0x1124 rdpbus - ok
13:00:31.0029 0x1124 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
13:00:31.0098 0x1124 RDPCDD - ok
13:00:31.0160 0x1124 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
13:00:31.0226 0x1124 RDPENCDD - ok
13:00:31.0254 0x1124 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
13:00:31.0293 0x1124 RDPREFMP - ok
13:00:31.0332 0x1124 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
13:00:31.0377 0x1124 RDPWD - ok
13:00:31.0421 0x1124 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
13:00:31.0438 0x1124 rdyboost - ok
13:00:31.0479 0x1124 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
13:00:31.0544 0x1124 RemoteAccess - ok
13:00:31.0600 0x1124 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
13:00:31.0660 0x1124 RemoteRegistry - ok
13:00:31.0701 0x1124 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
13:00:31.0768 0x1124 RpcEptMapper - ok
13:00:31.0807 0x1124 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
13:00:31.0839 0x1124 RpcLocator - ok
13:00:31.0888 0x1124 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
13:00:31.0943 0x1124 RpcSs - ok
13:00:31.0998 0x1124 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
13:00:32.0065 0x1124 rspndr - ok
13:00:32.0145 0x1124 [ 7421A35C45484B95E83B5E9E107CEFC2, 128BB6A7552B9D57284056FB8946A6FE3C620F7B706F709F896828304A6FCD77 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
13:00:32.0158 0x1124 RTHDMIAzAudService - ok
13:00:32.0179 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
13:00:32.0193 0x1124 SamSs - ok
13:00:32.0245 0x1124 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
13:00:32.0260 0x1124 sbp2port - ok
13:00:32.0295 0x1124 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
13:00:32.0361 0x1124 SCardSvr - ok
13:00:32.0438 0x1124 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
13:00:32.0500 0x1124 scfilter - ok
13:00:32.0611 0x1124 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
13:00:32.0715 0x1124 Schedule - ok
13:00:32.0763 0x1124 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
13:00:32.0802 0x1124 SCPolicySvc - ok
13:00:32.0859 0x1124 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
13:00:32.0877 0x1124 SDRSVC - ok
13:00:32.0924 0x1124 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
13:00:32.0987 0x1124 secdrv - ok
13:00:33.0037 0x1124 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
13:00:33.0108 0x1124 seclogon - ok
13:00:33.0188 0x1124 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
13:00:33.0255 0x1124 SENS - ok
13:00:33.0313 0x1124 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
13:00:33.0353 0x1124 SensrSvc - ok
13:00:33.0378 0x1124 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
13:00:33.0412 0x1124 Serenum - ok
13:00:33.0478 0x1124 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
13:00:33.0493 0x1124 Serial - ok
13:00:33.0556 0x1124 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
13:00:33.0591 0x1124 sermouse - ok
13:00:33.0637 0x1124 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
13:00:33.0702 0x1124 SessionEnv - ok
13:00:33.0765 0x1124 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
13:00:33.0817 0x1124 sffdisk - ok
13:00:33.0843 0x1124 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
13:00:33.0896 0x1124 sffp_mmc - ok
13:00:33.0928 0x1124 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
13:00:33.0981 0x1124 sffp_sd - ok
13:00:34.0025 0x1124 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
13:00:34.0066 0x1124 sfloppy - ok
13:00:34.0113 0x1124 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
13:00:34.0191 0x1124 SharedAccess - ok
13:00:34.0277 0x1124 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
13:00:34.0352 0x1124 ShellHWDetection - ok
13:00:34.0406 0x1124 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
13:00:34.0418 0x1124 SiSRaid2 - ok
13:00:34.0430 0x1124 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
13:00:34.0445 0x1124 SiSRaid4 - ok
13:00:34.0521 0x1124 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
13:00:34.0538 0x1124 SkypeUpdate - ok
13:00:34.0592 0x1124 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
13:00:34.0658 0x1124 Smb - ok
13:00:34.0719 0x1124 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
13:00:34.0752 0x1124 SNMPTRAP - ok
13:00:34.0784 0x1124 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
13:00:34.0795 0x1124 spldr - ok
13:00:34.0859 0x1124 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
13:00:34.0920 0x1124 Spooler - ok
13:00:35.0075 0x1124 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
13:00:35.0324 0x1124 sppsvc - ok
13:00:35.0407 0x1124 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
13:00:35.0472 0x1124 sppuinotify - ok
13:00:35.0524 0x1124 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
13:00:35.0597 0x1124 srv - ok
13:00:35.0623 0x1124 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
13:00:35.0659 0x1124 srv2 - ok
13:00:35.0707 0x1124 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
13:00:35.0747 0x1124 srvnet - ok
13:00:35.0782 0x1124 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
13:00:35.0851 0x1124 SSDPSRV - ok
13:00:35.0890 0x1124 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
13:00:35.0933 0x1124 SstpSvc - ok
13:00:36.0012 0x1124 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
13:00:36.0028 0x1124 ssudmdm - ok
13:00:36.0066 0x1124 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
13:00:36.0078 0x1124 stexstor - ok
13:00:36.0140 0x1124 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
13:00:36.0180 0x1124 stisvc - ok
13:00:36.0240 0x1124 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
13:00:36.0250 0x1124 swenum - ok
13:00:36.0325 0x1124 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
13:00:36.0407 0x1124 swprv - ok
13:00:36.0627 0x1124 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
13:00:36.0761 0x1124 SysMain - ok
13:00:36.0801 0x1124 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
13:00:36.0824 0x1124 TabletInputService - ok
13:00:36.0851 0x1124 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
13:00:36.0924 0x1124 TapiSrv - ok
13:00:36.0984 0x1124 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
13:00:37.0027 0x1124 TBS - ok
13:00:37.0205 0x1124 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
13:00:37.0301 0x1124 Tcpip - ok
13:00:37.0418 0x1124 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
13:00:37.0485 0x1124 TCPIP6 - ok
13:00:37.0539 0x1124 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
13:00:37.0579 0x1124 tcpipreg - ok
13:00:37.0639 0x1124 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
13:00:37.0681 0x1124 TDPIPE - ok
13:00:37.0803 0x1124 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
13:00:37.0846 0x1124 TDTCP - ok
13:00:37.0899 0x1124 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
13:00:37.0956 0x1124 tdx - ok
13:00:38.0394 0x1124 [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
13:00:38.0534 0x1124 TeamViewer9 - ok
13:00:38.0595 0x1124 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
13:00:38.0607 0x1124 TermDD - ok
13:00:38.0697 0x1124 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
13:00:38.0777 0x1124 TermService - ok
13:00:38.0828 0x1124 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
13:00:38.0883 0x1124 Themes - ok
13:00:38.0933 0x1124 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
13:00:38.0974 0x1124 THREADORDER - ok
13:00:39.0017 0x1124 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
13:00:39.0083 0x1124 TrkWks - ok
13:00:39.0182 0x1124 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
13:00:39.0248 0x1124 TrustedInstaller - ok
13:00:39.0297 0x1124 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
13:00:39.0333 0x1124 tssecsrv - ok
13:00:39.0412 0x1124 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
13:00:39.0444 0x1124 TsUsbFlt - ok
13:00:39.0506 0x1124 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
13:00:39.0574 0x1124 tunnel - ok
13:00:39.0605 0x1124 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
13:00:39.0617 0x1124 uagp35 - ok
13:00:39.0675 0x1124 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
13:00:39.0758 0x1124 udfs - ok
13:00:39.0813 0x1124 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
13:00:39.0828 0x1124 UI0Detect - ok
13:00:39.0863 0x1124 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
13:00:39.0876 0x1124 uliagpkx - ok
13:00:39.0935 0x1124 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
13:00:39.0971 0x1124 umbus - ok
13:00:40.0027 0x1124 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
13:00:40.0066 0x1124 UmPass - ok
13:00:40.0151 0x1124 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
13:00:40.0240 0x1124 upnphost - ok
13:00:40.0296 0x1124 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
13:00:40.0334 0x1124 usbccgp - ok
13:00:40.0388 0x1124 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
13:00:40.0428 0x1124 usbcir - ok
13:00:40.0495 0x1124 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
13:00:40.0533 0x1124 usbehci - ok
13:00:40.0578 0x1124 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
13:00:40.0620 0x1124 usbhub - ok
13:00:40.0670 0x1124 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
13:00:40.0715 0x1124 usbohci - ok
13:00:40.0787 0x1124 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
13:00:40.0833 0x1124 usbprint - ok
13:00:40.0882 0x1124 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:00:40.0929 0x1124 USBSTOR - ok
13:00:40.0981 0x1124 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
13:00:40.0994 0x1124 usbuhci - ok
13:00:41.0048 0x1124 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
13:00:41.0101 0x1124 usbvideo - ok
13:00:41.0145 0x1124 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
13:00:41.0217 0x1124 UxSms - ok
13:00:41.0231 0x1124 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
13:00:41.0243 0x1124 VaultSvc - ok
13:00:41.0293 0x1124 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
13:00:41.0305 0x1124 vdrvroot - ok
13:00:41.0396 0x1124 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
13:00:41.0476 0x1124 vds - ok
13:00:41.0544 0x1124 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
13:00:41.0561 0x1124 vga - ok
13:00:41.0579 0x1124 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
13:00:41.0640 0x1124 VgaSave - ok
13:00:41.0687 0x1124 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
13:00:41.0704 0x1124 vhdmp - ok
13:00:41.0749 0x1124 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
13:00:41.0761 0x1124 viaide - ok
13:00:41.0797 0x1124 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
13:00:41.0809 0x1124 volmgr - ok
13:00:41.0854 0x1124 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
13:00:41.0876 0x1124 volmgrx - ok
13:00:41.0928 0x1124 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
13:00:41.0947 0x1124 volsnap - ok
13:00:42.0020 0x1124 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
13:00:42.0036 0x1124 vsmraid - ok
13:00:42.0181 0x1124 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
13:00:42.0316 0x1124 VSS - ok
13:00:42.0344 0x1124 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
13:00:42.0376 0x1124 vwifibus - ok
13:00:42.0414 0x1124 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
13:00:42.0433 0x1124 vwififlt - ok
13:00:42.0493 0x1124 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
13:00:42.0574 0x1124 W32Time - ok
13:00:42.0618 0x1124 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
13:00:42.0632 0x1124 WacomPen - ok
13:00:42.0694 0x1124 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
13:00:42.0758 0x1124 WANARP - ok
13:00:42.0764 0x1124 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
13:00:42.0803 0x1124 Wanarpv6 - ok
13:00:42.0893 0x1124 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
13:00:43.0001 0x1124 wbengine - ok
13:00:43.0049 0x1124 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
13:00:43.0074 0x1124 WbioSrvc - ok
13:00:43.0129 0x1124 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
13:00:43.0178 0x1124 wcncsvc - ok
13:00:43.0225 0x1124 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
13:00:43.0239 0x1124 WcsPlugInService - ok
13:00:43.0272 0x1124 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
13:00:43.0283 0x1124 Wd - ok
13:00:43.0355 0x1124 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
13:00:43.0391 0x1124 Wdf01000 - ok
13:00:43.0433 0x1124 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
13:00:43.0474 0x1124 WdiServiceHost - ok
13:00:43.0480 0x1124 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
13:00:43.0501 0x1124 WdiSystemHost - ok
13:00:43.0552 0x1124 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
13:00:43.0574 0x1124 WebClient - ok
13:00:43.0632 0x1124 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
13:00:43.0701 0x1124 Wecsvc - ok
13:00:43.0777 0x1124 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
13:00:43.0815 0x1124 wercplsupport - ok
13:00:43.0866 0x1124 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
13:00:43.0930 0x1124 WerSvc - ok
13:00:43.0990 0x1124 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
13:00:44.0028 0x1124 WfpLwf - ok
13:00:44.0049 0x1124 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
13:00:44.0060 0x1124 WIMMount - ok
13:00:44.0080 0x1124 WinDefend - ok
13:00:44.0112 0x1124 WinHttpAutoProxySvc - ok
13:00:44.0190 0x1124 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
13:00:44.0254 0x1124 Winmgmt - ok
13:00:44.0495 0x1124 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
13:00:44.0661 0x1124 WinRM - ok
13:00:44.0734 0x1124 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
13:00:44.0776 0x1124 WinUsb - ok
13:00:44.0870 0x1124 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
13:00:44.0936 0x1124 Wlansvc - ok
13:00:44.0999 0x1124 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
13:00:45.0029 0x1124 WmiAcpi - ok
13:00:45.0070 0x1124 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
13:00:45.0115 0x1124 wmiApSrv - ok
13:00:45.0160 0x1124 WMPNetworkSvc - ok
13:00:45.0218 0x1124 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
13:00:45.0231 0x1124 WPCSvc - ok
13:00:45.0272 0x1124 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
13:00:45.0292 0x1124 WPDBusEnum - ok
13:00:45.0334 0x1124 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
13:00:45.0399 0x1124 ws2ifsl - ok
13:00:45.0481 0x1124 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
13:00:45.0501 0x1124 wscsvc - ok
13:00:45.0505 0x1124 WSearch - ok
13:00:45.0741 0x1124 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
13:00:45.0861 0x1124 wuauserv - ok
13:00:45.0895 0x1124 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
13:00:45.0937 0x1124 WudfPf - ok
13:00:45.0979 0x1124 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
13:00:45.0998 0x1124 WUDFRd - ok
13:00:46.0028 0x1124 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
13:00:46.0045 0x1124 wudfsvc - ok
13:00:46.0084 0x1124 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
13:00:46.0122 0x1124 WwanSvc - ok
13:00:46.0148 0x1124 ================ Scan global ===============================
13:00:46.0193 0x1124 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
13:00:46.0238 0x1124 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:46.0252 0x1124 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
13:00:46.0311 0x1124 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
13:00:46.0340 0x1124 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
13:00:46.0348 0x1124 [ Global ] - ok
13:00:46.0348 0x1124 ================ Scan MBR ==================================
13:00:46.0361 0x1124 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
13:00:46.0520 0x1124 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
13:00:46.0520 0x1124 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
13:00:49.0533 0x1124 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
13:00:49.0533 0x1124 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
13:00:52.0209 0x1124 ================ Scan VBR ==================================
13:00:52.0278 0x1124 [ F64FB5A89ED8EDB72EEAFD013BAD0521 ] \Device\Harddisk0\DR0\Partition1
13:00:52.0288 0x1124 \Device\Harddisk0\DR0\Partition1 - ok
13:00:52.0387 0x1124 [ BA1BD3C677E329B612F65C15EA19096F ] \Device\Harddisk0\DR0\Partition2
13:00:52.0389 0x1124 \Device\Harddisk0\DR0\Partition2 - ok
13:00:52.0389 0x1124 ================ Scan generic autorun ======================
13:00:52.0440 0x1124 [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
13:00:52.0480 0x1124 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
13:00:55.0181 0x1124 Detect skipped due to KSN trusted
13:00:55.0181 0x1124 AmIcoSinglun64 - ok
13:00:56.0023 0x1124 [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
13:00:56.0303 0x1124 RtHDVCpl - ok
13:00:56.0519 0x1124 [ AAC9F71B93EB717458836E17120BA7B6, 1863F76E1246D00240008B9C10AAC06C951380F250495CF1C34A076FA2968577 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
13:00:56.0552 0x1124 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
13:00:59.0222 0x1124 Detect skipped due to KSN trusted
13:00:59.0222 0x1124 StartCCC - ok
13:00:59.0617 0x1124 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
13:00:59.0677 0x1124 Adobe ARM - ok
13:00:59.0953 0x1124 [ 9234099256CEBEE38E74375FEB03D498, C3B9DAF1605470575C605635E83F31EEDE154E3D1CD72964D696EA13DF85F011 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
13:00:59.0968 0x1124 KiesTrayAgent - ok
13:01:00.0162 0x1124 [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
13:01:00.0171 0x1124 APSDaemon - ok
13:01:00.0329 0x1124 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
13:01:00.0340 0x1124 iTunesHelper - ok
13:01:00.0449 0x1124 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
13:01:00.0459 0x1124 GrooveMonitor - ok
13:01:00.0617 0x1124 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
13:01:00.0632 0x1124 SunJavaUpdateSched - ok
13:01:00.0917 0x1124 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
13:01:00.0941 0x1124 avgnt - ok
13:01:01.0051 0x1124 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
13:01:01.0062 0x1124 Avira Systray - ok
13:01:01.0266 0x1124 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:01:01.0364 0x1124 Sidebar - ok
13:01:01.0404 0x1124 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:01:01.0424 0x1124 mctadmin - ok
13:01:01.0486 0x1124 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
13:01:01.0535 0x1124 Sidebar - ok
13:01:01.0559 0x1124 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
13:01:01.0579 0x1124 mctadmin - ok
13:01:01.0775 0x1124 [ 5FA98DFF08AB3453435A44699F278288, E26D6707375321421DAF90F59FAF8D4F1F54C487395E91524A19492CA736AE0D ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
13:01:01.0832 0x1124 KiesPreload - ok
13:01:01.0884 0x1124 [ 96D96280F43E93E3FFC07CBC8826F891, FD632BE46A530EF1FD4076072A2FC8A1512D937217402059A997A17DD637B0E4 ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
13:01:01.0906 0x1124 KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
13:01:04.0592 0x1124 Detect skipped due to KSN trusted
13:01:04.0592 0x1124 KiesAirMessage - ok
13:01:04.0877 0x1124 [ A7BE74971FFD1D6F791361C292A82588, A49B643365FF743A2945381855C4FC5234F7A4649BE0E3DC8C28F3893CA3ADFA ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
13:01:04.0904 0x1124 KiesPDLR - ok
13:01:04.0906 0x1124 Waiting for KSN requests completion. In queue: 14
13:01:05.0907 0x1124 Waiting for KSN requests completion. In queue: 14
13:01:06.0907 0x1124 Waiting for KSN requests completion. In queue: 14
13:01:07.0948 0x1124 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
13:01:07.0955 0x1124 Win FW state via NFP2: enabled
13:01:10.0637 0x1124 ============================================================
13:01:10.0637 0x1124 Scan finished
13:01:10.0637 0x1124 ============================================================
13:01:10.0647 0x1118 Detected object count: 2
13:01:10.0647 0x1118 Actual detected object count: 2
13:04:21.0991 0x1118 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
13:04:21.0992 0x1118 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
13:04:21.0999 0x1118 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
13:04:21.0999 0x1118 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
|
|
03.09.2014, 13:04
| #4 | |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im MasterbootsektorZitat:
TDSS-Killer nach dem Neustart nochmal zur Kontrolle ausführen und Logdatei posten. |
|
03.09.2014, 13:57
| #5 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi, ist gemacht. Allerdings bekommt er 1 Fehler nicht weg:  Hier das Log: Code:
ATTFilter 14:52:32.0017 0x032c TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
14:52:32.0266 0x032c ============================================================
14:52:32.0266 0x032c Current date / time: 2014/09/03 14:52:32.0266
14:52:32.0266 0x032c SystemInfo:
14:52:32.0266 0x032c
14:52:32.0266 0x032c OS Version: 6.1.7601 ServicePack: 1.0
14:52:32.0266 0x032c Product type: Workstation
14:52:32.0266 0x032c ComputerName: HOME-PC
14:52:32.0266 0x032c UserName: Home
14:52:32.0266 0x032c Windows directory: C:\Windows
14:52:32.0266 0x032c System windows directory: C:\Windows
14:52:32.0266 0x032c Running under WOW64
14:52:32.0266 0x032c Processor architecture: Intel x64
14:52:32.0266 0x032c Number of processors: 4
14:52:32.0266 0x032c Page size: 0x1000
14:52:32.0266 0x032c Boot type: Normal boot
14:52:32.0266 0x032c ============================================================
14:52:32.0266 0x032c BG loaded
14:52:32.0703 0x032c System UUID: {F9D2681A-06B1-12F9-B6DF-84DD56D67E09}
14:52:33.0670 0x032c Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:52:33.0670 0x032c ============================================================
14:52:33.0670 0x032c \Device\Harddisk0\DR0:
14:52:33.0670 0x032c MBR partitions:
14:52:33.0670 0x032c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
14:52:33.0670 0x032c \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
14:52:33.0670 0x032c ============================================================
14:52:33.0701 0x032c C: <-> \Device\Harddisk0\DR0\Partition2
14:52:33.0733 0x032c D: <-> \Device\Harddisk0\DR0\Partition1
14:52:33.0733 0x032c ============================================================
14:52:33.0733 0x032c Initialize success
14:52:33.0733 0x032c ============================================================
14:52:48.0567 0x0e44 ============================================================
14:52:48.0567 0x0e44 Scan started
14:52:48.0567 0x0e44 Mode: Manual; SigCheck; TDLFS;
14:52:48.0567 0x0e44 ============================================================
14:52:48.0567 0x0e44 KSN ping started
14:53:03.0387 0x0e44 KSN ping finished: true
14:53:10.0033 0x0e44 ================ Scan system memory ========================
14:53:10.0033 0x0e44 System memory - ok
14:53:10.0033 0x0e44 ================ Scan services =============================
14:53:10.0314 0x0e44 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
14:53:10.0548 0x0e44 1394ohci - ok
14:53:10.0719 0x0e44 [ 795EC29BA21F1D948FD6FD740C00B599, 780900717A812C5DB78C67057010BD62DF2C756C087599A6F8C67CB4EFA7518C ] 77728856 C:\Windows\system32\DRIVERS\77728856.sys
14:53:10.0750 0x0e44 77728856 - ok
14:53:10.0953 0x0e44 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:53:11.0000 0x0e44 ACPI - ok
14:53:11.0078 0x0e44 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:53:11.0343 0x0e44 AcpiPmi - ok
14:53:11.0671 0x0e44 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
14:53:11.0686 0x0e44 AdobeARMservice - ok
14:53:11.0998 0x0e44 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
14:53:12.0030 0x0e44 AdobeFlashPlayerUpdateSvc - ok
14:53:12.0186 0x0e44 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
14:53:12.0217 0x0e44 adp94xx - ok
14:53:12.0264 0x0e44 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
14:53:12.0295 0x0e44 adpahci - ok
14:53:12.0388 0x0e44 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
14:53:12.0420 0x0e44 adpu320 - ok
14:53:12.0529 0x0e44 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:53:13.0106 0x0e44 AeLookupSvc - ok
14:53:13.0215 0x0e44 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
14:53:13.0527 0x0e44 AFD - ok
14:53:13.0683 0x0e44 [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
14:53:13.0761 0x0e44 AgereModemAudio - ok
14:53:13.0870 0x0e44 [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
14:53:14.0011 0x0e44 AgereSoftModem - ok
14:53:14.0151 0x0e44 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
14:53:14.0167 0x0e44 agp440 - ok
14:53:14.0276 0x0e44 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
14:53:14.0526 0x0e44 ALG - ok
14:53:14.0635 0x0e44 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
14:53:14.0650 0x0e44 aliide - ok
14:53:14.0728 0x0e44 [ 9C48E5389917E41D238C6D1D66AD98E4, 787C76FE698E279E833A55DDB49CEDD20610DB5874E4A030A70065996A9478E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
14:53:14.0822 0x0e44 AMD External Events Utility - ok
14:53:14.0916 0x0e44 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
14:53:14.0931 0x0e44 amdide - ok
14:53:14.0994 0x0e44 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
14:53:15.0056 0x0e44 AmdK8 - ok
14:53:15.0150 0x0e44 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
14:53:15.0259 0x0e44 AmdPPM - ok
14:53:15.0321 0x0e44 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:53:15.0352 0x0e44 amdsata - ok
14:53:15.0399 0x0e44 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
14:53:15.0430 0x0e44 amdsbs - ok
14:53:15.0477 0x0e44 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:53:15.0493 0x0e44 amdxata - ok
14:53:15.0540 0x0e44 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
14:53:15.0618 0x0e44 AmUStor - ok
14:53:15.0898 0x0e44 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:53:15.0930 0x0e44 AntiVirSchedulerService - ok
14:53:16.0008 0x0e44 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:53:16.0023 0x0e44 AntiVirService - ok
14:53:16.0179 0x0e44 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
14:53:17.0240 0x0e44 AppID - ok
14:53:17.0302 0x0e44 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:53:17.0365 0x0e44 AppIDSvc - ok
14:53:17.0521 0x0e44 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
14:53:17.0614 0x0e44 Appinfo - ok
14:53:17.0817 0x0e44 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
14:53:17.0833 0x0e44 Apple Mobile Device - ok
14:53:17.0895 0x0e44 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
14:53:17.0926 0x0e44 arc - ok
14:53:17.0942 0x0e44 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
14:53:17.0973 0x0e44 arcsas - ok
14:53:18.0394 0x0e44 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:53:18.0550 0x0e44 aspnet_state - ok
14:53:18.0613 0x0e44 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:53:18.0722 0x0e44 AsyncMac - ok
14:53:18.0769 0x0e44 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
14:53:18.0769 0x0e44 atapi - ok
14:53:19.0065 0x0e44 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
14:53:19.0206 0x0e44 athr - ok
14:53:20.0469 0x0e44 [ D229CC2EBCF287ADAFECE59AB1E3D3BC, E7826F95D0A665AD537089FDFCE90CD7E434CBCE166167A4D82974DA4B7D46AE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
14:53:20.0688 0x0e44 atikmdag - ok
14:53:20.0859 0x0e44 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:53:21.0000 0x0e44 AudioEndpointBuilder - ok
14:53:21.0109 0x0e44 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
14:53:21.0171 0x0e44 AudioSrv - ok
14:53:21.0249 0x0e44 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
14:53:21.0280 0x0e44 avgntflt - ok
14:53:21.0327 0x0e44 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
14:53:21.0343 0x0e44 avipbb - ok
14:53:21.0624 0x0e44 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
14:53:21.0639 0x0e44 Avira.OE.ServiceHost - ok
14:53:21.0670 0x0e44 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
14:53:21.0686 0x0e44 avkmgr - ok
14:53:21.0795 0x0e44 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:53:21.0904 0x0e44 AxInstSV - ok
14:53:22.0060 0x0e44 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
14:53:22.0170 0x0e44 b06bdrv - ok
14:53:22.0279 0x0e44 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
14:53:22.0326 0x0e44 b57nd60a - ok
14:53:22.0404 0x0e44 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
14:53:22.0482 0x0e44 BDESVC - ok
14:53:22.0591 0x0e44 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
14:53:22.0669 0x0e44 Beep - ok
14:53:22.0887 0x0e44 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
14:53:22.0950 0x0e44 BFE - ok
14:53:23.0152 0x0e44 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
14:53:23.0215 0x0e44 BITS - ok
14:53:23.0293 0x0e44 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:53:23.0340 0x0e44 blbdrive - ok
14:53:23.0496 0x0e44 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
14:53:23.0511 0x0e44 Bonjour Service - ok
14:53:23.0589 0x0e44 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:53:23.0667 0x0e44 bowser - ok
14:53:23.0745 0x0e44 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:53:23.0792 0x0e44 BrFiltLo - ok
14:53:23.0854 0x0e44 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:53:23.0870 0x0e44 BrFiltUp - ok
14:53:23.0948 0x0e44 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
14:53:24.0026 0x0e44 Browser - ok
14:53:24.0104 0x0e44 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:53:24.0244 0x0e44 Brserid - ok
14:53:24.0291 0x0e44 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:53:24.0354 0x0e44 BrSerWdm - ok
14:53:24.0416 0x0e44 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:53:24.0447 0x0e44 BrUsbMdm - ok
14:53:24.0541 0x0e44 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:53:24.0588 0x0e44 BrUsbSer - ok
14:53:24.0650 0x0e44 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
14:53:24.0697 0x0e44 BTHMODEM - ok
14:53:24.0744 0x0e44 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
14:53:24.0806 0x0e44 bthserv - ok
14:53:24.0884 0x0e44 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:53:24.0946 0x0e44 cdfs - ok
14:53:25.0118 0x0e44 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:53:25.0134 0x0e44 cdrom - ok
14:53:25.0212 0x0e44 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
14:53:25.0274 0x0e44 CertPropSvc - ok
14:53:25.0633 0x0e44 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
14:53:25.0664 0x0e44 circlass - ok
14:53:25.0726 0x0e44 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
14:53:25.0758 0x0e44 CLFS - ok
14:53:25.0914 0x0e44 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:53:25.0976 0x0e44 clr_optimization_v2.0.50727_32 - ok
14:53:26.0054 0x0e44 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:53:26.0085 0x0e44 clr_optimization_v2.0.50727_64 - ok
14:53:26.0210 0x0e44 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:53:26.0491 0x0e44 clr_optimization_v4.0.30319_32 - ok
14:53:26.0569 0x0e44 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:53:26.0803 0x0e44 clr_optimization_v4.0.30319_64 - ok
14:53:26.0881 0x0e44 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:53:26.0928 0x0e44 CmBatt - ok
14:53:26.0974 0x0e44 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:53:26.0990 0x0e44 cmdide - ok
14:53:27.0115 0x0e44 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
14:53:27.0162 0x0e44 CNG - ok
14:53:27.0255 0x0e44 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:53:27.0271 0x0e44 Compbatt - ok
14:53:27.0333 0x0e44 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
14:53:27.0411 0x0e44 CompositeBus - ok
14:53:27.0442 0x0e44 COMSysApp - ok
14:53:27.0474 0x0e44 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
14:53:27.0505 0x0e44 crcdisk - ok
14:53:27.0661 0x0e44 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:53:27.0723 0x0e44 CryptSvc - ok
14:53:27.0895 0x0e44 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
14:53:27.0957 0x0e44 DcomLaunch - ok
14:53:28.0066 0x0e44 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
14:53:28.0160 0x0e44 defragsvc - ok
14:53:28.0254 0x0e44 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:53:28.0347 0x0e44 DfsC - ok
14:53:28.0441 0x0e44 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
14:53:28.0472 0x0e44 dg_ssudbus - ok
14:53:28.0534 0x0e44 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:53:28.0597 0x0e44 Dhcp - ok
14:53:28.0644 0x0e44 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
14:53:28.0753 0x0e44 discache - ok
14:53:28.0800 0x0e44 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
14:53:28.0815 0x0e44 Disk - ok
14:53:28.0878 0x0e44 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:53:28.0971 0x0e44 Dnscache - ok
14:53:29.0034 0x0e44 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
14:53:29.0127 0x0e44 dot3svc - ok
14:53:29.0190 0x0e44 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
14:53:29.0252 0x0e44 DPS - ok
14:53:29.0314 0x0e44 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:53:29.0392 0x0e44 drmkaud - ok
14:53:29.0533 0x0e44 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:53:29.0580 0x0e44 DXGKrnl - ok
14:53:29.0642 0x0e44 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
14:53:29.0736 0x0e44 EapHost - ok
14:53:29.0970 0x0e44 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
14:53:30.0235 0x0e44 ebdrv - ok
14:53:30.0282 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
14:53:30.0375 0x0e44 EFS - ok
14:53:30.0516 0x0e44 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:53:30.0656 0x0e44 ehRecvr - ok
14:53:30.0718 0x0e44 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
14:53:30.0812 0x0e44 ehSched - ok
14:53:30.0890 0x0e44 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
14:53:30.0937 0x0e44 elxstor - ok
14:53:30.0968 0x0e44 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:53:31.0030 0x0e44 ErrDev - ok
14:53:31.0186 0x0e44 esgiguard - ok
14:53:31.0296 0x0e44 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
14:53:31.0374 0x0e44 EventSystem - ok
14:53:31.0405 0x0e44 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
14:53:31.0545 0x0e44 exfat - ok
14:53:31.0576 0x0e44 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:53:31.0654 0x0e44 fastfat - ok
14:53:31.0826 0x0e44 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
14:53:31.0888 0x0e44 Fax - ok
14:53:31.0920 0x0e44 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
14:53:31.0951 0x0e44 fdc - ok
14:53:32.0060 0x0e44 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
14:53:32.0154 0x0e44 fdPHost - ok
14:53:32.0185 0x0e44 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
14:53:32.0263 0x0e44 FDResPub - ok
14:53:32.0294 0x0e44 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:53:32.0310 0x0e44 FileInfo - ok
14:53:32.0356 0x0e44 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:53:32.0434 0x0e44 Filetrace - ok
14:53:32.0466 0x0e44 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
14:53:32.0512 0x0e44 flpydisk - ok
14:53:32.0622 0x0e44 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:53:32.0637 0x0e44 FltMgr - ok
14:53:32.0809 0x0e44 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
14:53:32.0871 0x0e44 FontCache - ok
14:53:32.0965 0x0e44 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:53:32.0980 0x0e44 FontCache3.0.0.0 - ok
14:53:33.0012 0x0e44 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:53:33.0043 0x0e44 FsDepends - ok
14:53:33.0105 0x0e44 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:53:33.0121 0x0e44 Fs_Rec - ok
14:53:33.0199 0x0e44 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:53:33.0230 0x0e44 fvevol - ok
14:53:33.0292 0x0e44 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
14:53:33.0308 0x0e44 gagp30kx - ok
14:53:33.0402 0x0e44 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
14:53:33.0417 0x0e44 GEARAspiWDM - ok
14:53:33.0558 0x0e44 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
14:53:33.0667 0x0e44 gpsvc - ok
14:53:33.0698 0x0e44 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:53:33.0776 0x0e44 hcw85cir - ok
14:53:33.0870 0x0e44 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:53:33.0932 0x0e44 HdAudAddService - ok
14:53:33.0994 0x0e44 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
14:53:34.0057 0x0e44 HDAudBus - ok
14:53:34.0104 0x0e44 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
14:53:34.0135 0x0e44 HidBatt - ok
14:53:34.0166 0x0e44 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
14:53:34.0228 0x0e44 HidBth - ok
14:53:34.0275 0x0e44 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
14:53:34.0291 0x0e44 HidIr - ok
14:53:34.0353 0x0e44 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
14:53:34.0416 0x0e44 hidserv - ok
14:53:34.0494 0x0e44 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:53:34.0509 0x0e44 HidUsb - ok
14:53:34.0587 0x0e44 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
14:53:34.0696 0x0e44 hkmsvc - ok
14:53:34.0759 0x0e44 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:53:34.0852 0x0e44 HomeGroupListener - ok
14:53:34.0915 0x0e44 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:53:34.0946 0x0e44 HomeGroupProvider - ok
14:53:35.0024 0x0e44 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:53:35.0040 0x0e44 HpSAMD - ok
14:53:35.0180 0x0e44 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:53:35.0289 0x0e44 HTTP - ok
14:53:35.0773 0x0e44 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:53:35.0788 0x0e44 hwpolicy - ok
14:53:35.0820 0x0e44 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
14:53:35.0851 0x0e44 i8042prt - ok
14:53:35.0929 0x0e44 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:53:35.0960 0x0e44 iaStorV - ok
14:53:36.0132 0x0e44 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:53:36.0381 0x0e44 idsvc - ok
14:53:36.0459 0x0e44 IEEtwCollectorService - ok
14:53:36.0522 0x0e44 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
14:53:36.0553 0x0e44 iirsp - ok
14:53:36.0693 0x0e44 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
14:53:36.0771 0x0e44 IKEEXT - ok
14:53:37.0286 0x0e44 [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
14:53:37.0348 0x0e44 IntcAzAudAddService - ok
14:53:37.0426 0x0e44 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
14:53:37.0442 0x0e44 intelide - ok
14:53:37.0536 0x0e44 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:53:37.0567 0x0e44 intelppm - ok
14:53:37.0614 0x0e44 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:53:37.0692 0x0e44 IPBusEnum - ok
14:53:37.0723 0x0e44 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:53:37.0770 0x0e44 IpFilterDriver - ok
14:53:37.0848 0x0e44 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:53:37.0941 0x0e44 iphlpsvc - ok
14:53:37.0988 0x0e44 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:53:38.0019 0x0e44 IPMIDRV - ok
14:53:38.0082 0x0e44 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:53:38.0128 0x0e44 IPNAT - ok
14:53:38.0222 0x0e44 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
14:53:38.0269 0x0e44 iPod Service - ok
14:53:38.0316 0x0e44 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:53:38.0472 0x0e44 IRENUM - ok
14:53:38.0534 0x0e44 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:53:38.0550 0x0e44 isapnp - ok
14:53:38.0643 0x0e44 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:53:38.0674 0x0e44 iScsiPrt - ok
14:53:38.0690 0x0e44 [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
14:53:38.0721 0x0e44 k57nd60a - ok
14:53:38.0799 0x0e44 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
14:53:38.0815 0x0e44 kbdclass - ok
14:53:38.0877 0x0e44 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:53:38.0924 0x0e44 kbdhid - ok
14:53:38.0940 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
14:53:38.0955 0x0e44 KeyIso - ok
14:53:39.0002 0x0e44 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:53:39.0018 0x0e44 KSecDD - ok
14:53:39.0049 0x0e44 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:53:39.0064 0x0e44 KSecPkg - ok
14:53:39.0142 0x0e44 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
14:53:39.0236 0x0e44 ksthunk - ok
14:53:39.0314 0x0e44 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
14:53:39.0392 0x0e44 KtmRm - ok
14:53:39.0454 0x0e44 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
14:53:39.0548 0x0e44 LanmanServer - ok
14:53:39.0595 0x0e44 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:53:39.0688 0x0e44 LanmanWorkstation - ok
14:53:39.0751 0x0e44 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:53:39.0798 0x0e44 lltdio - ok
14:53:39.0844 0x0e44 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:53:39.0891 0x0e44 lltdsvc - ok
14:53:39.0938 0x0e44 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:53:39.0985 0x0e44 lmhosts - ok
14:53:40.0016 0x0e44 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
14:53:40.0032 0x0e44 LSI_FC - ok
14:53:40.0094 0x0e44 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
14:53:40.0110 0x0e44 LSI_SAS - ok
14:53:40.0141 0x0e44 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:53:40.0156 0x0e44 LSI_SAS2 - ok
14:53:40.0203 0x0e44 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:53:40.0219 0x0e44 LSI_SCSI - ok
14:53:40.0234 0x0e44 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
14:53:40.0297 0x0e44 luafv - ok
14:53:40.0375 0x0e44 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:53:40.0406 0x0e44 Mcx2Svc - ok
14:53:40.0453 0x0e44 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
14:53:40.0468 0x0e44 megasas - ok
14:53:40.0500 0x0e44 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
14:53:40.0515 0x0e44 MegaSR - ok
14:53:40.0624 0x0e44 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
14:53:40.0640 0x0e44 Microsoft Office Groove Audit Service - ok
14:53:40.0702 0x0e44 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
14:53:40.0780 0x0e44 MMCSS - ok
14:53:40.0843 0x0e44 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
14:53:40.0921 0x0e44 Modem - ok
14:53:40.0952 0x0e44 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:53:40.0999 0x0e44 monitor - ok
14:53:41.0046 0x0e44 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:53:41.0061 0x0e44 mouclass - ok
14:53:41.0155 0x0e44 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:53:41.0217 0x0e44 mouhid - ok
14:53:41.0264 0x0e44 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:53:41.0280 0x0e44 mountmgr - ok
14:53:41.0342 0x0e44 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
14:53:41.0373 0x0e44 mpio - ok
14:53:41.0514 0x0e44 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:53:41.0560 0x0e44 mpsdrv - ok
14:53:41.0654 0x0e44 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:53:41.0763 0x0e44 MpsSvc - ok
14:53:41.0841 0x0e44 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:53:41.0904 0x0e44 MRxDAV - ok
14:53:41.0935 0x0e44 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:53:41.0997 0x0e44 mrxsmb - ok
14:53:42.0028 0x0e44 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:53:42.0075 0x0e44 mrxsmb10 - ok
14:53:42.0138 0x0e44 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:53:42.0184 0x0e44 mrxsmb20 - ok
14:53:42.0231 0x0e44 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
14:53:42.0247 0x0e44 msahci - ok
14:53:42.0278 0x0e44 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:53:42.0309 0x0e44 msdsm - ok
14:53:42.0340 0x0e44 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
14:53:42.0387 0x0e44 MSDTC - ok
14:53:42.0450 0x0e44 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:53:42.0481 0x0e44 Msfs - ok
14:53:42.0512 0x0e44 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:53:42.0590 0x0e44 mshidkmdf - ok
14:53:42.0637 0x0e44 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:53:42.0652 0x0e44 msisadrv - ok
14:53:42.0699 0x0e44 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:53:42.0777 0x0e44 MSiSCSI - ok
14:53:42.0793 0x0e44 msiserver - ok
14:53:42.0840 0x0e44 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:53:42.0902 0x0e44 MSKSSRV - ok
14:53:42.0918 0x0e44 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:53:42.0996 0x0e44 MSPCLOCK - ok
14:53:43.0058 0x0e44 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:53:43.0120 0x0e44 MSPQM - ok
14:53:43.0167 0x0e44 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:53:43.0198 0x0e44 MsRPC - ok
14:53:43.0261 0x0e44 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
14:53:43.0276 0x0e44 mssmbios - ok
14:53:43.0323 0x0e44 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:53:43.0370 0x0e44 MSTEE - ok
14:53:43.0417 0x0e44 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
14:53:43.0464 0x0e44 MTConfig - ok
14:53:43.0495 0x0e44 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
14:53:43.0526 0x0e44 Mup - ok
14:53:43.0604 0x0e44 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
14:53:43.0666 0x0e44 napagent - ok
14:53:43.0791 0x0e44 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:53:43.0838 0x0e44 NativeWifiP - ok
14:53:43.0947 0x0e44 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
14:53:43.0978 0x0e44 NDIS - ok
14:53:44.0056 0x0e44 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:53:44.0134 0x0e44 NdisCap - ok
14:53:44.0150 0x0e44 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:53:44.0228 0x0e44 NdisTapi - ok
14:53:44.0306 0x0e44 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:53:44.0384 0x0e44 Ndisuio - ok
14:53:44.0431 0x0e44 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:53:44.0493 0x0e44 NdisWan - ok
14:53:44.0540 0x0e44 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:53:44.0602 0x0e44 NDProxy - ok
14:53:44.0649 0x0e44 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:53:44.0727 0x0e44 NetBIOS - ok
14:53:44.0774 0x0e44 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:53:44.0852 0x0e44 NetBT - ok
14:53:44.0868 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
14:53:44.0883 0x0e44 Netlogon - ok
14:53:44.0961 0x0e44 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
14:53:45.0024 0x0e44 Netman - ok
14:53:45.0102 0x0e44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:45.0180 0x0e44 NetMsmqActivator - ok
14:53:45.0211 0x0e44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:45.0226 0x0e44 NetPipeActivator - ok
14:53:45.0289 0x0e44 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
14:53:45.0367 0x0e44 netprofm - ok
14:53:45.0382 0x0e44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:45.0398 0x0e44 NetTcpActivator - ok
14:53:45.0414 0x0e44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:53:45.0429 0x0e44 NetTcpPortSharing - ok
14:53:45.0476 0x0e44 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
14:53:45.0492 0x0e44 nfrd960 - ok
14:53:45.0538 0x0e44 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:53:45.0585 0x0e44 NlaSvc - ok
14:53:45.0632 0x0e44 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:53:45.0679 0x0e44 Npfs - ok
14:53:45.0726 0x0e44 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
14:53:45.0788 0x0e44 nsi - ok
14:53:45.0819 0x0e44 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:53:45.0882 0x0e44 nsiproxy - ok
14:53:45.0975 0x0e44 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:53:46.0053 0x0e44 Ntfs - ok
14:53:46.0084 0x0e44 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
14:53:46.0147 0x0e44 Null - ok
14:53:46.0209 0x0e44 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:53:46.0225 0x0e44 nvraid - ok
14:53:46.0256 0x0e44 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:53:46.0272 0x0e44 nvstor - ok
14:53:46.0334 0x0e44 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:53:46.0350 0x0e44 nv_agp - ok
14:53:46.0474 0x0e44 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
14:53:46.0506 0x0e44 odserv - ok
14:53:46.0537 0x0e44 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:53:46.0584 0x0e44 ohci1394 - ok
14:53:46.0630 0x0e44 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:53:46.0646 0x0e44 ose - ok
14:53:46.0693 0x0e44 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:53:46.0771 0x0e44 p2pimsvc - ok
14:53:46.0833 0x0e44 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
14:53:46.0864 0x0e44 p2psvc - ok
14:53:46.0911 0x0e44 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
14:53:46.0927 0x0e44 Parport - ok
14:53:46.0974 0x0e44 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:53:46.0989 0x0e44 partmgr - ok
14:53:47.0020 0x0e44 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
14:53:47.0083 0x0e44 PcaSvc - ok
14:53:47.0130 0x0e44 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
14:53:47.0145 0x0e44 pci - ok
14:53:47.0176 0x0e44 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
14:53:47.0192 0x0e44 pciide - ok
14:53:47.0223 0x0e44 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:53:47.0254 0x0e44 pcmcia - ok
14:53:47.0286 0x0e44 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
14:53:47.0301 0x0e44 pcw - ok
14:53:47.0332 0x0e44 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:53:47.0426 0x0e44 PEAUTH - ok
14:53:47.0520 0x0e44 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
14:53:47.0551 0x0e44 PerfHost - ok
14:53:47.0644 0x0e44 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
14:53:47.0769 0x0e44 pla - ok
14:53:47.0832 0x0e44 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:53:47.0910 0x0e44 PlugPlay - ok
14:53:47.0925 0x0e44 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:53:47.0972 0x0e44 PNRPAutoReg - ok
14:53:48.0003 0x0e44 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:53:48.0019 0x0e44 PNRPsvc - ok
14:53:48.0081 0x0e44 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:53:48.0159 0x0e44 PolicyAgent - ok
14:53:48.0206 0x0e44 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
14:53:48.0284 0x0e44 Power - ok
14:53:48.0346 0x0e44 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:53:48.0409 0x0e44 PptpMiniport - ok
14:53:48.0440 0x0e44 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
14:53:48.0487 0x0e44 Processor - ok
14:53:48.0565 0x0e44 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
14:53:48.0627 0x0e44 ProfSvc - ok
14:53:48.0643 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:53:48.0658 0x0e44 ProtectedStorage - ok
14:53:48.0705 0x0e44 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:53:48.0768 0x0e44 Psched - ok
14:53:48.0846 0x0e44 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
14:53:48.0908 0x0e44 ql2300 - ok
14:53:48.0955 0x0e44 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
14:53:48.0986 0x0e44 ql40xx - ok
14:53:49.0033 0x0e44 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
14:53:49.0095 0x0e44 QWAVE - ok
14:53:49.0111 0x0e44 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:53:49.0158 0x0e44 QWAVEdrv - ok
14:53:49.0173 0x0e44 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:53:49.0236 0x0e44 RasAcd - ok
14:53:49.0298 0x0e44 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:53:49.0345 0x0e44 RasAgileVpn - ok
14:53:49.0392 0x0e44 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
14:53:49.0470 0x0e44 RasAuto - ok
14:53:49.0532 0x0e44 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:53:49.0594 0x0e44 Rasl2tp - ok
14:53:49.0641 0x0e44 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
14:53:49.0735 0x0e44 RasMan - ok
14:53:49.0782 0x0e44 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:53:49.0860 0x0e44 RasPppoe - ok
14:53:49.0875 0x0e44 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:53:49.0953 0x0e44 RasSstp - ok
14:53:50.0000 0x0e44 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:53:50.0078 0x0e44 rdbss - ok
14:53:50.0125 0x0e44 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
14:53:50.0156 0x0e44 rdpbus - ok
14:53:50.0187 0x0e44 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:53:50.0250 0x0e44 RDPCDD - ok
14:53:50.0312 0x0e44 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:53:50.0374 0x0e44 RDPENCDD - ok
14:53:50.0406 0x0e44 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:53:50.0452 0x0e44 RDPREFMP - ok
14:53:50.0484 0x0e44 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:53:50.0546 0x0e44 RDPWD - ok
14:53:50.0577 0x0e44 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:53:50.0608 0x0e44 rdyboost - ok
14:53:50.0655 0x0e44 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:53:50.0733 0x0e44 RemoteAccess - ok
14:53:50.0780 0x0e44 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:53:50.0858 0x0e44 RemoteRegistry - ok
14:53:50.0920 0x0e44 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:53:50.0983 0x0e44 RpcEptMapper - ok
14:53:51.0014 0x0e44 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
14:53:51.0061 0x0e44 RpcLocator - ok
14:53:51.0108 0x0e44 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
14:53:51.0154 0x0e44 RpcSs - ok
14:53:51.0201 0x0e44 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:53:51.0279 0x0e44 rspndr - ok
14:53:51.0342 0x0e44 [ 7421A35C45484B95E83B5E9E107CEFC2, 128BB6A7552B9D57284056FB8946A6FE3C620F7B706F709F896828304A6FCD77 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
14:53:51.0357 0x0e44 RTHDMIAzAudService - ok
14:53:51.0373 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
14:53:51.0388 0x0e44 SamSs - ok
14:53:51.0420 0x0e44 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:53:51.0435 0x0e44 sbp2port - ok
14:53:51.0482 0x0e44 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:53:51.0560 0x0e44 SCardSvr - ok
14:53:51.0591 0x0e44 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:53:51.0654 0x0e44 scfilter - ok
14:53:51.0716 0x0e44 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
14:53:51.0825 0x0e44 Schedule - ok
14:53:51.0856 0x0e44 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:53:51.0903 0x0e44 SCPolicySvc - ok
14:53:51.0950 0x0e44 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:53:51.0997 0x0e44 SDRSVC - ok
14:53:52.0028 0x0e44 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:53:52.0106 0x0e44 secdrv - ok
14:53:52.0137 0x0e44 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
14:53:52.0200 0x0e44 seclogon - ok
14:53:52.0246 0x0e44 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
14:53:52.0309 0x0e44 SENS - ok
14:53:52.0340 0x0e44 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:53:52.0387 0x0e44 SensrSvc - ok
14:53:52.0418 0x0e44 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
14:53:52.0449 0x0e44 Serenum - ok
14:53:52.0496 0x0e44 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
14:53:52.0527 0x0e44 Serial - ok
14:53:52.0574 0x0e44 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
14:53:52.0621 0x0e44 sermouse - ok
14:53:52.0652 0x0e44 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
14:53:52.0730 0x0e44 SessionEnv - ok
14:53:52.0761 0x0e44 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
14:53:52.0808 0x0e44 sffdisk - ok
14:53:52.0839 0x0e44 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:53:52.0870 0x0e44 sffp_mmc - ok
14:53:52.0917 0x0e44 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
14:53:52.0964 0x0e44 sffp_sd - ok
14:53:53.0011 0x0e44 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
14:53:53.0058 0x0e44 sfloppy - ok
14:53:53.0104 0x0e44 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:53:53.0198 0x0e44 SharedAccess - ok
14:53:53.0260 0x0e44 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:53:53.0323 0x0e44 ShellHWDetection - ok
14:53:53.0370 0x0e44 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:53:53.0385 0x0e44 SiSRaid2 - ok
14:53:53.0401 0x0e44 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
14:53:53.0432 0x0e44 SiSRaid4 - ok
14:53:53.0494 0x0e44 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
14:53:53.0557 0x0e44 SkypeUpdate - ok
14:53:53.0619 0x0e44 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:53:53.0682 0x0e44 Smb - ok
14:53:53.0744 0x0e44 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:53:53.0775 0x0e44 SNMPTRAP - ok
14:53:53.0806 0x0e44 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
14:53:53.0822 0x0e44 spldr - ok
14:53:53.0869 0x0e44 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
14:53:53.0947 0x0e44 Spooler - ok
14:53:54.0134 0x0e44 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
14:53:54.0306 0x0e44 sppsvc - ok
14:53:54.0352 0x0e44 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:53:54.0415 0x0e44 sppuinotify - ok
14:53:54.0477 0x0e44 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:53:54.0555 0x0e44 srv - ok
14:53:54.0586 0x0e44 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:53:54.0633 0x0e44 srv2 - ok
14:53:54.0664 0x0e44 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:53:54.0711 0x0e44 srvnet - ok
14:53:54.0742 0x0e44 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:53:54.0820 0x0e44 SSDPSRV - ok
14:53:54.0852 0x0e44 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:53:54.0898 0x0e44 SstpSvc - ok
14:53:54.0961 0x0e44 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
14:53:54.0976 0x0e44 ssudmdm - ok
14:53:55.0008 0x0e44 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
14:53:55.0023 0x0e44 stexstor - ok
14:53:55.0101 0x0e44 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
14:53:55.0148 0x0e44 stisvc - ok
14:53:55.0179 0x0e44 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
14:53:55.0195 0x0e44 swenum - ok
14:53:55.0242 0x0e44 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
14:53:55.0335 0x0e44 swprv - ok
14:53:55.0429 0x0e44 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
14:53:55.0522 0x0e44 SysMain - ok
14:53:55.0554 0x0e44 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:53:55.0585 0x0e44 TabletInputService - ok
14:53:55.0616 0x0e44 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
14:53:55.0678 0x0e44 TapiSrv - ok
14:53:55.0725 0x0e44 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
14:53:55.0788 0x0e44 TBS - ok
14:53:55.0881 0x0e44 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:53:55.0959 0x0e44 Tcpip - ok
14:53:56.0053 0x0e44 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:53:56.0115 0x0e44 TCPIP6 - ok
14:53:56.0162 0x0e44 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:53:56.0193 0x0e44 tcpipreg - ok
14:53:56.0240 0x0e44 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:53:56.0302 0x0e44 TDPIPE - ok
14:53:56.0349 0x0e44 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:53:56.0380 0x0e44 TDTCP - ok
14:53:56.0412 0x0e44 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:53:56.0490 0x0e44 tdx - ok
14:53:56.0755 0x0e44 [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
14:53:56.0911 0x0e44 TeamViewer9 - ok
14:53:56.0958 0x0e44 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
14:53:56.0973 0x0e44 TermDD - ok
14:53:57.0036 0x0e44 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
14:53:57.0129 0x0e44 TermService - ok
14:53:57.0160 0x0e44 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
14:53:57.0223 0x0e44 Themes - ok
14:53:57.0254 0x0e44 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
14:53:57.0301 0x0e44 THREADORDER - ok
14:53:57.0348 0x0e44 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
14:53:57.0410 0x0e44 TrkWks - ok
14:53:57.0488 0x0e44 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:53:57.0550 0x0e44 TrustedInstaller - ok
14:53:57.0597 0x0e44 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:53:57.0660 0x0e44 tssecsrv - ok
14:53:57.0722 0x0e44 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:53:57.0800 0x0e44 TsUsbFlt - ok
14:53:57.0847 0x0e44 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:53:57.0925 0x0e44 tunnel - ok
14:53:57.0956 0x0e44 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
14:53:57.0972 0x0e44 uagp35 - ok
14:53:58.0034 0x0e44 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:53:58.0096 0x0e44 udfs - ok
14:53:58.0143 0x0e44 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:53:58.0174 0x0e44 UI0Detect - ok
14:53:58.0221 0x0e44 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:53:58.0237 0x0e44 uliagpkx - ok
14:53:58.0299 0x0e44 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
14:53:58.0346 0x0e44 umbus - ok
14:53:58.0393 0x0e44 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
14:53:58.0440 0x0e44 UmPass - ok
14:53:58.0486 0x0e44 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
14:53:58.0564 0x0e44 upnphost - ok
14:53:58.0596 0x0e44 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:53:58.0642 0x0e44 usbccgp - ok
14:53:58.0689 0x0e44 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:53:58.0752 0x0e44 usbcir - ok
14:53:58.0798 0x0e44 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:53:58.0830 0x0e44 usbehci - ok
14:53:58.0892 0x0e44 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:53:58.0970 0x0e44 usbhub - ok
14:53:59.0017 0x0e44 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:53:59.0079 0x0e44 usbohci - ok
14:53:59.0157 0x0e44 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
14:53:59.0204 0x0e44 usbprint - ok
14:53:59.0251 0x0e44 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:53:59.0313 0x0e44 USBSTOR - ok
14:53:59.0361 0x0e44 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:53:59.0377 0x0e44 usbuhci - ok
14:53:59.0439 0x0e44 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
14:53:59.0486 0x0e44 usbvideo - ok
14:53:59.0533 0x0e44 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
14:53:59.0595 0x0e44 UxSms - ok
14:53:59.0626 0x0e44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
14:53:59.0642 0x0e44 VaultSvc - ok
14:53:59.0689 0x0e44 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:53:59.0704 0x0e44 vdrvroot - ok
14:53:59.0767 0x0e44 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
14:53:59.0845 0x0e44 vds - ok
14:53:59.0907 0x0e44 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:53:59.0923 0x0e44 vga - ok
14:53:59.0938 0x0e44 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:54:00.0001 0x0e44 VgaSave - ok
14:54:00.0032 0x0e44 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:54:00.0063 0x0e44 vhdmp - ok
14:54:00.0094 0x0e44 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
14:54:00.0110 0x0e44 viaide - ok
14:54:00.0141 0x0e44 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:54:00.0157 0x0e44 volmgr - ok
14:54:00.0203 0x0e44 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:54:00.0235 0x0e44 volmgrx - ok
14:54:00.0281 0x0e44 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:54:00.0313 0x0e44 volsnap - ok
14:54:00.0360 0x0e44 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
14:54:00.0392 0x0e44 vsmraid - ok
14:54:00.0470 0x0e44 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
14:54:00.0594 0x0e44 VSS - ok
14:54:00.0626 0x0e44 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
14:54:00.0672 0x0e44 vwifibus - ok
14:54:00.0704 0x0e44 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
14:54:00.0735 0x0e44 vwififlt - ok
14:54:00.0782 0x0e44 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
14:54:00.0860 0x0e44 W32Time - ok
14:54:00.0891 0x0e44 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
14:54:00.0906 0x0e44 WacomPen - ok
14:54:00.0984 0x0e44 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:54:01.0047 0x0e44 WANARP - ok
14:54:01.0062 0x0e44 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:54:01.0109 0x0e44 Wanarpv6 - ok
14:54:01.0187 0x0e44 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
14:54:01.0312 0x0e44 wbengine - ok
14:54:01.0343 0x0e44 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:54:01.0374 0x0e44 WbioSrvc - ok
14:54:01.0421 0x0e44 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:54:01.0484 0x0e44 wcncsvc - ok
14:54:01.0530 0x0e44 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:54:01.0577 0x0e44 WcsPlugInService - ok
14:54:01.0624 0x0e44 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
14:54:01.0640 0x0e44 Wd - ok
14:54:01.0686 0x0e44 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:54:01.0749 0x0e44 Wdf01000 - ok
14:54:01.0780 0x0e44 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:54:01.0858 0x0e44 WdiServiceHost - ok
14:54:01.0889 0x0e44 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:54:01.0905 0x0e44 WdiSystemHost - ok
14:54:01.0952 0x0e44 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
14:54:01.0983 0x0e44 WebClient - ok
14:54:02.0014 0x0e44 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:54:02.0092 0x0e44 Wecsvc - ok
14:54:02.0123 0x0e44 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:54:02.0170 0x0e44 wercplsupport - ok
14:54:02.0232 0x0e44 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
14:54:02.0295 0x0e44 WerSvc - ok
14:54:02.0357 0x0e44 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:54:02.0404 0x0e44 WfpLwf - ok
14:54:02.0435 0x0e44 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:54:02.0451 0x0e44 WIMMount - ok
14:54:02.0466 0x0e44 WinDefend - ok
14:54:02.0498 0x0e44 WinHttpAutoProxySvc - ok
14:54:02.0591 0x0e44 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:54:02.0654 0x0e44 Winmgmt - ok
14:54:02.0778 0x0e44 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
14:54:02.0919 0x0e44 WinRM - ok
14:54:02.0981 0x0e44 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:54:03.0012 0x0e44 WinUsb - ok
14:54:03.0075 0x0e44 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:54:03.0153 0x0e44 Wlansvc - ok
14:54:03.0215 0x0e44 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:54:03.0246 0x0e44 WmiAcpi - ok
14:54:03.0293 0x0e44 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:54:03.0340 0x0e44 wmiApSrv - ok
14:54:03.0371 0x0e44 WMPNetworkSvc - ok
14:54:03.0402 0x0e44 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:54:03.0434 0x0e44 WPCSvc - ok
14:54:03.0465 0x0e44 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:54:03.0496 0x0e44 WPDBusEnum - ok
14:54:03.0527 0x0e44 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:54:03.0590 0x0e44 ws2ifsl - ok
14:54:03.0636 0x0e44 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
14:54:03.0652 0x0e44 wscsvc - ok
14:54:03.0652 0x0e44 WSearch - ok
14:54:03.0777 0x0e44 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
14:54:03.0839 0x0e44 wuauserv - ok
14:54:03.0886 0x0e44 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:54:03.0948 0x0e44 WudfPf - ok
14:54:03.0980 0x0e44 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:54:04.0011 0x0e44 WUDFRd - ok
14:54:04.0042 0x0e44 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:54:04.0073 0x0e44 wudfsvc - ok
14:54:04.0104 0x0e44 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
14:54:04.0182 0x0e44 WwanSvc - ok
14:54:04.0198 0x0e44 ================ Scan global ===============================
14:54:04.0245 0x0e44 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
14:54:04.0307 0x0e44 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:54:04.0323 0x0e44 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
14:54:04.0354 0x0e44 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
14:54:04.0416 0x0e44 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
14:54:04.0432 0x0e44 [ Global ] - ok
14:54:04.0432 0x0e44 ================ Scan MBR ==================================
14:54:04.0448 0x0e44 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
14:54:04.0557 0x0e44 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
14:54:04.0557 0x0e44 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
14:54:20.0142 0x0e44 ================ Scan VBR ==================================
14:54:20.0204 0x0e44 [ F64FB5A89ED8EDB72EEAFD013BAD0521 ] \Device\Harddisk0\DR0\Partition1
14:54:20.0204 0x0e44 \Device\Harddisk0\DR0\Partition1 - ok
14:54:20.0236 0x0e44 [ BA1BD3C677E329B612F65C15EA19096F ] \Device\Harddisk0\DR0\Partition2
14:54:20.0236 0x0e44 \Device\Harddisk0\DR0\Partition2 - ok
14:54:20.0236 0x0e44 ================ Scan generic autorun ======================
14:54:20.0345 0x0e44 [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
14:54:20.0470 0x0e44 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
14:54:23.0278 0x0e44 Detect skipped due to KSN trusted
14:54:23.0278 0x0e44 AmIcoSinglun64 - ok
14:54:24.0666 0x0e44 [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
14:54:24.0884 0x0e44 RtHDVCpl - ok
14:54:25.0025 0x0e44 [ AAC9F71B93EB717458836E17120BA7B6, 1863F76E1246D00240008B9C10AAC06C951380F250495CF1C34A076FA2968577 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
14:54:25.0056 0x0e44 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
14:54:27.0880 0x0e44 Detect skipped due to KSN trusted
14:54:27.0880 0x0e44 StartCCC - ok
14:54:28.0036 0x0e44 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
14:54:28.0082 0x0e44 Adobe ARM - ok
14:54:28.0160 0x0e44 [ 9234099256CEBEE38E74375FEB03D498, C3B9DAF1605470575C605635E83F31EEDE154E3D1CD72964D696EA13DF85F011 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
14:54:28.0176 0x0e44 KiesTrayAgent - ok
14:54:28.0238 0x0e44 [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
14:54:28.0254 0x0e44 APSDaemon - ok
14:54:28.0332 0x0e44 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
14:54:28.0348 0x0e44 iTunesHelper - ok
14:54:28.0410 0x0e44 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
14:54:28.0410 0x0e44 GrooveMonitor - ok
14:54:28.0504 0x0e44 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
14:54:28.0519 0x0e44 SunJavaUpdateSched - ok
14:54:28.0675 0x0e44 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:54:28.0706 0x0e44 avgnt - ok
14:54:28.0784 0x0e44 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
14:54:28.0800 0x0e44 Avira Systray - ok
14:54:28.0987 0x0e44 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:54:29.0159 0x0e44 Sidebar - ok
14:54:29.0221 0x0e44 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:54:29.0252 0x0e44 mctadmin - ok
14:54:29.0362 0x0e44 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
14:54:29.0424 0x0e44 Sidebar - ok
14:54:29.0440 0x0e44 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
14:54:29.0471 0x0e44 mctadmin - ok
14:54:29.0564 0x0e44 [ 5FA98DFF08AB3453435A44699F278288, E26D6707375321421DAF90F59FAF8D4F1F54C487395E91524A19492CA736AE0D ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
14:54:29.0611 0x0e44 KiesPreload - ok
14:54:29.0689 0x0e44 [ 96D96280F43E93E3FFC07CBC8826F891, FD632BE46A530EF1FD4076072A2FC8A1512D937217402059A997A17DD637B0E4 ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
14:54:29.0705 0x0e44 KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
14:54:32.0513 0x0e44 Detect skipped due to KSN trusted
14:54:32.0513 0x0e44 KiesAirMessage - ok
14:54:32.0638 0x0e44 [ A7BE74971FFD1D6F791361C292A82588, A49B643365FF743A2945381855C4FC5234F7A4649BE0E3DC8C28F3893CA3ADFA ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
14:54:32.0669 0x0e44 KiesPDLR - ok
14:54:32.0669 0x0e44 Waiting for KSN requests completion. In queue: 14
14:54:33.0683 0x0e44 Waiting for KSN requests completion. In queue: 14
14:54:34.0697 0x0e44 Waiting for KSN requests completion. In queue: 14
14:54:35.0789 0x0e44 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x40000 ( disabled : updated )
14:54:35.0805 0x0e44 Win FW state via NFP2: enabled
14:54:38.0535 0x0e44 ============================================================
14:54:38.0535 0x0e44 Scan finished
14:54:38.0535 0x0e44 ============================================================
14:54:38.0535 0x0e3c Detected object count: 1
14:54:38.0535 0x0e3c Actual detected object count: 1
14:54:54.0057 0x0e3c \Device\Harddisk0\DR0\# - copied to quarantine
14:54:54.0057 0x0e3c \Device\Harddisk0\DR0 - copied to quarantine
14:54:54.0587 0x0e3c \Device\Harddisk0\DR0 - processing error
14:54:59.0657 0x0e3c \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Cure
|
|
03.09.2014, 14:51
| #6 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor TDSS-Killer nochmal ausführen, wähle Cure, bestätige die Frage mit Yes. Rechner wird neu gestartet. Nach dem Neustart TDSS-Killer nochmal ausführen, Logdatei davon posten. |
|
03.09.2014, 15:26
| #7 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi Habe ich schon 2 mal gemacht. Leider mit dem ergebnis, dass das Virus noch da ist. Ich habe auch schon probleme mit dem hochfahren. Ich muss die Partition von Windows manuell auswählen. Hier noch das aktuelle LOG Code:
ATTFilter 16:22:03.0960 0x0fc8 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
16:22:07.0125 0x0fc8 ============================================================
16:22:07.0125 0x0fc8 Current date / time: 2014/09/03 16:22:07.0125
16:22:07.0125 0x0fc8 SystemInfo:
16:22:07.0125 0x0fc8
16:22:07.0125 0x0fc8 OS Version: 6.1.7601 ServicePack: 1.0
16:22:07.0125 0x0fc8 Product type: Workstation
16:22:07.0125 0x0fc8 ComputerName: HOME-PC
16:22:07.0125 0x0fc8 UserName: Home
16:22:07.0125 0x0fc8 Windows directory: C:\Windows
16:22:07.0125 0x0fc8 System windows directory: C:\Windows
16:22:07.0125 0x0fc8 Running under WOW64
16:22:07.0125 0x0fc8 Processor architecture: Intel x64
16:22:07.0125 0x0fc8 Number of processors: 4
16:22:07.0125 0x0fc8 Page size: 0x1000
16:22:07.0125 0x0fc8 Boot type: Normal boot
16:22:07.0125 0x0fc8 ============================================================
16:22:07.0130 0x0fc8 BG loaded
16:22:07.0630 0x0fc8 System UUID: {F9D2681A-06B1-12F9-B6DF-84DD56D67E09}
16:22:08.0536 0x0fc8 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:22:08.0541 0x0fc8 ============================================================
16:22:08.0541 0x0fc8 \Device\Harddisk0\DR0:
16:22:08.0541 0x0fc8 MBR partitions:
16:22:08.0541 0x0fc8 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1964800, BlocksNum 0x32000
16:22:08.0541 0x0fc8 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1996800, BlocksNum 0x389EF030
16:22:08.0541 0x0fc8 ============================================================
16:22:08.0676 0x0fc8 C: <-> \Device\Harddisk0\DR0\Partition2
16:22:08.0761 0x0fc8 D: <-> \Device\Harddisk0\DR0\Partition1
16:22:08.0761 0x0fc8 ============================================================
16:22:08.0761 0x0fc8 Initialize success
16:22:08.0761 0x0fc8 ============================================================
16:22:15.0447 0x0a44 ============================================================
16:22:15.0447 0x0a44 Scan started
16:22:15.0447 0x0a44 Mode: Manual; SigCheck; TDLFS;
16:22:15.0447 0x0a44 ============================================================
16:22:15.0447 0x0a44 KSN ping started
16:22:18.0177 0x0a44 KSN ping finished: true
16:22:23.0108 0x0a44 ================ Scan system memory ========================
16:22:23.0108 0x0a44 System memory - ok
16:22:23.0108 0x0a44 ================ Scan services =============================
16:22:23.0393 0x0a44 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
16:22:23.0523 0x0a44 1394ohci - ok
16:22:23.0578 0x0a44 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
16:22:23.0603 0x0a44 ACPI - ok
16:22:23.0663 0x0a44 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
16:22:23.0793 0x0a44 AcpiPmi - ok
16:22:23.0968 0x0a44 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:22:23.0988 0x0a44 AdobeARMservice - ok
16:22:24.0233 0x0a44 [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:22:24.0253 0x0a44 AdobeFlashPlayerUpdateSvc - ok
16:22:24.0353 0x0a44 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:22:24.0388 0x0a44 adp94xx - ok
16:22:24.0428 0x0a44 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:22:24.0458 0x0a44 adpahci - ok
16:22:24.0508 0x0a44 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:22:24.0533 0x0a44 adpu320 - ok
16:22:24.0573 0x0a44 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:22:24.0718 0x0a44 AeLookupSvc - ok
16:22:24.0788 0x0a44 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
16:22:24.0883 0x0a44 AFD - ok
16:22:24.0973 0x0a44 [ B65F8DBA54F251906BBE8611B5A0E7AB, 9ADE347CB4E7C33D668DAC79A316C97C78D94D296B158F481F3E32F9DA4D647E ] AgereModemAudio C:\Program Files\LSI SoftModem\agr64svc.exe
16:22:25.0023 0x0a44 AgereModemAudio - ok
16:22:25.0098 0x0a44 [ A6AB6F0ACE87DA76B4C401813D18BE95, 6AE72E0F07DF2164A3198E14A6AE7E15F0B8EB467D2D68960A006E360DBBA891 ] AgereSoftModem C:\Windows\system32\DRIVERS\agrsm64.sys
16:22:25.0188 0x0a44 AgereSoftModem - ok
16:22:25.0233 0x0a44 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
16:22:25.0253 0x0a44 agp440 - ok
16:22:25.0313 0x0a44 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
16:22:25.0373 0x0a44 ALG - ok
16:22:25.0423 0x0a44 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
16:22:25.0443 0x0a44 aliide - ok
16:22:25.0518 0x0a44 [ 9C48E5389917E41D238C6D1D66AD98E4, 787C76FE698E279E833A55DDB49CEDD20610DB5874E4A030A70065996A9478E7 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:22:25.0623 0x0a44 AMD External Events Utility - ok
16:22:25.0678 0x0a44 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
16:22:25.0693 0x0a44 amdide - ok
16:22:25.0748 0x0a44 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:22:25.0823 0x0a44 AmdK8 - ok
16:22:25.0838 0x0a44 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:22:25.0918 0x0a44 AmdPPM - ok
16:22:25.0973 0x0a44 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
16:22:25.0993 0x0a44 amdsata - ok
16:22:26.0058 0x0a44 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:22:26.0083 0x0a44 amdsbs - ok
16:22:26.0163 0x0a44 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
16:22:26.0183 0x0a44 amdxata - ok
16:22:26.0233 0x0a44 [ 391887990CDAA83DE5C56C3FDE966DA1, BC55E21E03B3FE7BBDBB13D56AADB8FBA74F58521AC73B105AD9788E7AE18F0B ] AmUStor C:\Windows\system32\drivers\AmUStor.SYS
16:22:26.0338 0x0a44 AmUStor - ok
16:22:26.0468 0x0a44 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
16:22:26.0498 0x0a44 AntiVirSchedulerService - ok
16:22:26.0573 0x0a44 [ 0327A6CE0934C324E3E82920E9EC0EE4, B4A1E6A77032F7DF97FED3C01E76E2BD3270A3FFC500C7C9A118C0E2EB675D75 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
16:22:26.0593 0x0a44 AntiVirService - ok
16:22:26.0648 0x0a44 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
16:22:26.0838 0x0a44 AppID - ok
16:22:26.0873 0x0a44 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:22:26.0953 0x0a44 AppIDSvc - ok
16:22:27.0018 0x0a44 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
16:22:27.0168 0x0a44 Appinfo - ok
16:22:27.0333 0x0a44 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:22:27.0353 0x0a44 Apple Mobile Device - ok
16:22:27.0428 0x0a44 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:22:27.0453 0x0a44 arc - ok
16:22:27.0508 0x0a44 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:22:27.0528 0x0a44 arcsas - ok
16:22:27.0793 0x0a44 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:22:27.0893 0x0a44 aspnet_state - ok
16:22:27.0923 0x0a44 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:22:27.0993 0x0a44 AsyncMac - ok
16:22:28.0044 0x0a44 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
16:22:28.0059 0x0a44 atapi - ok
16:22:28.0209 0x0a44 [ E857EEE6B92AAA473EBB3465ADD8F7E7, 1C7E4737E649A025B3C4974A4F7D1353EAB85561FC8ED54E5C22A777E1A189B3 ] athr C:\Windows\system32\DRIVERS\athrx.sys
16:22:28.0344 0x0a44 athr - ok
16:22:28.0729 0x0a44 [ D229CC2EBCF287ADAFECE59AB1E3D3BC, E7826F95D0A665AD537089FDFCE90CD7E434CBCE166167A4D82974DA4B7D46AE ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
16:22:28.0954 0x0a44 atikmdag - ok
16:22:29.0104 0x0a44 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:22:29.0199 0x0a44 AudioEndpointBuilder - ok
16:22:29.0304 0x0a44 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
16:22:29.0364 0x0a44 AudioSrv - ok
16:22:29.0449 0x0a44 [ 4663C5AD76FE8E19592DE808156FA07D, 605827B4A9D6930BC752D124BF75D55D4927B0ABEF881CDE66F3C5CC1DB215FE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
16:22:29.0474 0x0a44 avgntflt - ok
16:22:29.0534 0x0a44 [ 8902AEC2382A37E9E99A4E0D52DBD42B, 138F2D7E7430132B2C527D413BC845CC467F084F39C232EC3A17DD2A74EE401E ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
16:22:29.0559 0x0a44 avipbb - ok
16:22:29.0779 0x0a44 [ A59D07E02A75EDC8FA141470C5EC96C3, A20416444B3C15F85651383F8D40F4F93400B1B78A60174A2AD3A6308836ED93 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
16:22:29.0804 0x0a44 Avira.OE.ServiceHost - ok
16:22:29.0824 0x0a44 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
16:22:29.0839 0x0a44 avkmgr - ok
16:22:29.0919 0x0a44 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:22:30.0024 0x0a44 AxInstSV - ok
16:22:30.0084 0x0a44 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
16:22:30.0159 0x0a44 b06bdrv - ok
16:22:30.0224 0x0a44 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
16:22:30.0284 0x0a44 b57nd60a - ok
16:22:30.0364 0x0a44 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
16:22:30.0499 0x0a44 BDESVC - ok
16:22:30.0579 0x0a44 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
16:22:30.0659 0x0a44 Beep - ok
16:22:30.0784 0x0a44 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
16:22:30.0829 0x0a44 BFE - ok
16:22:30.0884 0x0a44 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
16:22:30.0949 0x0a44 BITS - ok
16:22:30.0999 0x0a44 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:22:31.0039 0x0a44 blbdrive - ok
16:22:31.0129 0x0a44 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:22:31.0159 0x0a44 Bonjour Service - ok
16:22:31.0229 0x0a44 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:22:31.0289 0x0a44 bowser - ok
16:22:31.0344 0x0a44 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:22:31.0384 0x0a44 BrFiltLo - ok
16:22:31.0409 0x0a44 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:22:31.0434 0x0a44 BrFiltUp - ok
16:22:31.0469 0x0a44 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
16:22:31.0589 0x0a44 Browser - ok
16:22:31.0629 0x0a44 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:22:31.0734 0x0a44 Brserid - ok
16:22:31.0754 0x0a44 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:22:31.0809 0x0a44 BrSerWdm - ok
16:22:31.0839 0x0a44 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:22:31.0879 0x0a44 BrUsbMdm - ok
16:22:31.0924 0x0a44 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:22:31.0979 0x0a44 BrUsbSer - ok
16:22:32.0024 0x0a44 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:22:32.0069 0x0a44 BTHMODEM - ok
16:22:32.0124 0x0a44 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
16:22:32.0189 0x0a44 bthserv - ok
16:22:32.0244 0x0a44 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:22:32.0309 0x0a44 cdfs - ok
16:22:32.0379 0x0a44 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:22:32.0404 0x0a44 cdrom - ok
16:22:32.0464 0x0a44 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
16:22:32.0539 0x0a44 CertPropSvc - ok
16:22:32.0599 0x0a44 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:22:32.0644 0x0a44 circlass - ok
16:22:32.0714 0x0a44 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
16:22:32.0734 0x0a44 CLFS - ok
16:22:32.0834 0x0a44 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:22:32.0859 0x0a44 clr_optimization_v2.0.50727_32 - ok
16:22:32.0934 0x0a44 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:22:32.0954 0x0a44 clr_optimization_v2.0.50727_64 - ok
16:22:33.0094 0x0a44 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:22:33.0374 0x0a44 clr_optimization_v4.0.30319_32 - ok
16:22:33.0399 0x0a44 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:22:33.0504 0x0a44 clr_optimization_v4.0.30319_64 - ok
16:22:33.0554 0x0a44 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:22:33.0644 0x0a44 CmBatt - ok
16:22:33.0679 0x0a44 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
16:22:33.0699 0x0a44 cmdide - ok
16:22:33.0759 0x0a44 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
16:22:33.0804 0x0a44 CNG - ok
16:22:33.0899 0x0a44 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:22:33.0919 0x0a44 Compbatt - ok
16:22:33.0964 0x0a44 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
16:22:34.0030 0x0a44 CompositeBus - ok
16:22:34.0050 0x0a44 COMSysApp - ok
16:22:34.0085 0x0a44 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:22:34.0105 0x0a44 crcdisk - ok
16:22:34.0155 0x0a44 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:22:34.0215 0x0a44 CryptSvc - ok
16:22:34.0285 0x0a44 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
16:22:34.0410 0x0a44 DcomLaunch - ok
16:22:34.0465 0x0a44 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
16:22:34.0555 0x0a44 defragsvc - ok
16:22:34.0615 0x0a44 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:22:34.0685 0x0a44 DfsC - ok
16:22:34.0755 0x0a44 [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus C:\Windows\system32\DRIVERS\ssudbus.sys
16:22:34.0770 0x0a44 dg_ssudbus - ok
16:22:34.0840 0x0a44 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:22:34.0885 0x0a44 Dhcp - ok
16:22:34.0945 0x0a44 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
16:22:35.0015 0x0a44 discache - ok
16:22:35.0060 0x0a44 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:22:35.0080 0x0a44 Disk - ok
16:22:35.0135 0x0a44 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:22:35.0195 0x0a44 Dnscache - ok
16:22:35.0240 0x0a44 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
16:22:35.0325 0x0a44 dot3svc - ok
16:22:35.0405 0x0a44 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
16:22:35.0460 0x0a44 DPS - ok
16:22:35.0500 0x0a44 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:22:35.0595 0x0a44 drmkaud - ok
16:22:35.0685 0x0a44 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:22:35.0730 0x0a44 DXGKrnl - ok
16:22:35.0790 0x0a44 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
16:22:35.0890 0x0a44 EapHost - ok
16:22:36.0150 0x0a44 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
16:22:36.0380 0x0a44 ebdrv - ok
16:22:36.0425 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
16:22:36.0510 0x0a44 EFS - ok
16:22:36.0695 0x0a44 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:22:36.0945 0x0a44 ehRecvr - ok
16:22:36.0975 0x0a44 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
16:22:37.0065 0x0a44 ehSched - ok
16:22:37.0125 0x0a44 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:22:37.0160 0x0a44 elxstor - ok
16:22:37.0190 0x0a44 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
16:22:37.0235 0x0a44 ErrDev - ok
16:22:37.0310 0x0a44 esgiguard - ok
16:22:37.0385 0x0a44 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
16:22:37.0480 0x0a44 EventSystem - ok
16:22:37.0565 0x0a44 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
16:22:37.0640 0x0a44 exfat - ok
16:22:37.0670 0x0a44 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:22:37.0745 0x0a44 fastfat - ok
16:22:37.0840 0x0a44 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
16:22:37.0900 0x0a44 Fax - ok
16:22:37.0940 0x0a44 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:22:37.0960 0x0a44 fdc - ok
16:22:38.0015 0x0a44 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
16:22:38.0085 0x0a44 fdPHost - ok
16:22:38.0110 0x0a44 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
16:22:38.0180 0x0a44 FDResPub - ok
16:22:38.0215 0x0a44 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:22:38.0235 0x0a44 FileInfo - ok
16:22:38.0260 0x0a44 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:22:38.0345 0x0a44 Filetrace - ok
16:22:38.0400 0x0a44 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:22:38.0435 0x0a44 flpydisk - ok
16:22:38.0530 0x0a44 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:22:38.0560 0x0a44 FltMgr - ok
16:22:38.0675 0x0a44 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
16:22:38.0785 0x0a44 FontCache - ok
16:22:38.0855 0x0a44 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:22:38.0875 0x0a44 FontCache3.0.0.0 - ok
16:22:38.0910 0x0a44 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:22:38.0930 0x0a44 FsDepends - ok
16:22:38.0970 0x0a44 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:22:38.0985 0x0a44 Fs_Rec - ok
16:22:39.0061 0x0a44 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:22:39.0096 0x0a44 fvevol - ok
16:22:39.0146 0x0a44 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:22:39.0166 0x0a44 gagp30kx - ok
16:22:39.0216 0x0a44 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:22:39.0226 0x0a44 GEARAspiWDM - ok
16:22:39.0331 0x0a44 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
16:22:39.0456 0x0a44 gpsvc - ok
16:22:39.0506 0x0a44 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:22:39.0571 0x0a44 hcw85cir - ok
16:22:39.0656 0x0a44 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:22:39.0721 0x0a44 HdAudAddService - ok
16:22:39.0786 0x0a44 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
16:22:39.0826 0x0a44 HDAudBus - ok
16:22:39.0871 0x0a44 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:22:39.0921 0x0a44 HidBatt - ok
16:22:39.0946 0x0a44 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:22:40.0036 0x0a44 HidBth - ok
16:22:40.0071 0x0a44 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:22:40.0116 0x0a44 HidIr - ok
16:22:40.0156 0x0a44 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
16:22:40.0231 0x0a44 hidserv - ok
16:22:40.0291 0x0a44 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
16:22:40.0401 0x0a44 HidUsb - ok
16:22:40.0501 0x0a44 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:22:40.0571 0x0a44 hkmsvc - ok
16:22:40.0651 0x0a44 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:22:40.0736 0x0a44 HomeGroupListener - ok
16:22:40.0781 0x0a44 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:22:40.0821 0x0a44 HomeGroupProvider - ok
16:22:40.0906 0x0a44 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
16:22:40.0926 0x0a44 HpSAMD - ok
16:22:41.0031 0x0a44 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:22:41.0136 0x0a44 HTTP - ok
16:22:41.0171 0x0a44 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:22:41.0191 0x0a44 hwpolicy - ok
16:22:41.0211 0x0a44 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
16:22:41.0231 0x0a44 i8042prt - ok
16:22:41.0291 0x0a44 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
16:22:41.0326 0x0a44 iaStorV - ok
16:22:41.0421 0x0a44 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:22:41.0476 0x0a44 idsvc - ok
16:22:41.0531 0x0a44 IEEtwCollectorService - ok
16:22:41.0576 0x0a44 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:22:41.0596 0x0a44 iirsp - ok
16:22:41.0856 0x0a44 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
16:22:41.0961 0x0a44 IKEEXT - ok
16:22:42.0126 0x0a44 [ 42943BB3AB7A405B30EFF7C8283CC129, B914B5610565B794BE28664DE605C5726A0587F15034A026509885771C63B0D5 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:22:42.0206 0x0a44 IntcAzAudAddService - ok
16:22:42.0246 0x0a44 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
16:22:42.0276 0x0a44 intelide - ok
16:22:42.0321 0x0a44 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:22:42.0356 0x0a44 intelppm - ok
16:22:42.0411 0x0a44 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:22:42.0486 0x0a44 IPBusEnum - ok
16:22:42.0531 0x0a44 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:22:42.0581 0x0a44 IpFilterDriver - ok
16:22:42.0636 0x0a44 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:22:42.0716 0x0a44 iphlpsvc - ok
16:22:42.0751 0x0a44 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
16:22:42.0791 0x0a44 IPMIDRV - ok
16:22:42.0836 0x0a44 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:22:42.0911 0x0a44 IPNAT - ok
16:22:43.0006 0x0a44 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
16:22:43.0036 0x0a44 iPod Service - ok
16:22:43.0111 0x0a44 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:22:43.0191 0x0a44 IRENUM - ok
16:22:43.0221 0x0a44 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
16:22:43.0236 0x0a44 isapnp - ok
16:22:43.0291 0x0a44 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
16:22:43.0326 0x0a44 iScsiPrt - ok
16:22:43.0386 0x0a44 [ D85F3F18E44F7447B5F1BA5C85BAEB7C, 0FA419F9BF061AC3F81A978FAE1523904081BA6FEA6FACEA228B20F5608FCF1E ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
16:22:43.0411 0x0a44 k57nd60a - ok
16:22:43.0526 0x0a44 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
16:22:43.0546 0x0a44 kbdclass - ok
16:22:43.0611 0x0a44 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
16:22:43.0656 0x0a44 kbdhid - ok
16:22:43.0681 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
16:22:43.0691 0x0a44 KeyIso - ok
16:22:43.0741 0x0a44 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:22:43.0761 0x0a44 KSecDD - ok
16:22:43.0791 0x0a44 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:22:43.0816 0x0a44 KSecPkg - ok
16:22:43.0851 0x0a44 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
16:22:43.0931 0x0a44 ksthunk - ok
16:22:44.0066 0x0a44 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
16:22:44.0186 0x0a44 KtmRm - ok
16:22:44.0246 0x0a44 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:22:44.0331 0x0a44 LanmanServer - ok
16:22:44.0371 0x0a44 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:22:44.0436 0x0a44 LanmanWorkstation - ok
16:22:44.0501 0x0a44 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:22:44.0551 0x0a44 lltdio - ok
16:22:44.0706 0x0a44 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:22:44.0771 0x0a44 lltdsvc - ok
16:22:44.0796 0x0a44 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:22:44.0841 0x0a44 lmhosts - ok
16:22:44.0871 0x0a44 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:22:44.0891 0x0a44 LSI_FC - ok
16:22:44.0926 0x0a44 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:22:44.0946 0x0a44 LSI_SAS - ok
16:22:44.0961 0x0a44 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:22:44.0981 0x0a44 LSI_SAS2 - ok
16:22:45.0026 0x0a44 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:22:45.0046 0x0a44 LSI_SCSI - ok
16:22:45.0061 0x0a44 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
16:22:45.0141 0x0a44 luafv - ok
16:22:45.0326 0x0a44 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:22:45.0391 0x0a44 Mcx2Svc - ok
16:22:45.0436 0x0a44 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:22:45.0461 0x0a44 megasas - ok
16:22:45.0491 0x0a44 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:22:45.0516 0x0a44 MegaSR - ok
16:22:45.0636 0x0a44 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
16:22:45.0656 0x0a44 Microsoft Office Groove Audit Service - ok
16:22:45.0696 0x0a44 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
16:22:45.0771 0x0a44 MMCSS - ok
16:22:45.0836 0x0a44 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
16:22:45.0901 0x0a44 Modem - ok
16:22:45.0936 0x0a44 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:22:45.0976 0x0a44 monitor - ok
16:22:46.0031 0x0a44 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:22:46.0051 0x0a44 mouclass - ok
16:22:46.0121 0x0a44 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:22:46.0171 0x0a44 mouhid - ok
16:22:46.0231 0x0a44 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:22:46.0251 0x0a44 mountmgr - ok
16:22:46.0306 0x0a44 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
16:22:46.0331 0x0a44 mpio - ok
16:22:46.0376 0x0a44 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:22:46.0426 0x0a44 mpsdrv - ok
16:22:46.0611 0x0a44 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:22:46.0701 0x0a44 MpsSvc - ok
16:22:46.0751 0x0a44 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:22:46.0826 0x0a44 MRxDAV - ok
16:22:46.0866 0x0a44 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:22:46.0941 0x0a44 mrxsmb - ok
16:22:46.0991 0x0a44 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:22:47.0061 0x0a44 mrxsmb10 - ok
16:22:47.0116 0x0a44 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:22:47.0161 0x0a44 mrxsmb20 - ok
16:22:47.0196 0x0a44 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
16:22:47.0211 0x0a44 msahci - ok
16:22:47.0246 0x0a44 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
16:22:47.0271 0x0a44 msdsm - ok
16:22:47.0296 0x0a44 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
16:22:47.0351 0x0a44 MSDTC - ok
16:22:47.0421 0x0a44 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:22:47.0466 0x0a44 Msfs - ok
16:22:47.0511 0x0a44 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:22:47.0581 0x0a44 mshidkmdf - ok
16:22:47.0621 0x0a44 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
16:22:47.0636 0x0a44 msisadrv - ok
16:22:47.0681 0x0a44 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:22:47.0756 0x0a44 MSiSCSI - ok
16:22:47.0756 0x0a44 msiserver - ok
16:22:47.0796 0x0a44 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:22:47.0881 0x0a44 MSKSSRV - ok
16:22:47.0931 0x0a44 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:22:48.0001 0x0a44 MSPCLOCK - ok
16:22:48.0076 0x0a44 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:22:48.0156 0x0a44 MSPQM - ok
16:22:48.0211 0x0a44 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:22:48.0236 0x0a44 MsRPC - ok
16:22:48.0321 0x0a44 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
16:22:48.0331 0x0a44 mssmbios - ok
16:22:48.0401 0x0a44 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:22:48.0471 0x0a44 MSTEE - ok
16:22:48.0501 0x0a44 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:22:48.0551 0x0a44 MTConfig - ok
16:22:48.0586 0x0a44 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
16:22:48.0606 0x0a44 Mup - ok
16:22:48.0671 0x0a44 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
16:22:48.0746 0x0a44 napagent - ok
16:22:48.0841 0x0a44 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:22:48.0891 0x0a44 NativeWifiP - ok
16:22:48.0966 0x0a44 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
16:22:49.0006 0x0a44 NDIS - ok
16:22:49.0061 0x0a44 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:22:49.0151 0x0a44 NdisCap - ok
16:22:49.0196 0x0a44 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:22:49.0276 0x0a44 NdisTapi - ok
16:22:49.0346 0x0a44 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:22:49.0416 0x0a44 Ndisuio - ok
16:22:49.0466 0x0a44 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:22:49.0536 0x0a44 NdisWan - ok
16:22:49.0596 0x0a44 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:22:49.0661 0x0a44 NDProxy - ok
16:22:49.0726 0x0a44 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:22:49.0806 0x0a44 NetBIOS - ok
16:22:49.0866 0x0a44 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:22:49.0941 0x0a44 NetBT - ok
16:22:49.0981 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
16:22:49.0996 0x0a44 Netlogon - ok
16:22:50.0057 0x0a44 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
16:22:50.0117 0x0a44 Netman - ok
16:22:50.0202 0x0a44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:50.0312 0x0a44 NetMsmqActivator - ok
16:22:50.0342 0x0a44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:50.0357 0x0a44 NetPipeActivator - ok
16:22:50.0422 0x0a44 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
16:22:50.0512 0x0a44 netprofm - ok
16:22:50.0557 0x0a44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:50.0577 0x0a44 NetTcpActivator - ok
16:22:50.0582 0x0a44 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:22:50.0602 0x0a44 NetTcpPortSharing - ok
16:22:50.0672 0x0a44 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:22:50.0687 0x0a44 nfrd960 - ok
16:22:50.0752 0x0a44 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:22:50.0797 0x0a44 NlaSvc - ok
16:22:50.0832 0x0a44 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:22:50.0882 0x0a44 Npfs - ok
16:22:50.0912 0x0a44 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
16:22:51.0002 0x0a44 nsi - ok
16:22:51.0037 0x0a44 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:22:51.0102 0x0a44 nsiproxy - ok
16:22:51.0292 0x0a44 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:22:51.0422 0x0a44 Ntfs - ok
16:22:51.0457 0x0a44 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
16:22:51.0522 0x0a44 Null - ok
16:22:51.0582 0x0a44 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
16:22:51.0607 0x0a44 nvraid - ok
16:22:51.0632 0x0a44 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
16:22:51.0657 0x0a44 nvstor - ok
16:22:51.0712 0x0a44 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
16:22:51.0732 0x0a44 nv_agp - ok
16:22:52.0067 0x0a44 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
16:22:52.0122 0x0a44 odserv - ok
16:22:52.0152 0x0a44 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
16:22:52.0197 0x0a44 ohci1394 - ok
16:22:52.0262 0x0a44 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:22:52.0287 0x0a44 ose - ok
16:22:52.0362 0x0a44 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:22:52.0437 0x0a44 p2pimsvc - ok
16:22:52.0487 0x0a44 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
16:22:52.0537 0x0a44 p2psvc - ok
16:22:52.0577 0x0a44 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:22:52.0602 0x0a44 Parport - ok
16:22:52.0652 0x0a44 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:22:52.0677 0x0a44 partmgr - ok
16:22:52.0727 0x0a44 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
16:22:52.0777 0x0a44 PcaSvc - ok
16:22:52.0822 0x0a44 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
16:22:52.0837 0x0a44 pci - ok
16:22:52.0882 0x0a44 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
16:22:52.0902 0x0a44 pciide - ok
16:22:52.0942 0x0a44 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:22:52.0977 0x0a44 pcmcia - ok
16:22:52.0982 0x0a44 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
16:22:53.0002 0x0a44 pcw - ok
16:22:53.0037 0x0a44 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:22:53.0187 0x0a44 PEAUTH - ok
16:22:53.0332 0x0a44 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
16:22:53.0382 0x0a44 PerfHost - ok
16:22:53.0497 0x0a44 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
16:22:53.0692 0x0a44 pla - ok
16:22:53.0757 0x0a44 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:22:53.0832 0x0a44 PlugPlay - ok
16:22:53.0832 0x0a44 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:22:53.0882 0x0a44 PNRPAutoReg - ok
16:22:53.0917 0x0a44 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:22:53.0942 0x0a44 PNRPsvc - ok
16:22:54.0017 0x0a44 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:22:54.0112 0x0a44 PolicyAgent - ok
16:22:54.0182 0x0a44 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
16:22:54.0262 0x0a44 Power - ok
16:22:54.0322 0x0a44 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:22:54.0397 0x0a44 PptpMiniport - ok
16:22:54.0452 0x0a44 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:22:54.0517 0x0a44 Processor - ok
16:22:54.0562 0x0a44 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
16:22:54.0622 0x0a44 ProfSvc - ok
16:22:54.0637 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:22:54.0652 0x0a44 ProtectedStorage - ok
16:22:54.0697 0x0a44 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:22:54.0777 0x0a44 Psched - ok
16:22:54.0867 0x0a44 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:22:54.0987 0x0a44 ql2300 - ok
16:22:55.0052 0x0a44 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:22:55.0077 0x0a44 ql40xx - ok
16:22:55.0127 0x0a44 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
16:22:55.0187 0x0a44 QWAVE - ok
16:22:55.0212 0x0a44 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:22:55.0252 0x0a44 QWAVEdrv - ok
16:22:55.0282 0x0a44 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:22:55.0352 0x0a44 RasAcd - ok
16:22:55.0417 0x0a44 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:22:55.0467 0x0a44 RasAgileVpn - ok
16:22:55.0532 0x0a44 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
16:22:55.0607 0x0a44 RasAuto - ok
16:22:55.0662 0x0a44 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:22:55.0737 0x0a44 Rasl2tp - ok
16:22:55.0827 0x0a44 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
16:22:55.0912 0x0a44 RasMan - ok
16:22:55.0962 0x0a44 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:22:56.0032 0x0a44 RasPppoe - ok
16:22:56.0077 0x0a44 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:22:56.0147 0x0a44 RasSstp - ok
16:22:56.0237 0x0a44 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:22:56.0312 0x0a44 rdbss - ok
16:22:56.0372 0x0a44 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:22:56.0442 0x0a44 rdpbus - ok
16:22:56.0482 0x0a44 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:22:56.0547 0x0a44 RDPCDD - ok
16:22:56.0592 0x0a44 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:22:56.0662 0x0a44 RDPENCDD - ok
16:22:56.0697 0x0a44 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:22:56.0742 0x0a44 RDPREFMP - ok
16:22:56.0812 0x0a44 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:22:56.0877 0x0a44 RDPWD - ok
16:22:56.0912 0x0a44 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:22:56.0937 0x0a44 rdyboost - ok
16:22:57.0037 0x0a44 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:22:57.0112 0x0a44 RemoteAccess - ok
16:22:57.0177 0x0a44 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:22:57.0252 0x0a44 RemoteRegistry - ok
16:22:57.0347 0x0a44 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:22:57.0422 0x0a44 RpcEptMapper - ok
16:22:57.0467 0x0a44 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
16:22:57.0502 0x0a44 RpcLocator - ok
16:22:57.0552 0x0a44 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
16:22:57.0607 0x0a44 RpcSs - ok
16:22:57.0697 0x0a44 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:22:57.0767 0x0a44 rspndr - ok
16:22:57.0832 0x0a44 [ 7421A35C45484B95E83B5E9E107CEFC2, 128BB6A7552B9D57284056FB8946A6FE3C620F7B706F709F896828304A6FCD77 ] RTHDMIAzAudService C:\Windows\system32\drivers\RtHDMIVX.sys
16:22:57.0857 0x0a44 RTHDMIAzAudService - ok
16:22:57.0922 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
16:22:57.0937 0x0a44 SamSs - ok
16:22:57.0977 0x0a44 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
16:22:58.0002 0x0a44 sbp2port - ok
16:22:58.0042 0x0a44 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:22:58.0117 0x0a44 SCardSvr - ok
16:22:58.0147 0x0a44 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:22:58.0217 0x0a44 scfilter - ok
16:22:58.0492 0x0a44 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
16:22:58.0612 0x0a44 Schedule - ok
16:22:58.0647 0x0a44 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:22:58.0687 0x0a44 SCPolicySvc - ok
16:22:58.0742 0x0a44 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:22:58.0772 0x0a44 SDRSVC - ok
16:22:58.0817 0x0a44 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:22:58.0892 0x0a44 secdrv - ok
16:22:58.0942 0x0a44 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
16:22:59.0002 0x0a44 seclogon - ok
16:22:59.0077 0x0a44 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
16:22:59.0142 0x0a44 SENS - ok
16:22:59.0172 0x0a44 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:22:59.0232 0x0a44 SensrSvc - ok
16:22:59.0262 0x0a44 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:22:59.0297 0x0a44 Serenum - ok
16:22:59.0342 0x0a44 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:22:59.0362 0x0a44 Serial - ok
16:22:59.0417 0x0a44 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:22:59.0452 0x0a44 sermouse - ok
16:22:59.0507 0x0a44 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
16:22:59.0572 0x0a44 SessionEnv - ok
16:22:59.0672 0x0a44 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
16:22:59.0767 0x0a44 sffdisk - ok
16:22:59.0827 0x0a44 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
16:22:59.0872 0x0a44 sffp_mmc - ok
16:22:59.0897 0x0a44 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
16:22:59.0947 0x0a44 sffp_sd - ok
16:22:59.0982 0x0a44 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:23:00.0022 0x0a44 sfloppy - ok
16:23:00.0072 0x0a44 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:23:00.0157 0x0a44 SharedAccess - ok
16:23:00.0217 0x0a44 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:23:00.0302 0x0a44 ShellHWDetection - ok
16:23:00.0347 0x0a44 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:23:00.0362 0x0a44 SiSRaid2 - ok
16:23:00.0382 0x0a44 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:23:00.0402 0x0a44 SiSRaid4 - ok
16:23:00.0537 0x0a44 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
16:23:00.0602 0x0a44 SkypeUpdate - ok
16:23:00.0677 0x0a44 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:23:00.0742 0x0a44 Smb - ok
16:23:00.0837 0x0a44 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:23:00.0882 0x0a44 SNMPTRAP - ok
16:23:00.0902 0x0a44 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
16:23:00.0917 0x0a44 spldr - ok
16:23:00.0987 0x0a44 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
16:23:01.0078 0x0a44 Spooler - ok
16:23:01.0333 0x0a44 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
16:23:01.0498 0x0a44 sppsvc - ok
16:23:01.0558 0x0a44 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:23:01.0648 0x0a44 sppuinotify - ok
16:23:01.0708 0x0a44 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
16:23:01.0828 0x0a44 srv - ok
16:23:01.0853 0x0a44 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:23:01.0913 0x0a44 srv2 - ok
16:23:01.0963 0x0a44 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:23:02.0003 0x0a44 srvnet - ok
16:23:02.0078 0x0a44 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:23:02.0148 0x0a44 SSDPSRV - ok
16:23:02.0173 0x0a44 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:23:02.0223 0x0a44 SstpSvc - ok
16:23:02.0298 0x0a44 [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm C:\Windows\system32\DRIVERS\ssudmdm.sys
16:23:02.0318 0x0a44 ssudmdm - ok
16:23:02.0353 0x0a44 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:23:02.0368 0x0a44 stexstor - ok
16:23:02.0433 0x0a44 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
16:23:02.0483 0x0a44 stisvc - ok
16:23:02.0548 0x0a44 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
16:23:02.0568 0x0a44 swenum - ok
16:23:02.0638 0x0a44 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
16:23:02.0728 0x0a44 swprv - ok
16:23:02.0923 0x0a44 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
16:23:03.0018 0x0a44 SysMain - ok
16:23:03.0053 0x0a44 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:23:03.0088 0x0a44 TabletInputService - ok
16:23:03.0118 0x0a44 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
16:23:03.0188 0x0a44 TapiSrv - ok
16:23:03.0248 0x0a44 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
16:23:03.0303 0x0a44 TBS - ok
16:23:03.0568 0x0a44 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:23:03.0718 0x0a44 Tcpip - ok
16:23:03.0818 0x0a44 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:23:03.0888 0x0a44 TCPIP6 - ok
16:23:03.0928 0x0a44 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:23:03.0968 0x0a44 tcpipreg - ok
16:23:04.0008 0x0a44 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:23:04.0073 0x0a44 TDPIPE - ok
16:23:04.0113 0x0a44 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:23:04.0158 0x0a44 TDTCP - ok
16:23:04.0213 0x0a44 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:23:04.0283 0x0a44 tdx - ok
16:23:04.0648 0x0a44 [ 5CEF407E235885DB5421DF79C843F2DF, B85D7C8A137B15BDF14DB9588CEDB09C67B0C7965F8E79121E2BA7796B16777C ] TeamViewer9 C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
16:23:04.0808 0x0a44 TeamViewer9 - ok
16:23:04.0853 0x0a44 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
16:23:04.0873 0x0a44 TermDD - ok
16:23:04.0923 0x0a44 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
16:23:05.0008 0x0a44 TermService - ok
16:23:05.0048 0x0a44 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
16:23:05.0103 0x0a44 Themes - ok
16:23:05.0153 0x0a44 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
16:23:05.0193 0x0a44 THREADORDER - ok
16:23:05.0258 0x0a44 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
16:23:05.0328 0x0a44 TrkWks - ok
16:23:05.0438 0x0a44 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:23:05.0503 0x0a44 TrustedInstaller - ok
16:23:05.0563 0x0a44 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:23:05.0623 0x0a44 tssecsrv - ok
16:23:05.0688 0x0a44 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
16:23:05.0758 0x0a44 TsUsbFlt - ok
16:23:05.0813 0x0a44 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:23:05.0893 0x0a44 tunnel - ok
16:23:05.0943 0x0a44 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:23:05.0963 0x0a44 uagp35 - ok
16:23:06.0013 0x0a44 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:23:06.0083 0x0a44 udfs - ok
16:23:06.0198 0x0a44 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:23:06.0218 0x0a44 UI0Detect - ok
16:23:06.0273 0x0a44 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
16:23:06.0288 0x0a44 uliagpkx - ok
16:23:06.0353 0x0a44 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
16:23:06.0403 0x0a44 umbus - ok
16:23:06.0438 0x0a44 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:23:06.0498 0x0a44 UmPass - ok
16:23:06.0573 0x0a44 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
16:23:06.0643 0x0a44 upnphost - ok
16:23:06.0698 0x0a44 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:23:06.0813 0x0a44 usbccgp - ok
16:23:06.0878 0x0a44 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
16:23:06.0963 0x0a44 usbcir - ok
16:23:06.0998 0x0a44 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
16:23:07.0048 0x0a44 usbehci - ok
16:23:07.0113 0x0a44 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:23:07.0193 0x0a44 usbhub - ok
16:23:07.0228 0x0a44 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
16:23:07.0273 0x0a44 usbohci - ok
16:23:07.0333 0x0a44 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:23:07.0373 0x0a44 usbprint - ok
16:23:07.0433 0x0a44 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:23:07.0503 0x0a44 USBSTOR - ok
16:23:07.0543 0x0a44 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
16:23:07.0563 0x0a44 usbuhci - ok
16:23:07.0618 0x0a44 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
16:23:07.0673 0x0a44 usbvideo - ok
16:23:07.0718 0x0a44 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
16:23:07.0818 0x0a44 UxSms - ok
16:23:07.0858 0x0a44 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
16:23:07.0873 0x0a44 VaultSvc - ok
16:23:07.0923 0x0a44 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
16:23:07.0938 0x0a44 vdrvroot - ok
16:23:08.0003 0x0a44 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
16:23:08.0083 0x0a44 vds - ok
16:23:08.0138 0x0a44 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:23:08.0158 0x0a44 vga - ok
16:23:08.0173 0x0a44 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:23:08.0248 0x0a44 VgaSave - ok
16:23:08.0293 0x0a44 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
16:23:08.0323 0x0a44 vhdmp - ok
16:23:08.0368 0x0a44 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
16:23:08.0388 0x0a44 viaide - ok
16:23:08.0423 0x0a44 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
16:23:08.0448 0x0a44 volmgr - ok
16:23:08.0503 0x0a44 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:23:08.0553 0x0a44 volmgrx - ok
16:23:08.0603 0x0a44 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
16:23:08.0633 0x0a44 volsnap - ok
16:23:08.0703 0x0a44 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:23:08.0728 0x0a44 vsmraid - ok
16:23:09.0059 0x0a44 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
16:23:09.0204 0x0a44 VSS - ok
16:23:09.0254 0x0a44 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
16:23:09.0334 0x0a44 vwifibus - ok
16:23:09.0359 0x0a44 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
16:23:09.0384 0x0a44 vwififlt - ok
16:23:09.0469 0x0a44 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
16:23:09.0549 0x0a44 W32Time - ok
16:23:09.0594 0x0a44 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:23:09.0614 0x0a44 WacomPen - ok
16:23:09.0694 0x0a44 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:23:09.0799 0x0a44 WANARP - ok
16:23:09.0839 0x0a44 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:23:09.0879 0x0a44 Wanarpv6 - ok
16:23:09.0999 0x0a44 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
16:23:10.0144 0x0a44 wbengine - ok
16:23:10.0184 0x0a44 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:23:10.0219 0x0a44 WbioSrvc - ok
16:23:10.0279 0x0a44 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:23:10.0349 0x0a44 wcncsvc - ok
16:23:10.0394 0x0a44 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:23:10.0434 0x0a44 WcsPlugInService - ok
16:23:10.0489 0x0a44 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:23:10.0509 0x0a44 Wd - ok
16:23:10.0634 0x0a44 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:23:10.0704 0x0a44 Wdf01000 - ok
16:23:10.0734 0x0a44 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:23:10.0834 0x0a44 WdiServiceHost - ok
16:23:10.0854 0x0a44 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:23:10.0879 0x0a44 WdiSystemHost - ok
16:23:10.0964 0x0a44 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
16:23:11.0019 0x0a44 WebClient - ok
16:23:11.0079 0x0a44 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:23:11.0159 0x0a44 Wecsvc - ok
16:23:11.0259 0x0a44 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:23:11.0314 0x0a44 wercplsupport - ok
16:23:11.0374 0x0a44 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
16:23:11.0449 0x0a44 WerSvc - ok
16:23:11.0534 0x0a44 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:23:11.0574 0x0a44 WfpLwf - ok
16:23:11.0604 0x0a44 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:23:11.0619 0x0a44 WIMMount - ok
16:23:11.0654 0x0a44 WinDefend - ok
16:23:11.0689 0x0a44 WinHttpAutoProxySvc - ok
16:23:11.0834 0x0a44 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:23:11.0909 0x0a44 Winmgmt - ok
16:23:12.0134 0x0a44 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
16:23:12.0354 0x0a44 WinRM - ok
16:23:12.0429 0x0a44 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
16:23:12.0469 0x0a44 WinUsb - ok
16:23:12.0529 0x0a44 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:23:12.0609 0x0a44 Wlansvc - ok
16:23:12.0659 0x0a44 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
16:23:12.0694 0x0a44 WmiAcpi - ok
16:23:12.0734 0x0a44 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:23:12.0784 0x0a44 wmiApSrv - ok
16:23:12.0829 0x0a44 WMPNetworkSvc - ok
16:23:12.0864 0x0a44 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:23:12.0894 0x0a44 WPCSvc - ok
16:23:12.0934 0x0a44 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:23:12.0959 0x0a44 WPDBusEnum - ok
16:23:13.0019 0x0a44 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:23:13.0074 0x0a44 ws2ifsl - ok
16:23:13.0124 0x0a44 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
16:23:13.0144 0x0a44 wscsvc - ok
16:23:13.0149 0x0a44 WSearch - ok
16:23:13.0414 0x0a44 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
16:23:13.0499 0x0a44 wuauserv - ok
16:23:13.0539 0x0a44 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:23:13.0614 0x0a44 WudfPf - ok
16:23:13.0679 0x0a44 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:23:13.0704 0x0a44 WUDFRd - ok
16:23:13.0729 0x0a44 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:23:13.0754 0x0a44 wudfsvc - ok
16:23:13.0809 0x0a44 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
16:23:13.0894 0x0a44 WwanSvc - ok
16:23:13.0899 0x0a44 ================ Scan global ===============================
16:23:13.0959 0x0a44 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:23:14.0029 0x0a44 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:14.0039 0x0a44 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
16:23:14.0079 0x0a44 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:23:14.0159 0x0a44 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
16:23:14.0174 0x0a44 [ Global ] - ok
16:23:14.0179 0x0a44 ================ Scan MBR ==================================
16:23:14.0199 0x0a44 [ 8F558EB6672622401DA993E1E865C861 ] \Device\Harddisk0\DR0
16:23:14.0359 0x0a44 \Device\Harddisk0\DR0 - detected Rootkit.Boot.SST.b ( 0 )
16:23:14.0359 0x0a44 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - infected
16:23:20.0640 0x0a44 ================ Scan VBR ==================================
16:23:20.0700 0x0a44 [ F64FB5A89ED8EDB72EEAFD013BAD0521 ] \Device\Harddisk0\DR0\Partition1
16:23:20.0700 0x0a44 \Device\Harddisk0\DR0\Partition1 - ok
16:23:20.0705 0x0a44 [ BA1BD3C677E329B612F65C15EA19096F ] \Device\Harddisk0\DR0\Partition2
16:23:20.0710 0x0a44 \Device\Harddisk0\DR0\Partition2 - ok
16:23:20.0710 0x0a44 ================ Scan generic autorun ======================
16:23:20.0780 0x0a44 [ 42EB7A79867ED8AD99349FF0F0A7F39A, AF289350D625123BB697532B53A35B48D574ADB9861A288DA68F8EC2AB6F2E3A ] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
16:23:20.0815 0x0a44 AmIcoSinglun64 - detected UnsignedFile.Multi.Generic ( 1 )
16:23:23.0560 0x0a44 Detect skipped due to KSN trusted
16:23:23.0560 0x0a44 AmIcoSinglun64 - ok
16:23:24.0035 0x0a44 [ 0D7CF635D9888072015EBE3B232DFB99, 25F8BB678DA47D4C7D002964597A04EE651E1492C43C217E3987FBC8DA66FDE6 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
16:23:24.0261 0x0a44 RtHDVCpl - ok
16:23:24.0401 0x0a44 [ AAC9F71B93EB717458836E17120BA7B6, 1863F76E1246D00240008B9C10AAC06C951380F250495CF1C34A076FA2968577 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
16:23:24.0436 0x0a44 StartCCC - detected UnsignedFile.Multi.Generic ( 1 )
16:23:27.0191 0x0a44 Detect skipped due to KSN trusted
16:23:27.0191 0x0a44 StartCCC - ok
16:23:27.0436 0x0a44 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
16:23:27.0476 0x0a44 Adobe ARM - ok
16:23:27.0631 0x0a44 [ 9234099256CEBEE38E74375FEB03D498, C3B9DAF1605470575C605635E83F31EEDE154E3D1CD72964D696EA13DF85F011 ] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
16:23:27.0646 0x0a44 KiesTrayAgent - ok
16:23:27.0736 0x0a44 [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
16:23:27.0746 0x0a44 APSDaemon - ok
16:23:27.0876 0x0a44 [ E4401CF27225C1D6E664E86195978562, F572A2757C2A649E25F52F7071E6A2CCF298C60A8F2B15A0E2D800F890C4FD93 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
16:23:27.0891 0x0a44 iTunesHelper - ok
16:23:28.0001 0x0a44 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
16:23:28.0011 0x0a44 GrooveMonitor - ok
16:23:28.0121 0x0a44 [ 1DE859B82E381A645C44284A5044BC33, 305AE678D3163D57C8E027F94BC553FDFDE7F9A14599EAEC370B0867DE4A9EC2 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
16:23:28.0136 0x0a44 SunJavaUpdateSched - ok
16:23:28.0346 0x0a44 [ 2AA5DD75EA1281432C40D22B5FD87D3A, 9868D4176C8F08EB72B0B992D3E2A480C587930CA025B4FDF3212F99B79C3017 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
16:23:28.0371 0x0a44 avgnt - ok
16:23:28.0546 0x0a44 [ 51DAD159BD771681B67593B9B8289A45, 40A7277819C2D7BCA10D22DC2F443F986DF04E777D3A4A0C89CC0991B020607C ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
16:23:28.0556 0x0a44 Avira Systray - ok
16:23:28.0751 0x0a44 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:28.0911 0x0a44 Sidebar - ok
16:23:28.0956 0x0a44 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:28.0986 0x0a44 mctadmin - ok
16:23:29.0051 0x0a44 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:23:29.0101 0x0a44 Sidebar - ok
16:23:29.0136 0x0a44 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:23:29.0156 0x0a44 mctadmin - ok
16:23:29.0261 0x0a44 [ 5FA98DFF08AB3453435A44699F278288, E26D6707375321421DAF90F59FAF8D4F1F54C487395E91524A19492CA736AE0D ] C:\Program Files (x86)\Samsung\Kies\Kies.exe
16:23:29.0291 0x0a44 KiesPreload - ok
16:23:29.0361 0x0a44 [ 96D96280F43E93E3FFC07CBC8826F891, FD632BE46A530EF1FD4076072A2FC8A1512D937217402059A997A17DD637B0E4 ] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
16:23:29.0381 0x0a44 KiesAirMessage - detected UnsignedFile.Multi.Generic ( 1 )
16:23:32.0131 0x0a44 Detect skipped due to KSN trusted
16:23:32.0131 0x0a44 KiesAirMessage - ok
16:23:32.0271 0x0a44 [ A7BE74971FFD1D6F791361C292A82588, A49B643365FF743A2945381855C4FC5234F7A4649BE0E3DC8C28F3893CA3ADFA ] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
16:23:32.0301 0x0a44 KiesPDLR - ok
16:23:32.0301 0x0a44 Waiting for KSN requests completion. In queue: 14
16:23:33.0301 0x0a44 Waiting for KSN requests completion. In queue: 14
16:23:34.0301 0x0a44 Waiting for KSN requests completion. In queue: 14
16:23:35.0331 0x0a44 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.6.548 ), 0x41000 ( enabled : updated )
16:23:35.0346 0x0a44 Win FW state via NFP2: enabled
16:23:38.0022 0x0a44 ============================================================
16:23:38.0022 0x0a44 Scan finished
16:23:38.0022 0x0a44 ============================================================
16:23:38.0032 0x0bd8 Detected object count: 1
16:23:38.0032 0x0bd8 Actual detected object count: 1
16:23:45.0977 0x0bd8 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - skipped by user
16:23:45.0977 0x0bd8 \Device\Harddisk0\DR0 ( Rootkit.Boot.SST.b ) - User select action: Skip
|
|
03.09.2014, 16:24
| #8 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor Servus, Downloade dir bitte aswMBR.exe und speichere die Datei auf deinem Desktop.
Wichtig: Drücke keinesfalls einen der Fix Buttons ohne Anweisung Hinweis: Sollte der Scan Button ausgeblendet sein, schließe das Tool und starte es erneut. Sollte es erneut nicht klappen teile mir das bitte mit.
|
|
03.09.2014, 16:45
| #9 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi, Code:
ATTFilter aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-09-03 17:30:58
-----------------------------
17:30:58.432 OS Version: Windows x64 6.1.7601 Service Pack 1
17:30:58.432 Number of processors: 4 586 0x2502
17:30:58.433 ComputerName: HOME-PC UserName: Home
17:31:00.855 Initialize success
17:31:00.920 VM: initialized successfully
17:31:00.923 VM: Intel CPU supported
17:31:16.406 VM: not used
17:31:29.804 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-0
17:31:29.807 Disk 0 Vendor: TOSHIBA_MK5055GSX FG001J Size: 476940MB BusType: 11
17:31:29.964 Disk 0 MBR read successfully
17:31:29.967 Disk 0 MBR scan
17:31:29.970 Disk 0 Windows XP default MBR code
17:31:29.976 Disk 0 Partition 1 00 27 Hidden NTFS WinRE NTFS 13000 MB offset 2048
17:31:29.995 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 100 MB offset 26626048
17:31:30.006 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 463838 MB offset 26830848
17:31:30.034 Disk 0 Partition 4 80 (A) 17 Hidd HPFS/NTFS NTFS 0 MB offset 976771120
17:31:30.039 Disk 0 Boot: NTFS code=1
17:31:30.043 Disk 0 Partition 4 **SUSPICIOUS**
17:31:30.206 Disk 0 scanning C:\Windows\system32\drivers
17:31:39.298 Service scanning
17:32:16.108 Modules scanning
17:32:16.115 Disk 0 trace - called modules:
17:32:16.155 ntoskrnl.exe CLASSPNP.SYS disk.sys ataport.SYS PCIIDEX.SYS hal.dll msahci.sys
17:32:16.162 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80064f6060]
17:32:16.169 3 CLASSPNP.SYS[fffff8800145143f] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa8006211680]
17:32:16.175 Scan finished successfully
17:32:32.960 Disk 0 MBR has been saved successfully to "C:\Users\Home\Desktop\MBR.dat"
17:32:32.969 The log file has been saved successfully to "C:\Users\Home\Desktop\aswMBR.txt"
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 03-09-2014
Ran by Home (administrator) on HOME-PC on 03-09-2014 17:37:39
Running from C:\Users\Home\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(AlcorMicro Co., Ltd.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Desktop.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Home\Desktop\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323072 2009-07-22] (AlcorMicro Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8312352 2009-10-28] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2009-11-12] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [309688 2012-12-03] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152544 2012-12-12] (Apple Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-11] (Oracle Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [751184 2014-07-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [161584 2014-08-04] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [967608 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesAirMessage] => C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe [577536 2012-11-28] (Samsung Electronics)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [KiesPDLR] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [843704 2012-12-03] (Samsung)
HKU\S-1-5-21-1681634373-90805618-1013694112-1000\...\MountPoints2: {3b7b4c89-4296-11e2-946b-00262d818196} - F:\LaunchU3.exe -a
Startup: C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://rts.dsrlte.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?pc=UP97&ocid=UP97DHP
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBC8E255AA848CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - 809CF234490D49BB8030301225658AF6 URL = hxxp://www.sweet-page.com/web/?type=ds&ts=1394292881&from=cor&uid=TOSHIBAXMK5055GSX_Y9ADC0O1TXXY9ADC0O1T&q={searchTerms}
SearchScopes: HKCU - {879047C3-BC5E-43A9-AC28-82DFBC646A00} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ORJ&o=&src=kw&q={searchTerms}&locale=&apn_ptnrs=U3&apn_dtid=OSJ000YYDE&apn_uid=FF92F338-7AC1-4EDF-B9C9-201A72BADEBB&apn_sauid=ABD7C0A3-3023-45BD-AFA2-57CE256EE98C
SearchScopes: HKCU - {E125ADC4-EFCF-4CC7-9598-F8FE8258FB58} URL = hxxp://rts.dsrlte.com/?q={searchTerms}&r=266
SearchScopes: HKCU - {FCD925BA-A64E-4745-AAEC-B8BA631A98B5} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3279453&CUI=UN11816603311929016
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.70.0.1
FireFox:
========
FF ProfilePath: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Ask Search
FF Homepage: hxxp://rts.dsrlte.com
FF Keyword.URL: user_pref("keyword.URL", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeLive,version=1.5 -> C:\Program Files (x86)\Microsoft\Office Live\npOLW.dll (Microsoft Corp.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Users\Home\Desktop\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Users\Home\Desktop\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\dvdvideosoft-20-customized-web-search.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\keepmysearch.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\lastminute-1.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\searchplugins\webde-suche.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: WEB.DE MailCheck - C:\Users\Home\AppData\Roaming\Mozilla\Firefox\Profiles\6d2dwq6b.default\Extensions\toolbar@web.de.xpi [2011-12-19]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-03-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-03-08]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2014-03-08]
Chrome:
=======
CHR HomePage: Default -> https://www.google.de/
CHR StartupUrls: Default -> "hxxp://www.google.de/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll No File
CHR Plugin: (Java(TM) Platform SE 6 U37) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java Deployment Toolkit 6.0.370.6) - C:\Windows\SysWOW64\npdeployJava1.dll No File
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll No File
CHR Profile: C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Newhub) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\aoejbmmillcdifgagjpdlaamnalbielp [2014-03-17]
CHR Extension: (YouTube) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-21]
CHR Extension: (Google-Suche) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-21]
CHR Extension: (Avira Browser Safety) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-04]
CHR Extension: (Adblock Advisor) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\iplojogpbcbnjoemcalepfmbcpnkpjjo [2014-08-04]
CHR Extension: (Google Wallet) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR Extension: (Google Mail) - C:\Users\Home\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-21]
CHR HKLM\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
CHR HKCU\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
CHR HKLM-x32\...\Chrome\Extension: [aoejbmmillcdifgagjpdlaamnalbielp] - C:\Users\Home\AppData\Local\nwhb-v9.4.15.crx [2014-03-17]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [430160 2014-07-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [149296 2014-08-04] (Avira Operations GmbH & Co. KG)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [117712 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [130584 2014-07-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-07-23] (Avira Operations GmbH & Co. KG)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
U3 aswMBR; \??\C:\Users\Home\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Home\AppData\Local\Temp\aswVmm.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 17:32 - 2014-09-03 17:32 - 00001946 _____ () C:\Users\Home\Desktop\aswMBR.txt
2014-09-03 17:32 - 2014-09-03 17:32 - 00000512 _____ () C:\Users\Home\Desktop\MBR.dat
2014-09-03 17:29 - 2014-09-03 17:30 - 05185536 _____ (AVAST Software) C:\Users\Home\Downloads\aswMBR.exe
2014-09-03 14:44 - 2014-09-03 14:54 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-03 12:58 - 2014-09-03 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Home\Downloads\tdsskiller.exe
2014-09-03 12:12 - 2014-09-03 12:14 - 00025218 _____ () C:\Users\Home\Desktop\Addition.txt
2014-09-03 12:11 - 2014-09-03 17:37 - 00016846 _____ () C:\Users\Home\Desktop\FRST.txt
2014-09-03 12:11 - 2014-09-03 17:37 - 00000000 ____D () C:\FRST
2014-09-03 12:11 - 2014-09-03 12:11 - 02104832 _____ (Farbar) C:\Users\Home\Desktop\FRST64(1).exe
2014-09-03 12:08 - 2014-09-03 12:08 - 00000470 _____ () C:\Users\Home\Desktop\defogger_disable.log
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 _____ () C:\Users\Home\defogger_reenable
2014-09-03 12:05 - 2014-09-03 12:05 - 00050477 _____ () C:\Users\Home\Desktop\Defogger(1).exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Users\Home\AppData\Roaming\TeamViewer
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-03 12:00 - 2014-09-03 12:00 - 06304880 _____ (TeamViewer GmbH) C:\Users\Home\Downloads\TeamViewer_Setup_de.exe
2014-09-03 09:37 - 2014-09-03 09:37 - 00000000 _____ () C:\autoexec.bat
2014-09-03 09:36 - 2014-09-03 09:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-03 09:35 - 2014-09-03 12:10 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-03 09:34 - 2014-09-03 09:34 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Home\Downloads\SpyHunter-Installer.exe
2014-09-03 09:23 - 2014-09-03 09:23 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-03 09:19 - 2014-09-03 09:22 - 154669008 _____ () C:\Users\Home\Downloads\setup_11.0.3.7.x01_2014_08_19_13_38 (1).exe
2014-08-31 17:34 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-31 17:34 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-31 17:34 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-26 21:24 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-26 21:24 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-26 21:24 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-26 21:24 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-26 21:24 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-26 21:24 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-26 21:24 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-26 21:24 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 21:28 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 21:28 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 21:28 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 21:28 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 21:28 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 21:27 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 21:27 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 21:27 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 21:27 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-23 21:26 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-23 21:26 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-23 21:25 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-23 21:25 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-23 21:25 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-23 21:24 - 2014-08-01 01:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-23 21:24 - 2014-08-01 01:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-23 21:24 - 2014-07-25 16:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-23 21:24 - 2014-07-25 16:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-23 21:24 - 2014-07-25 16:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-23 21:24 - 2014-07-25 15:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-23 21:24 - 2014-07-25 15:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-23 21:24 - 2014-07-25 15:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-23 21:24 - 2014-07-25 15:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-23 21:24 - 2014-07-25 15:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-23 21:24 - 2014-07-25 15:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-23 21:24 - 2014-07-25 15:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-23 21:24 - 2014-07-25 15:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-23 21:24 - 2014-07-25 15:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-23 21:24 - 2014-07-25 15:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-23 21:24 - 2014-07-25 15:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-23 21:24 - 2014-07-25 15:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-23 21:24 - 2014-07-25 14:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-23 21:24 - 2014-07-25 14:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-23 21:24 - 2014-07-25 14:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-23 21:24 - 2014-07-25 14:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-23 21:24 - 2014-07-25 14:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-23 21:24 - 2014-07-25 14:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-23 21:24 - 2014-07-25 14:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-23 21:24 - 2014-07-25 14:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-23 21:24 - 2014-07-25 14:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-23 21:24 - 2014-07-25 14:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-23 21:24 - 2014-07-25 14:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-23 21:24 - 2014-07-25 14:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-23 21:24 - 2014-07-25 14:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-23 21:24 - 2014-07-25 14:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-23 21:24 - 2014-07-25 14:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-23 21:24 - 2014-07-25 14:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-23 21:24 - 2014-07-25 14:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-23 21:24 - 2014-07-25 14:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-23 21:24 - 2014-07-25 14:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-23 21:24 - 2014-07-25 13:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-23 21:24 - 2014-07-25 13:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-23 21:24 - 2014-07-25 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-23 21:24 - 2014-07-25 13:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-23 21:24 - 2014-07-25 13:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-23 21:24 - 2014-07-25 13:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-23 21:24 - 2014-07-25 13:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-23 21:24 - 2014-07-25 13:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-23 21:24 - 2014-07-25 13:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-23 21:24 - 2014-07-25 13:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-23 21:24 - 2014-07-25 13:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-23 21:24 - 2014-07-25 13:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-23 21:24 - 2014-07-25 13:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-23 21:24 - 2014-07-25 13:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-23 21:24 - 2014-07-25 12:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-23 21:24 - 2014-07-25 12:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-23 21:24 - 2014-07-25 12:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-23 21:24 - 2014-07-25 12:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-23 21:24 - 2014-07-25 12:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-23 21:24 - 2014-07-25 12:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-23 21:24 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-23 21:24 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-23 21:24 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-23 21:24 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-23 21:24 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-23 21:24 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-23 21:24 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-23 21:24 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-23 20:32 - 2014-08-23 20:32 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-05 15:37 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-05 15:36 - 2014-08-05 15:38 - 00000000 ____D () C:\AdwCleaner
2014-08-05 15:35 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302 (1).exe
2014-08-05 15:34 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302.exe
2014-08-05 13:07 - 2014-08-05 13:06 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-04 18:59 - 2014-08-04 18:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Avira
2014-08-04 18:53 - 2014-07-23 13:29 - 00130584 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-08-04 18:53 - 2014-07-23 13:29 - 00117712 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-08-04 18:53 - 2014-07-23 13:29 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-04 18:47 - 2014-08-23 20:32 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-04 18:47 - 2014-08-04 18:53 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 18:46 - 2014-08-04 18:46 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Home\Downloads\avira_de_av___ws.exe
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-09-03 17:37 - 2014-09-03 12:11 - 00016846 _____ () C:\Users\Home\Desktop\FRST.txt
2014-09-03 17:37 - 2014-09-03 12:11 - 00000000 ____D () C:\FRST
2014-09-03 17:32 - 2014-09-03 17:32 - 00001946 _____ () C:\Users\Home\Desktop\aswMBR.txt
2014-09-03 17:32 - 2014-09-03 17:32 - 00000512 _____ () C:\Users\Home\Desktop\MBR.dat
2014-09-03 17:30 - 2014-09-03 17:29 - 05185536 _____ (AVAST Software) C:\Users\Home\Downloads\aswMBR.exe
2014-09-03 17:19 - 2013-02-12 12:41 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-03 17:13 - 2012-12-21 09:20 - 00001106 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-03 16:24 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:24 - 2009-07-14 06:45 - 00023152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-03 16:20 - 2011-11-05 11:45 - 02071016 _____ () C:\Windows\WindowsUpdate.log
2014-09-03 16:16 - 2012-12-21 09:20 - 00001102 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-03 16:16 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-03 16:16 - 2009-07-14 06:51 - 00122746 _____ () C:\Windows\setupact.log
2014-09-03 14:54 - 2014-09-03 14:44 - 00000000 ____D () C:\TDSSKiller_Quarantine
2014-09-03 12:58 - 2014-09-03 12:58 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Home\Downloads\tdsskiller.exe
2014-09-03 12:52 - 2011-11-05 13:05 - 00354454 _____ () C:\Windows\PFRO.log
2014-09-03 12:52 - 2009-07-14 06:45 - 00439256 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-03 12:21 - 2011-11-05 12:59 - 00115432 _____ () C:\Users\Home\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-03 12:14 - 2014-09-03 12:12 - 00025218 _____ () C:\Users\Home\Desktop\Addition.txt
2014-09-03 12:11 - 2014-09-03 12:11 - 02104832 _____ (Farbar) C:\Users\Home\Desktop\FRST64(1).exe
2014-09-03 12:10 - 2014-09-03 09:35 - 00000000 ____D () C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP
2014-09-03 12:08 - 2014-09-03 12:08 - 00000470 _____ () C:\Users\Home\Desktop\defogger_disable.log
2014-09-03 12:08 - 2014-09-03 12:08 - 00000000 _____ () C:\Users\Home\defogger_reenable
2014-09-03 12:08 - 2011-11-05 12:16 - 00000000 ____D () C:\Users\Home
2014-09-03 12:05 - 2014-09-03 12:05 - 00050477 _____ () C:\Users\Home\Desktop\Defogger(1).exe
2014-09-03 12:01 - 2014-09-03 12:01 - 00001178 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00001166 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Users\Home\AppData\Roaming\TeamViewer
2014-09-03 12:01 - 2014-09-03 12:01 - 00000000 ____D () C:\Program Files (x86)\TeamViewer
2014-09-03 12:00 - 2014-09-03 12:00 - 06304880 _____ (TeamViewer GmbH) C:\Users\Home\Downloads\TeamViewer_Setup_de.exe
2014-09-03 09:37 - 2014-09-03 09:37 - 00000000 _____ () C:\autoexec.bat
2014-09-03 09:36 - 2014-09-03 09:36 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-03 09:34 - 2014-09-03 09:34 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Home\Downloads\SpyHunter-Installer.exe
2014-09-03 09:23 - 2014-09-03 09:23 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-09-03 09:22 - 2014-09-03 09:19 - 154669008 _____ () C:\Users\Home\Downloads\setup_11.0.3.7.x01_2014_08_19_13_38 (1).exe
2014-09-02 18:28 - 2013-08-14 19:13 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-31 20:59 - 2012-12-15 14:15 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-31 20:30 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-27 23:02 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-26 21:31 - 2011-11-05 13:49 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-26 21:21 - 2014-05-06 23:23 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-23 20:32 - 2014-08-23 20:32 - 00001141 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-08-23 20:32 - 2014-08-04 18:47 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-08-23 04:07 - 2014-08-31 17:34 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-31 17:34 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-31 17:34 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-07 04:06 - 2014-08-23 21:26 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-23 21:26 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 15:38 - 2014-08-05 15:36 - 00000000 ____D () C:\AdwCleaner
2014-08-05 15:38 - 2012-12-21 09:20 - 00001282 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-05 15:38 - 2012-12-21 09:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-05 15:38 - 2011-11-05 12:17 - 00000997 _____ () C:\Users\Home\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-05 15:35 - 2014-08-05 15:35 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302 (1).exe
2014-08-05 15:35 - 2014-08-05 15:34 - 01361309 _____ () C:\Users\Home\Downloads\adwcleaner_3.302.exe
2014-08-05 15:25 - 2014-03-08 18:00 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-08-05 13:06 - 2014-08-05 13:07 - 00042040 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2014-08-04 22:04 - 2009-07-14 19:58 - 00704520 _____ () C:\Windows\system32\perfh007.dat
2014-08-04 22:04 - 2009-07-14 19:58 - 00152326 _____ () C:\Windows\system32\perfc007.dat
2014-08-04 22:04 - 2009-07-14 07:13 - 01634360 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-04 19:00 - 2009-07-14 04:34 - 00000580 _____ () C:\Windows\win.ini
2014-08-04 18:59 - 2014-08-04 18:59 - 00000000 ____D () C:\Users\Home\AppData\Roaming\Avira
2014-08-04 18:53 - 2014-08-04 18:47 - 00000000 ____D () C:\ProgramData\Avira
2014-08-04 18:46 - 2014-08-04 18:46 - 04431200 _____ (Avira Operations GmbH & Co. KG) C:\Users\Home\Downloads\avira_de_av___ws.exe
Some content of TEMP:
====================
C:\Users\Home\AppData\Local\Temp\5jwggudp.dll
C:\Users\Home\AppData\Local\Temp\APNSetup.exe
C:\Users\Home\AppData\Local\Temp\ApnStub.exe
C:\Users\Home\AppData\Local\Temp\AskSLib.dll
C:\Users\Home\AppData\Local\Temp\avgnt.exe
C:\Users\Home\AppData\Local\Temp\contentDATs.exe
C:\Users\Home\AppData\Local\Temp\dsrlte.exe
C:\Users\Home\AppData\Local\Temp\esjz2asp.dll
C:\Users\Home\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Home\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Home\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-6u39-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Home\AppData\Local\Temp\ose00000.exe
C:\Users\Home\AppData\Local\Temp\Quarantine.exe
C:\Users\Home\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\Home\AppData\Local\Temp\SHSetup.exe
C:\Users\Home\AppData\Local\Temp\Sqlite3.dll
C:\Users\Home\AppData\Local\Temp\ucyxxl10.dll
C:\Users\Home\AppData\Local\Temp\v55855549.455.exe
C:\Users\Home\AppData\Local\Temp\vkswtrnf.dll
C:\Users\Home\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\Home\AppData\Local\Temp\{F09163F1-C590-48FA-8CE2-12DC5ED48995}.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-08-31 20:22
==================== End Of Log ============================
Addition: Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-09-2014
Ran by Home at 2014-09-03 17:38:02
Running from C:\Users\Home\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{DBCE1208-433D-4D3E-A26A-CB1B5E71A8F5}) (Version: 1.4.17.35005 - Alcor Micro Corp.)
Alcor Micro USB Card Reader (x32 Version: 1.4.17.35005 - Alcor Micro Corp.) Hidden
Apple Application Support (HKLM-x32\...\{CCE825DB-347A-4004-A186-5F4A6FDD8547}) (Version: 2.3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{D70884EA-E2CE-4539-91DB-4766CC1E5F5F}) (Version: 6.0.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI AVIVO64 Codecs (Version: 10.11.0.41111 - ATI Technologies Inc.) Hidden
ATI Catalyst Install Manager (HKLM\...\{7F5DD17B-35CB-B9FC-4EF0-71240AEB08D5}) (Version: 3.0.750.0 - ATI Technologies, Inc.)
Avira (HKLM-x32\...\{e67154a7-9cc5-4167-b782-f3982bc6c70d}) (Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.19.30000 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.6.570 - Avira)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Buzzdock (HKLM\...\{ac225167-00fc-452d-94c5-bb93600e7d9a}) (Version: - Alactro LLC) <==== ATTENTION
Canon iP4700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP4700_series) (Version: - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2009.1111.2327.42077 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2009.1111.2327.42077 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Czech (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Danish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Dutch (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help English (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Finnish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help French (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help German (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Greek (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Italian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Japanese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Korean (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Polish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Russian (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Spanish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Swedish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Thai (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
CCC Help Turkish (x32 Version: 2009.1111.2326.42077 - ATI) Hidden
ccc-core-static (x32 Version: 2009.1111.2327.42077 - Ihr Firmenname) Hidden
ccc-utility64 (Version: 2009.1111.2327.42077 - ATI) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.3.9.2762 - CDBurnerXP)
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 15.0.20140212 - Landesfinanzdirektion Thüringen)
Free Audio CD to MP3 Converter version 1.3.12.1228 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: 1.3.12.1228 - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.114 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
iTunes (HKLM\...\{0E5D76AD-A3FB-48D5-8400-8903B10317D3}) (Version: 11.0.1.12 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
LSI HDA Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.98 - LSI Corporation)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Access MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Live Add-in 1.5 (HKLM-x32\...\{F40BBEC7-C2A4-4A00-9B24-7A055A2C5262}) (Version: 2.0.4024.1 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version: - Microsoft) Hidden
Microsoft Office Publisher MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (German) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5969 - Realtek Semiconductor Corp.)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.3.2.12064_9 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.16.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version: - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{EA54F104-79D2-48CC-9ABC-91A63C43D353}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version: - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Driver Package - Broadcom Bluetooth (07/30/2009 6.2.0.9405) (HKLM\...\6B6B5E96843E55CF5CF8C7E45FB457F1FE642FF1) (Version: 07/30/2009 6.2.0.9405 - Broadcom)
Windows Driver Package - Broadcom Bluetooth (09/11/2009 6.2.0.9407) (HKLM\...\3932CA781A7894D20116FDF60F878301800EA8AB) (Version: 09/11/2009 6.2.0.9407 - Broadcom)
Windows Driver Package - Broadcom HIDClass (07/28/2009 6.2.0.9800) (HKLM\...\3BA80AB4C7E9F8497C115C844953A3D4BEB84D21) (Version: 07/28/2009 6.2.0.9800 - Broadcom)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
01-08-2014 06:15:02 Windows Update
03-08-2014 08:07:43 Installed Java 7 Update 65
03-08-2014 19:56:37 Windows-Sicherung
19-08-2014 20:12:55 Windows-Sicherung
23-08-2014 19:27:01 Windows Update
26-08-2014 19:20:28 Windows Update
26-08-2014 19:26:21 Windows-Sicherung
31-08-2014 17:00:08 Windows-Sicherung
31-08-2014 18:57:51 Windows Update
03-09-2014 07:35:56 Installed SpyHunter
03-09-2014 10:08:56 Removed SpyHunter
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {2C2DCAFB-6293-484E-A4CB-0484D32D0541} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {96276833-16C2-4DA5-BC77-55EC68217669} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {AEF6EDA8-258F-42EA-A1DF-77CA332FCBF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {B541003A-04C2-4BA8-A7CA-072444ADBAC2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-10] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2009-07-29 14:10 - 2009-07-29 14:10 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-11-05 12:56 - 2011-11-05 12:56 - 00270336 _____ () C:\Windows\assembly\GAC_MSIL\CLI.Aspect.CrossDisplay.Graphics.Dashboard\1.0.0.0__90ba9c70f846762e\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-04 14:20 - 2014-08-04 14:20 - 00067832 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-08-04 18:54 - 2014-08-04 14:20 - 00052472 _____ () C:\Users\Home\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2011-01-17 17:19 - 2011-11-05 15:10 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-05-23 06:25 - 2014-05-14 01:40 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libglesv2.dll
2014-05-23 06:25 - 2014-05-14 01:40 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\libegl.dll
2014-05-23 06:25 - 2014-05-14 01:40 - 04217672 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll
2014-05-23 06:25 - 2014-05-14 01:40 - 00414536 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll
2014-05-23 06:25 - 2014-05-14 01:40 - 01732424 _____ () C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\16068127.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\39258727.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\16068127.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\39258727.sys => ""="Driver"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
==================== Faulty Device Manager Devices =============
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft-Teredo-Tunneling-Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/03/2014 00:09:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary 1489405drv.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (09/03/2014 00:06:18 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x88980406) festgestellt.
Error: (09/03/2014 00:05:23 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x88980406) festgestellt.
Error: (09/03/2014 09:36:08 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Fehler beim Kryptografiedienst während der Verarbeitung des "OnIdentity()"-Aufrufobjekts "System Writer".
Details:
AddLegacyDriverFiles: Unable to back up image of binary 1489405drv.
System Error:
Das System kann die angegebene Datei nicht finden.
.
Error: (09/02/2014 10:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11909242
Error: (09/02/2014 10:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11909242
Error: (09/02/2014 10:31:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (09/02/2014 10:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11908181
Error: (09/02/2014 10:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11908181
Error: (09/02/2014 10:31:50 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
System errors:
=============
Error: (09/03/2014 00:57:11 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 00:21:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 00:09:09 PM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 11:57:08 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 11:45:05 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 11:21:03 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 11:09:03 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 09:59:56 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 09:35:52 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Error: (09/03/2014 09:23:47 AM) (Source: bowser) (EventID: 8003) (User: )
Description: Der Hauptsuchdienst erhielt eine Serverankündigung vom Computer "LOESLER-HP",
der der Hauptsuchdienst der Domäne für den NetBT_Tcpip_{9FEB454D-0573-4D12-9D1C-67A384DBAD33}-Transport zu sein scheint.
Der Hauptsuchdienst wurde beendet oder es wird eine Auswahl erzwungen.
Microsoft Office Sessions:
=========================
Error: (12/02/2013 10:49:33 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 5218 seconds with 2700 seconds of active time. This session ended with a crash.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 29%
Total physical RAM: 6004.5 MB
Available physical RAM: 4254.2 MB
Total Pagefile: 12007.18 MB
Available Pagefile: 9914.68 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
==================== Drives ================================
Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:342.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows XP) (Size: 465.8 GB) (Disk ID: 201A2019)
Partition 1: (Not Active) - (Size=12.7 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 4: (Active) - (Size=1016 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4
==================== End Of Log ============================
|
|
03.09.2014, 16:53
| #10 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor Servus, ich melde mich nach einer Rücksprache wieder. |
|
04.09.2014, 08:33
| #11 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor Servus, erst mal bitte ListParts ausführen: Downloade dir bitte ListParts auf deinen Desktop.
|
|
04.09.2014, 10:51
| #12 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi, Code:
ATTFilter ListParts by Farbar Version: 31-07-2014
Ran by Home (administrator) on 04-09-2014 at 11:49:16
Windows 7 (X64)
Running From: C:\Users\Home\Downloads
Language: Deutsch (Deutschland)
************************************************************
========================= Memory info ======================
Percentage of memory in use: 29%
Total physical RAM: 6004.5 MB
Available physical RAM: 4234.89 MB
Total Pagefile: 12007.18 MB
Available Pagefile: 10014.87 MB
Total Virtual: 8192 MB
Available Virtual: 8191.91 MB
======================= Partitions =========================
1 Drive c: (ACER) (Fixed) (Total:452.97 GB) (Free:342.56 GB) NTFS ==>[System with boot components (obtained from reading drive)]
2 Drive d: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 465 GB 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: 201A2019
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 12 GB 1024 KB
Partition 2 Prim„r 100 MB 12 GB
Partition 3 Prim„r 452 GB 12 GB
Partition 4 Prim„r 1016 KB 465 GB
======================================================================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 PQSERVICE NTFS Partition 12 GB Fehlerfre Versteck
======================================================================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 D SYSTEM RESE NTFS Partition 100 MB Fehlerfre System (partition with boot components)
======================================================================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 C ACER NTFS Partition 452 GB Fehlerfre Startpar
======================================================================================================
Disk: 0
Partition 4
Typ : 17
Versteckt: Ja
Aktiv : Ja
Dieser Partition ist kein Volume zugewiesen.
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: 201A2019
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Not Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
Partition 4: (Active) - (Size=1016 KB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 4
****** End Of Log ******
|
|
04.09.2014, 11:23
| #13 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor Servus, du brauchst jetzt einen USB-Stick. Schließe einen USB-Stick an deinen Rechner an. Downloade dir ListParts direkt auf den USB-Stick. Downloade dir außerdem die Datei fix.txt aus dem Anhang meines Posts und speichere die Datei auch direkt auf dem USB-Stick. Vergewissere dich, dass der USB-Stick mit den beiden Dateien am Rechner angeschlossen ist und boote das System in den Reparaturmodus. Dafür gibt es zwei Möglichkeiten:
Wähle nun in den Reparaturoptionen: Eingabeaufforderung Gib nun bitte notepad ein und drücke Enter. Im sich öffnenden Textdokument wähle Datei > Speichern unter... und wähle Computer. Hier wird dir der Laufwerksbuchstabe deines USB Sticks angezeigt, merke ihn dir. Schließe Notepad wieder Gib nun bitte folgenden Befehl ein. e:\listparts64.exe Hinweis: e steht für den Laufwerksbuchstaben deines USB Sticks, den du dir gemerkt hast. Gegebenfalls anpassen. Das Tool ListParts wird starten. Drücke nun den Fix Button. Wenn der Fix abgeschlossen ist, setze einen Haken vor List BCD und drücke auf Scan. Dies wird eine Datei Result.txt auf dem USB-Stick erstellen. Starte den Rechner normal auf und poste mir deren Inhalt mit deiner nächsten Antwort. |
|
04.09.2014, 11:54
| #14 |
| | Virus 'BOO/TDss.O' im Masterbootsektor Hi, booten funktioniert mit der aktiven Partition wieder :-) Code:
ATTFilter ListParts by Farbar Version: 31-07-2014
Ran by SYSTEM (administrator) on 04-09-2014 at 12:47:02
Windows 7 (X64)
Running From: g:\
Language: Deutsch (Deutschland)
************************************************************
========================= Memory info ======================
Percentage of memory in use: 11%
Total physical RAM: 6004.5 MB
Available physical RAM: 5334.26 MB
Total Pagefile: 6002.65 MB
Available Pagefile: 5311.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.92 MB
======================= Partitions =========================
1 Drive c: (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
2 Drive d: (ACER) (Fixed) (Total:452.97 GB) (Free:342.98 GB) NTFS ==>[System with boot components (obtained from reading drive)]
3 Drive e: (PQSERVICE) (Fixed) (Total:12.7 GB) (Free:2.44 GB) NTFS
4 Drive f: (HBCD 15.2) (CDROM) (Total:0.58 GB) (Free:0 GB) CDFS
5 Drive g: (UNTITLED) (Removable) (Total:7.23 GB) (Free:4.14 GB) FAT32
6 Drive x: (Boot) (Fixed) (Total:0.03 GB) (Free:0.03 GB) NTFS
Datentr„ger ### Status Gr”áe Frei Dyn GPT
--------------- ------------- ------- ------- --- ---
Datentr„ger 0 Online 465 GB 0 B
Datentr„ger 1 Online 7441 MB 0 B
Partitions of Disk 0:
===============
Datentr„ger-ID: 201A2019
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Wiederherstellun 12 GB 1024 KB
Partition 2 Prim„r 100 MB 12 GB
Partition 3 Prim„r 452 GB 12 GB
======================================================================================================
Disk: 0
Partition 1
Typ : 27
Versteckt: Ja
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 3 E PQSERVICE NTFS Partition 12 GB Fehlerfre Versteck
======================================================================================================
Disk: 0
Partition 2
Typ : 07
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 1 C SYSTEM RESE NTFS Partition 100 MB Fehlerfre
======================================================================================================
Disk: 0
Partition 3
Typ : 07
Versteckt: Nein
Aktiv : Nein
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 2 D ACER NTFS Partition 452 GB Fehlerfre
======================================================================================================
Partitions of Disk 1:
===============
Datentr„ger-ID: 00000000
Partition ### Typ GrӇe Offset
------------- ---------------- ------- -------
Partition 1 Prim„r 7440 MB 1024 KB
======================================================================================================
Disk: 1
Partition 1
Typ : 0B
Versteckt: Nein
Aktiv : Ja
Volume ### Bst Bezeichnung DS Typ GrӇe Status Info
---------- --- ----------- ----- ---------- ------- --------- --------
* Volume 4 G UNTITLED FAT32 Wechselmed 7440 MB Fehlerfre
======================================================================================================
============================== MBR Partition Table ==================
==============================
Partitions of Disk 0:
===============
Disk ID: 201A2019
Partition 1: (Not Active) - (Size=13 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=453 GB) - (Type=07 NTFS)
==============================
Partitions of Disk 1:
===============
Disk ID: 00000000
Partition: GPT Partition Type.
Windows-Start-Manager
---------------------
Bezeichner {bootmgr}
device partition=C:
description Windows Boot Manager
locale de-DE
inherit {globalsettings}
default {default}
resumeobject {4a676813-0588-11df-8a35-b7deeba49520}
displayorder {default}
toolsdisplayorder {memdiag}
timeout 30
Windows-Startladeprogramm
-------------------------
Bezeichner {default}
device partition=D:
path \Windows\system32\winload.exe
description Windows 7
locale de-DE
inherit {bootloadersettings}
recoverysequence {current}
recoveryenabled Yes
osdevice partition=D:
systemroot \Windows
resumeobject {4a676813-0588-11df-8a35-b7deeba49520}
nx OptIn
Windows-Startladeprogramm
-------------------------
Bezeichner {current}
device ramdisk=[D:]\Recovery\4a676815-0588-11df-8a35-b7deeba49520\Winre.wim,{4a676816-0588-11df-8a35-b7deeba49520}
path \windows\system32\winload.exe
description Windows Recovery Environment
inherit {bootloadersettings}
osdevice ramdisk=[D:]\Recovery\4a676815-0588-11df-8a35-b7deeba49520\Winre.wim,{4a676816-0588-11df-8a35-b7deeba49520}
systemroot \windows
nx OptIn
winpe Yes
Wiederaufnahme aus dem Ruhezustand
----------------------------------
Bezeichner {4a676813-0588-11df-8a35-b7deeba49520}
device partition=D:
path \Windows\system32\winresume.exe
description Windows Resume Application
locale de-DE
inherit {resumeloadersettings}
filedevice partition=D:
filepath \hiberfil.sys
debugoptionenabled No
Windows-Speichertestprogramm
----------------------------
Bezeichner {memdiag}
device partition=C:
path \boot\memtest.exe
description Windows Memory Diagnostic
locale de-DE
inherit {globalsettings}
badmemoryaccess Yes
EMS-Einstellungen
-----------------
Bezeichner {emssettings}
bootems Yes
Debuggereinstellungen
---------------------
Bezeichner {dbgsettings}
debugtype Serial
debugport 1
baudrate 115200
RAM-Defekte
-----------
Bezeichner {badmemory}
Globale Einstellungen
---------------------
Bezeichner {globalsettings}
inherit {dbgsettings}
{emssettings}
{badmemory}
Startladeprogramm-Einstellungen
-------------------------------
Bezeichner {bootloadersettings}
inherit {globalsettings}
{hypervisorsettings}
Hypervisoreinstellungen
-------------------
Bezeichner {hypervisorsettings}
hypervisordebugtype Serial
hypervisordebugport 1
hypervisorbaudrate 115200
Einstellungen zur Ladeprogrammfortsetzung
-----------------------------------------
Bezeichner {resumeloadersettings}
inherit {globalsettings}
Ger„teoptionen
--------------
Bezeichner {4a676816-0588-11df-8a35-b7deeba49520}
description Ramdisk Options
ramdisksdidevice partition=D:
ramdisksdipath \Recovery\4a676815-0588-11df-8a35-b7deeba49520\boot.sdi
****** End Of Log ******
|
|
04.09.2014, 13:44
| #15 |
| /// TB-Ausbilder | Virus 'BOO/TDss.O' im Masterbootsektor Servus, ok, dann können wir uns jetzt um die restliche Malware kümmern... Vom Desktop ausführen:
|
|
Linear-Darstellung
