| |
| |||||||
Log-Analyse und Auswertung: Sämtliche Browser laden Websites sehr Langsam bzw GarnichtWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
04.11.2014, 19:59
| #1 |
| |  Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Moin, ich weiß nicht weiter. Ich hab mir den Rechner gebraucht gekauft, da mein Alter den geist Aufgegeben hat. Zu meinem Problem, alle Browser laden Websites Langsam bzw Garnicht. Downloads laufen aber trzd Gewohnt schnell. OT Installiert war Win Vista, (wurde vom Verkäufer auch neu Aufgesetzt) dann wollte ich Win 7 Draufballern, also Win 7 von der CD booten und gut. Denkste, ging nicht. Wollte einfach nich Booten. Mit nem USB Stick probiert, brachte auch nix. Schlussendlich, habe ich im Laufendem Betrieb win 7 Installiert und Windows.old gelöscht. Das Problem, bestand aber auch schon, als win Vista noch installiert war. Was evt noch wichtig ist: Ich habe meine alte festplatte zusätzlich angeschlossen. Habe von der alten aber nur den Programme (x86) ordner Gesaved und dann die Platte formatiert. Aber daran wird es kaum liegen, da bevor ich die Platte rangehauen habe, die Browser sowieso schon elendig langsam waren  Im Hilfe thread stand ich solle die Log's auslesen. So is es auch geschehen. defogger_disable Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1)
Log created at 19:19 on 04/11/2014 (Luca)
Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.
Checking for services/drivers...
-=E.O.F=-
Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014
Ran by Luca (administrator) on CeroX on 04-11-2014 19:21:54
Running from C:\Users\Luca\Downloads
Loaded Profile: Luca (Available profiles: Luca)
Platform: Microsoft Windows 7 Professional (X86) OS Language: Deutsch (Deutschland)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B9E38A949F8CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF ProfilePath: C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\gh1f46xm.default
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml
Chrome:
=======
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 19:21 - 2014-11-04 19:22 - 00002602 _____ () C:\Users\Luca\Downloads\FRST.txt
2014-11-04 19:21 - 2014-11-04 19:21 - 00000000 ____D () C:\FRST
2014-11-04 19:20 - 2014-11-04 19:20 - 01106432 _____ (Farbar) C:\Users\Luca\Downloads\FRST.exe
2014-11-04 19:19 - 2014-11-04 19:19 - 00000470 _____ () C:\Users\Luca\Desktop\defogger_disable.log
2014-11-04 19:19 - 2014-11-04 19:19 - 00000000 _____ () C:\Users\Luca\defogger_reenable
2014-11-04 19:16 - 2014-11-04 19:16 - 00050477 _____ () C:\Users\Luca\Desktop\Defogger.exe
2014-11-04 17:13 - 2014-11-04 17:13 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-04 17:12 - 2014-11-04 17:12 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-04 17:12 - 2014-11-04 17:12 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Roaming\Mozilla
2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Local\Mozilla
2014-11-04 17:11 - 2014-11-04 17:12 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-04 17:11 - 2014-11-04 17:12 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-04 17:11 - 2014-11-04 17:11 - 00000000 ____D () C:\ProgramData\Mozilla
2014-11-04 17:08 - 2014-11-04 17:08 - 00001419 _____ () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-11-04 17:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-11-04 17:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-11-04 17:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-11-04 17:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-11-04 17:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-11-04 17:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-11-04 17:07 - 2014-11-04 19:19 - 00000000 ____D () C:\Users\Luca
2014-11-04 17:07 - 2014-11-04 17:07 - 00000020 ___SH () C:\Users\Luca\ntuser.ini
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Netzwerkumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Druckumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Druckumgebung
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Startmenü
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Dokumente
2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 ____D () C:\Users\Luca\AppData\Local\VirtualStore
2014-11-04 17:07 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 17:07 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-11-04 16:33 - 2014-11-04 16:33 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2014-11-04 16:33 - 2014-11-04 16:33 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-11-04 16:32 - 2014-11-04 17:25 - 00037191 _____ () C:\Windows\WindowsUpdate.log
2014-11-04 16:32 - 2014-11-04 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2014-11-04 16:29 - 2014-11-04 16:33 - 00001313 _____ () C:\Windows\TSSysprep.log
2014-11-04 16:27 - 2014-11-04 17:07 - 00000000 ____D () C:\Windows\Panther
2014-11-03 10:00 - 2014-11-04 17:07 - 00000000 __SHD () C:\Recovery
2014-11-03 02:23 - 2014-11-03 03:09 - 00000000 ___HD () C:\$WINDOWS.~Q
2014-11-03 02:15 - 2014-11-03 02:18 - 00000000 ___HD () C:\$INPLACE.~TR
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-11-04 18:42 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-04 18:42 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-04 17:43 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache
2014-11-04 17:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET
2014-11-04 17:09 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE
2014-11-04 17:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery
2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT
2014-11-04 17:06 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-04 16:42 - 2009-07-14 05:39 - 00020766 _____ () C:\Windows\setupact.log
2014-11-04 16:41 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-04 16:40 - 2009-07-14 05:39 - 00000269 _____ () C:\Windows\setuperr.log
2014-11-04 16:33 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-11-04 16:29 - 2009-07-14 09:57 - 00000000 ____D () C:\Windows\CSC
2014-11-04 16:29 - 2009-07-14 05:34 - 00001774 _____ () C:\Windows\DtcInstall.log
2014-11-04 16:27 - 2014-07-30 13:27 - 00008192 __RSH () C:\BOOTSECT.BAK
2014-11-04 16:27 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG
2014-11-04 16:27 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-04 17:34
==================== End Of Log ============================
Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 04-11-2014
Ran by Luca at 2014-11-04 19:22:09
Running from C:\Users\Luca\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Mozilla Firefox 33.0.2 (x86 de) (HKLM\...\Mozilla Firefox 33.0.2 (x86 de)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
==================== Restore Points =========================
04-11-2014 16:07:48 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Loaded Modules (whitelisted) =============
2014-11-04 17:11 - 2014-10-28 03:01 - 03649648 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
========================= Accounts: ==========================
Administrator (S-1-5-21-4223536495-2468334825-2304086249-500 - Administrator - Disabled)
Gast (S-1-5-21-4223536495-2468334825-2304086249-501 - Limited - Disabled)
Luca (S-1-5-21-4223536495-2468334825-2304086249-1000 - Administrator - Enabled) => C:\Users\Luca
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
System errors:
=============
Error: (11/04/2014 04:39:03 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Windows-Zeitgeber" wurde mit folgendem Fehler beendet:
%%2
Microsoft Office Sessions:
=========================
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Percentage of memory in use: 34%
Total physical RAM: 3070.18 MB
Available physical RAM: 2000.78 MB
Total Pagefile: 6138.63 MB
Available Pagefile: 4943.21 MB
Total Virtual: 2047.88 MB
Available Virtual: 1897.83 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:445.75 GB) (Free:381.64 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:11.63 GB) FAT32
Drive f: () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (Luca) (Fixed) (Total:454.84 GB) (Free:298.02 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 84A1B47F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.8 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 8A93EB8C)
Partition 1: (Active) - (Size=445.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=20 GB) - (Type=OF Extended)
==================== End Of Log ============================
Bei GMER ziemlich komische geschichte, alle schritte befolgt, bekam aber trzd ne Fehlermeldung... Fehlermeldung: \Device\Harddisk2\DR2 (Was davor stand hab ich nicht mehr im kopf )Mit Freundlichem Gruß Luca |
|
04.11.2014, 20:04
| #2 |
| /// the machine /// TB-Ausbilder    | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht hi,
__________________Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
04.11.2014, 20:45
| #3 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht 1 threat wurde gefunden
__________________Code:
ATTFilter 20:15:15.0396 0x0850 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
20:15:23.0091 0x0850 ============================================================
20:15:23.0091 0x0850 Current date / time: 2014/11/04 20:15:23.0091
20:15:23.0091 0x0850 SystemInfo:
20:15:23.0091 0x0850
20:15:23.0091 0x0850 OS Version: 6.1.7600 ServicePack: 0.0
20:15:23.0091 0x0850 Product type: Workstation
20:15:23.0091 0x0850 ComputerName: CeroX
20:15:23.0091 0x0850 UserName: Luca
20:15:23.0091 0x0850 Windows directory: C:\Windows
20:15:23.0091 0x0850 System windows directory: C:\Windows
20:15:23.0091 0x0850 Processor architecture: Intel x86
20:15:23.0091 0x0850 Number of processors: 4
20:15:23.0091 0x0850 Page size: 0x1000
20:15:23.0091 0x0850 Boot type: Normal boot
20:15:23.0091 0x0850 ============================================================
20:15:24.0589 0x0850 KLMD registered as C:\Windows\system32\drivers\25500622.sys
20:15:24.0687 0x0850 System UUID: {0C7871EE-B96F-5D86-99CB-3D0BA5241722}
20:15:25.0085 0x0850 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:15:25.0105 0x0850 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
20:15:25.0133 0x0850 ============================================================
20:15:25.0133 0x0850 \Device\Harddisk1\DR1:
20:15:25.0133 0x0850 MBR partitions:
20:15:25.0133 0x0850 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B802CE
20:15:25.0152 0x0850 \Device\Harddisk1\DR1\Partition2: MBR, Type 0xB, StartLBA 0x37B8034C, BlocksNum 0x28048F5
20:15:25.0152 0x0850 \Device\Harddisk0\DR0:
20:15:25.0152 0x0850 MBR partitions:
20:15:25.0152 0x0850 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
20:15:25.0153 0x0850 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38DB0000
20:15:25.0153 0x0850 ============================================================
20:15:25.0178 0x0850 C: <-> \Device\Harddisk1\DR1\Partition1
20:15:25.0178 0x0850 D: <-> \Device\Harddisk1\DR1\Partition2
20:15:25.0198 0x0850 F: <-> \Device\Harddisk0\DR0\Partition1
20:15:25.0214 0x0850 G: <-> \Device\Harddisk0\DR0\Partition2
20:15:25.0214 0x0850 ============================================================
20:15:25.0214 0x0850 Initialize success
20:15:25.0214 0x0850 ============================================================
20:16:14.0704 0x0c1c ============================================================
20:16:14.0704 0x0c1c Scan started
20:16:14.0704 0x0c1c Mode: Manual; SigCheck; TDLFS;
20:16:14.0704 0x0c1c ============================================================
20:16:14.0704 0x0c1c KSN ping started
20:16:32.0004 0x0c1c KSN ping finished: true
20:16:32.0909 0x0c1c ================ Scan system memory ========================
20:16:32.0909 0x0c1c System memory - ok
20:16:32.0909 0x0c1c ================ Scan services =============================
20:16:33.0034 0x0c1c [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
20:16:33.0065 0x0c1c 1394ohci - ok
20:16:33.0096 0x0c1c [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
20:16:33.0096 0x0c1c ACPI - ok
20:16:33.0127 0x0c1c [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
20:16:33.0127 0x0c1c AcpiPmi - ok
20:16:33.0158 0x0c1c [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
20:16:33.0174 0x0c1c adp94xx - ok
20:16:33.0190 0x0c1c [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
20:16:33.0205 0x0c1c adpahci - ok
20:16:33.0221 0x0c1c [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
20:16:33.0236 0x0c1c adpu320 - ok
20:16:33.0252 0x0c1c [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:16:33.0283 0x0c1c AeLookupSvc - ok
20:16:33.0314 0x0c1c [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
20:16:33.0346 0x0c1c AFD - ok
20:16:33.0361 0x0c1c [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
20:16:33.0377 0x0c1c agp440 - ok
20:16:33.0392 0x0c1c [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
20:16:33.0408 0x0c1c aic78xx - ok
20:16:33.0439 0x0c1c [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
20:16:33.0455 0x0c1c ALG - ok
20:16:33.0455 0x0c1c [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
20:16:33.0470 0x0c1c aliide - ok
20:16:33.0470 0x0c1c [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
20:16:33.0486 0x0c1c amdagp - ok
20:16:33.0502 0x0c1c [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
20:16:33.0502 0x0c1c amdide - ok
20:16:33.0517 0x0c1c [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
20:16:33.0533 0x0c1c AmdK8 - ok
20:16:33.0548 0x0c1c [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
20:16:33.0548 0x0c1c AmdPPM - ok
20:16:33.0564 0x0c1c [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
20:16:33.0564 0x0c1c amdsata - ok
20:16:33.0580 0x0c1c [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
20:16:33.0595 0x0c1c amdsbs - ok
20:16:33.0611 0x0c1c [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
20:16:33.0611 0x0c1c amdxata - ok
20:16:33.0673 0x0c1c [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
20:16:33.0673 0x0c1c AppID - ok
20:16:33.0689 0x0c1c [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:16:33.0720 0x0c1c AppIDSvc - ok
20:16:33.0720 0x0c1c [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
20:16:33.0751 0x0c1c Appinfo - ok
20:16:33.0782 0x0c1c [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
20:16:33.0782 0x0c1c AppMgmt - ok
20:16:33.0798 0x0c1c [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
20:16:33.0814 0x0c1c arc - ok
20:16:33.0829 0x0c1c [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
20:16:33.0829 0x0c1c arcsas - ok
20:16:33.0845 0x0c1c [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:16:33.0860 0x0c1c AsyncMac - ok
20:16:33.0876 0x0c1c [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
20:16:33.0892 0x0c1c atapi - ok
20:16:33.0907 0x0c1c [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:16:33.0938 0x0c1c AudioEndpointBuilder - ok
20:16:33.0970 0x0c1c [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
20:16:34.0001 0x0c1c Audiosrv - ok
20:16:34.0032 0x0c1c [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:16:34.0048 0x0c1c AxInstSV - ok
20:16:34.0079 0x0c1c [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
20:16:34.0094 0x0c1c b06bdrv - ok
20:16:34.0110 0x0c1c [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
20:16:34.0126 0x0c1c b57nd60x - ok
20:16:34.0157 0x0c1c [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
20:16:34.0172 0x0c1c BDESVC - ok
20:16:34.0188 0x0c1c [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
20:16:34.0204 0x0c1c Beep - ok
20:16:34.0266 0x0c1c [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
20:16:34.0313 0x0c1c BFE - ok
20:16:34.0344 0x0c1c [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\System32\qmgr.dll
20:16:34.0391 0x0c1c BITS - ok
20:16:34.0406 0x0c1c [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
20:16:34.0422 0x0c1c blbdrive - ok
20:16:34.0422 0x0c1c [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:16:34.0438 0x0c1c bowser - ok
20:16:34.0453 0x0c1c [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
20:16:34.0469 0x0c1c BrFiltLo - ok
20:16:34.0469 0x0c1c [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
20:16:34.0484 0x0c1c BrFiltUp - ok
20:16:34.0500 0x0c1c [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
20:16:34.0531 0x0c1c Browser - ok
20:16:34.0531 0x0c1c [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:16:34.0547 0x0c1c Brserid - ok
20:16:34.0562 0x0c1c [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:16:34.0578 0x0c1c BrSerWdm - ok
20:16:34.0578 0x0c1c [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:16:34.0594 0x0c1c BrUsbMdm - ok
20:16:34.0609 0x0c1c [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:16:34.0609 0x0c1c BrUsbSer - ok
20:16:34.0625 0x0c1c [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:16:34.0640 0x0c1c BTHMODEM - ok
20:16:34.0672 0x0c1c [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
20:16:34.0687 0x0c1c bthserv - ok
20:16:34.0703 0x0c1c [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:16:34.0734 0x0c1c cdfs - ok
20:16:34.0734 0x0c1c [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:16:34.0750 0x0c1c cdrom - ok
20:16:34.0781 0x0c1c [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
20:16:34.0812 0x0c1c CertPropSvc - ok
20:16:34.0828 0x0c1c [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
20:16:34.0828 0x0c1c circlass - ok
20:16:34.0859 0x0c1c [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
20:16:34.0874 0x0c1c CLFS - ok
20:16:34.0952 0x0c1c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:16:34.0968 0x0c1c clr_optimization_v2.0.50727_32 - ok
20:16:34.0984 0x0c1c [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
20:16:34.0984 0x0c1c CmBatt - ok
20:16:34.0999 0x0c1c [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
20:16:35.0015 0x0c1c cmdide - ok
20:16:35.0030 0x0c1c [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
20:16:35.0046 0x0c1c CNG - ok
20:16:35.0062 0x0c1c [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
20:16:35.0062 0x0c1c Compbatt - ok
20:16:35.0077 0x0c1c [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
20:16:35.0093 0x0c1c CompositeBus - ok
20:16:35.0093 0x0c1c COMSysApp - ok
20:16:35.0108 0x0c1c [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
20:16:35.0108 0x0c1c crcdisk - ok
20:16:35.0124 0x0c1c [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:16:35.0155 0x0c1c CryptSvc - ok
20:16:35.0186 0x0c1c [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
20:16:35.0202 0x0c1c CSC - ok
20:16:35.0218 0x0c1c [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
20:16:35.0249 0x0c1c CscService - ok
20:16:35.0280 0x0c1c [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
20:16:35.0311 0x0c1c DcomLaunch - ok
20:16:35.0327 0x0c1c [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
20:16:35.0358 0x0c1c defragsvc - ok
20:16:35.0358 0x0c1c [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:16:35.0389 0x0c1c DfsC - ok
20:16:35.0405 0x0c1c [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:16:35.0420 0x0c1c Dhcp - ok
20:16:35.0436 0x0c1c [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
20:16:35.0452 0x0c1c discache - ok
20:16:35.0483 0x0c1c [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
20:16:35.0498 0x0c1c Disk - ok
20:16:35.0514 0x0c1c [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:16:35.0530 0x0c1c Dnscache - ok
20:16:35.0545 0x0c1c [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
20:16:35.0576 0x0c1c dot3svc - ok
20:16:35.0608 0x0c1c [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
20:16:35.0639 0x0c1c DPS - ok
20:16:35.0670 0x0c1c [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:16:35.0670 0x0c1c drmkaud - ok
20:16:35.0701 0x0c1c [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:16:35.0748 0x0c1c DXGKrnl - ok
20:16:35.0779 0x0c1c [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
20:16:35.0795 0x0c1c e1express - ok
20:16:35.0810 0x0c1c [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
20:16:35.0842 0x0c1c EapHost - ok
20:16:35.0935 0x0c1c [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
20:16:36.0029 0x0c1c ebdrv - ok
20:16:36.0060 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
20:16:36.0076 0x0c1c EFS - ok
20:16:36.0122 0x0c1c [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:16:36.0154 0x0c1c ehRecvr - ok
20:16:36.0169 0x0c1c [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
20:16:36.0185 0x0c1c ehSched - ok
20:16:36.0200 0x0c1c [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
20:16:36.0216 0x0c1c elxstor - ok
20:16:36.0232 0x0c1c [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
20:16:36.0232 0x0c1c ErrDev - ok
20:16:36.0263 0x0c1c [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
20:16:36.0294 0x0c1c EventSystem - ok
20:16:36.0310 0x0c1c [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
20:16:36.0341 0x0c1c exfat - ok
20:16:36.0356 0x0c1c [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:16:36.0372 0x0c1c fastfat - ok
20:16:36.0419 0x0c1c [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
20:16:36.0434 0x0c1c Fax - ok
20:16:36.0450 0x0c1c [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
20:16:36.0466 0x0c1c fdc - ok
20:16:36.0481 0x0c1c [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
20:16:36.0497 0x0c1c fdPHost - ok
20:16:36.0512 0x0c1c [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
20:16:36.0528 0x0c1c FDResPub - ok
20:16:36.0544 0x0c1c [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:16:36.0559 0x0c1c FileInfo - ok
20:16:36.0559 0x0c1c [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:16:36.0590 0x0c1c Filetrace - ok
20:16:36.0590 0x0c1c [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
20:16:36.0606 0x0c1c flpydisk - ok
20:16:36.0622 0x0c1c [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:16:36.0637 0x0c1c FltMgr - ok
20:16:36.0668 0x0c1c [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
20:16:36.0715 0x0c1c FontCache - ok
20:16:36.0746 0x0c1c [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
20:16:36.0746 0x0c1c FontCache3.0.0.0 - ok
20:16:36.0762 0x0c1c [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:16:36.0762 0x0c1c FsDepends - ok
20:16:36.0778 0x0c1c [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:16:36.0793 0x0c1c Fs_Rec - ok
20:16:36.0809 0x0c1c [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:16:36.0824 0x0c1c fvevol - ok
20:16:36.0840 0x0c1c [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
20:16:36.0856 0x0c1c gagp30kx - ok
20:16:36.0887 0x0c1c [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
20:16:36.0918 0x0c1c gpsvc - ok
20:16:36.0934 0x0c1c [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:16:36.0949 0x0c1c hcw85cir - ok
20:16:36.0980 0x0c1c [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:16:37.0012 0x0c1c HdAudAddService - ok
20:16:37.0027 0x0c1c [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
20:16:37.0043 0x0c1c HDAudBus - ok
20:16:37.0058 0x0c1c [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
20:16:37.0074 0x0c1c HidBatt - ok
20:16:37.0090 0x0c1c [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
20:16:37.0105 0x0c1c HidBth - ok
20:16:37.0121 0x0c1c [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
20:16:37.0136 0x0c1c HidIr - ok
20:16:37.0152 0x0c1c [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
20:16:37.0183 0x0c1c hidserv - ok
20:16:37.0199 0x0c1c [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:16:37.0214 0x0c1c HidUsb - ok
20:16:37.0230 0x0c1c [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:16:37.0246 0x0c1c hkmsvc - ok
20:16:37.0261 0x0c1c [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:16:37.0277 0x0c1c HomeGroupListener - ok
20:16:37.0308 0x0c1c [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:16:37.0324 0x0c1c HomeGroupProvider - ok
20:16:37.0339 0x0c1c [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
20:16:37.0355 0x0c1c HpSAMD - ok
20:16:37.0386 0x0c1c [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:16:37.0417 0x0c1c HTTP - ok
20:16:37.0433 0x0c1c [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:16:37.0433 0x0c1c hwpolicy - ok
20:16:37.0464 0x0c1c [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:16:37.0480 0x0c1c i8042prt - ok
20:16:37.0495 0x0c1c [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
20:16:37.0511 0x0c1c iaStorV - ok
20:16:37.0573 0x0c1c [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
20:16:37.0604 0x0c1c idsvc - ok
20:16:37.0636 0x0c1c [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
20:16:37.0651 0x0c1c iirsp - ok
20:16:37.0682 0x0c1c [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
20:16:37.0729 0x0c1c IKEEXT - ok
20:16:37.0760 0x0c1c [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
20:16:37.0776 0x0c1c intelide - ok
20:16:37.0792 0x0c1c [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
20:16:37.0807 0x0c1c intelppm - ok
20:16:37.0823 0x0c1c [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:16:37.0838 0x0c1c IPBusEnum - ok
20:16:37.0854 0x0c1c [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:16:37.0870 0x0c1c IpFilterDriver - ok
20:16:37.0901 0x0c1c [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:16:37.0932 0x0c1c iphlpsvc - ok
20:16:37.0948 0x0c1c [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
20:16:37.0963 0x0c1c IPMIDRV - ok
20:16:37.0979 0x0c1c [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:16:37.0994 0x0c1c IPNAT - ok
20:16:38.0010 0x0c1c [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:16:38.0026 0x0c1c IRENUM - ok
20:16:38.0041 0x0c1c [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
20:16:38.0041 0x0c1c isapnp - ok
20:16:38.0057 0x0c1c [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
20:16:38.0072 0x0c1c iScsiPrt - ok
20:16:38.0088 0x0c1c [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:16:38.0104 0x0c1c kbdclass - ok
20:16:38.0104 0x0c1c [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:16:38.0119 0x0c1c kbdhid - ok
20:16:38.0135 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
20:16:38.0135 0x0c1c KeyIso - ok
20:16:38.0150 0x0c1c [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:16:38.0166 0x0c1c KSecDD - ok
20:16:38.0182 0x0c1c [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:16:38.0197 0x0c1c KSecPkg - ok
20:16:38.0213 0x0c1c [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
20:16:38.0244 0x0c1c KtmRm - ok
20:16:38.0275 0x0c1c [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:16:38.0291 0x0c1c LanmanServer - ok
20:16:38.0322 0x0c1c [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:16:38.0353 0x0c1c LanmanWorkstation - ok
20:16:38.0384 0x0c1c [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:16:38.0416 0x0c1c lltdio - ok
20:16:38.0416 0x0c1c [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:16:38.0447 0x0c1c lltdsvc - ok
20:16:38.0462 0x0c1c [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:16:38.0478 0x0c1c lmhosts - ok
20:16:38.0494 0x0c1c [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
20:16:38.0494 0x0c1c LSI_FC - ok
20:16:38.0509 0x0c1c [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
20:16:38.0525 0x0c1c LSI_SAS - ok
20:16:38.0540 0x0c1c [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
20:16:38.0540 0x0c1c LSI_SAS2 - ok
20:16:38.0556 0x0c1c [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
20:16:38.0572 0x0c1c LSI_SCSI - ok
20:16:38.0587 0x0c1c [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
20:16:38.0603 0x0c1c luafv - ok
20:16:38.0618 0x0c1c [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:16:38.0634 0x0c1c Mcx2Svc - ok
20:16:38.0650 0x0c1c [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
20:16:38.0650 0x0c1c megasas - ok
20:16:38.0665 0x0c1c [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
20:16:38.0665 0x0c1c MegaSR - ok
20:16:38.0681 0x0c1c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
20:16:38.0712 0x0c1c MMCSS - ok
20:16:38.0728 0x0c1c [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
20:16:38.0743 0x0c1c Modem - ok
20:16:38.0759 0x0c1c [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:16:38.0774 0x0c1c monitor - ok
20:16:38.0790 0x0c1c [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:16:38.0806 0x0c1c mouclass - ok
20:16:38.0821 0x0c1c [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:16:38.0821 0x0c1c mouhid - ok
20:16:38.0852 0x0c1c [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:16:38.0852 0x0c1c mountmgr - ok
20:16:38.0930 0x0c1c [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
20:16:38.0930 0x0c1c MozillaMaintenance - ok
20:16:38.0946 0x0c1c [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
20:16:38.0962 0x0c1c mpio - ok
20:16:38.0977 0x0c1c [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:16:39.0008 0x0c1c mpsdrv - ok
20:16:39.0040 0x0c1c [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:16:39.0086 0x0c1c MpsSvc - ok
20:16:39.0118 0x0c1c [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:16:39.0133 0x0c1c MRxDAV - ok
20:16:39.0149 0x0c1c [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:16:39.0164 0x0c1c mrxsmb - ok
20:16:39.0180 0x0c1c [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:16:39.0211 0x0c1c mrxsmb10 - ok
20:16:39.0211 0x0c1c [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:16:39.0242 0x0c1c mrxsmb20 - ok
20:16:39.0242 0x0c1c [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
20:16:39.0258 0x0c1c msahci - ok
20:16:39.0274 0x0c1c [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
20:16:39.0274 0x0c1c msdsm - ok
20:16:39.0289 0x0c1c [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
20:16:39.0305 0x0c1c MSDTC - ok
20:16:39.0320 0x0c1c [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:16:39.0352 0x0c1c Msfs - ok
20:16:39.0352 0x0c1c [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:16:39.0383 0x0c1c mshidkmdf - ok
20:16:39.0383 0x0c1c [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
20:16:39.0398 0x0c1c msisadrv - ok
20:16:39.0430 0x0c1c [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:16:39.0445 0x0c1c MSiSCSI - ok
20:16:39.0461 0x0c1c msiserver - ok
20:16:39.0476 0x0c1c [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:16:39.0492 0x0c1c MSKSSRV - ok
20:16:39.0508 0x0c1c [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:16:39.0523 0x0c1c MSPCLOCK - ok
20:16:39.0539 0x0c1c [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:16:39.0554 0x0c1c MSPQM - ok
20:16:39.0570 0x0c1c [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:16:39.0586 0x0c1c MsRPC - ok
20:16:39.0586 0x0c1c [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
20:16:39.0601 0x0c1c mssmbios - ok
20:16:39.0601 0x0c1c [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:16:39.0632 0x0c1c MSTEE - ok
20:16:39.0632 0x0c1c [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
20:16:39.0648 0x0c1c MTConfig - ok
20:16:39.0664 0x0c1c [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
20:16:39.0664 0x0c1c Mup - ok
20:16:39.0695 0x0c1c [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
20:16:39.0726 0x0c1c napagent - ok
20:16:39.0742 0x0c1c [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:16:39.0757 0x0c1c NativeWifiP - ok
20:16:39.0788 0x0c1c [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
20:16:39.0804 0x0c1c NDIS - ok
20:16:39.0820 0x0c1c [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:16:39.0835 0x0c1c NdisCap - ok
20:16:39.0866 0x0c1c [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:16:39.0898 0x0c1c NdisTapi - ok
20:16:39.0898 0x0c1c [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:16:39.0929 0x0c1c Ndisuio - ok
20:16:39.0929 0x0c1c [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:16:39.0960 0x0c1c NdisWan - ok
20:16:39.0976 0x0c1c [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:16:39.0991 0x0c1c NDProxy - ok
20:16:40.0007 0x0c1c [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:16:40.0022 0x0c1c NetBIOS - ok
20:16:40.0038 0x0c1c [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:16:40.0069 0x0c1c NetBT - ok
20:16:40.0085 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
20:16:40.0085 0x0c1c Netlogon - ok
20:16:40.0116 0x0c1c [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
20:16:40.0147 0x0c1c Netman - ok
20:16:40.0178 0x0c1c [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
20:16:40.0210 0x0c1c netprofm - ok
20:16:40.0225 0x0c1c [ FE2AA5A684B0DD9B1FAE57B7817C198B, 59137B15AD038C31BEB909EC11019E08C072DD7EE611B9618B7523880453BD4F ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
20:16:40.0241 0x0c1c NetTcpPortSharing - ok
20:16:40.0256 0x0c1c [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
20:16:40.0272 0x0c1c nfrd960 - ok
20:16:40.0288 0x0c1c [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
20:16:40.0319 0x0c1c NlaSvc - ok
20:16:40.0334 0x0c1c [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:16:40.0350 0x0c1c Npfs - ok
20:16:40.0366 0x0c1c [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
20:16:40.0397 0x0c1c nsi - ok
20:16:40.0412 0x0c1c [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:16:40.0428 0x0c1c nsiproxy - ok
20:16:40.0475 0x0c1c [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:16:40.0506 0x0c1c Ntfs - ok
20:16:40.0522 0x0c1c [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
20:16:40.0553 0x0c1c Null - ok
20:16:40.0849 0x0c1c [ B0881DDA5A8160422561FFAB7F0008B1, 0D89792394CF44119CCBE9B1E8C0F5563ED41141C17C6B2D32B1D1C458BAC359 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:16:41.0114 0x0c1c nvlddmkm - ok
20:16:41.0161 0x0c1c [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
20:16:41.0177 0x0c1c nvraid - ok
20:16:41.0192 0x0c1c [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
20:16:41.0208 0x0c1c nvstor - ok
20:16:41.0224 0x0c1c [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
20:16:41.0224 0x0c1c nv_agp - ok
20:16:41.0239 0x0c1c [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
20:16:41.0255 0x0c1c ohci1394 - ok
20:16:41.0286 0x0c1c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:16:41.0302 0x0c1c p2pimsvc - ok
20:16:41.0333 0x0c1c [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
20:16:41.0348 0x0c1c p2psvc - ok
20:16:41.0364 0x0c1c [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
20:16:41.0380 0x0c1c Parport - ok
20:16:41.0395 0x0c1c [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:16:41.0395 0x0c1c partmgr - ok
20:16:41.0411 0x0c1c [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
20:16:41.0411 0x0c1c Parvdm - ok
20:16:41.0442 0x0c1c [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:16:41.0458 0x0c1c PcaSvc - ok
20:16:41.0473 0x0c1c [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
20:16:41.0489 0x0c1c pci - ok
20:16:41.0489 0x0c1c [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
20:16:41.0504 0x0c1c pciide - ok
20:16:41.0520 0x0c1c [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
20:16:41.0536 0x0c1c pcmcia - ok
20:16:41.0551 0x0c1c [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
20:16:41.0551 0x0c1c pcw - ok
20:16:41.0598 0x0c1c [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:16:41.0629 0x0c1c PEAUTH - ok
20:16:41.0676 0x0c1c [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
20:16:41.0707 0x0c1c PeerDistSvc - ok
20:16:41.0770 0x0c1c [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
20:16:41.0832 0x0c1c pla - ok
20:16:41.0863 0x0c1c [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:16:41.0894 0x0c1c PlugPlay - ok
20:16:41.0894 0x0c1c [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:16:41.0910 0x0c1c PNRPAutoReg - ok
20:16:41.0926 0x0c1c [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:16:41.0957 0x0c1c PNRPsvc - ok
20:16:41.0988 0x0c1c [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:16:42.0019 0x0c1c PolicyAgent - ok
20:16:42.0035 0x0c1c [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
20:16:42.0066 0x0c1c Power - ok
20:16:42.0082 0x0c1c [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:16:42.0113 0x0c1c PptpMiniport - ok
20:16:42.0113 0x0c1c [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
20:16:42.0128 0x0c1c Processor - ok
20:16:42.0144 0x0c1c [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
20:16:42.0175 0x0c1c ProfSvc - ok
20:16:42.0175 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:16:42.0191 0x0c1c ProtectedStorage - ok
20:16:42.0206 0x0c1c [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:16:42.0238 0x0c1c Psched - ok
20:16:42.0284 0x0c1c [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
20:16:42.0316 0x0c1c ql2300 - ok
20:16:42.0331 0x0c1c [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
20:16:42.0331 0x0c1c ql40xx - ok
20:16:42.0347 0x0c1c [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
20:16:42.0362 0x0c1c QWAVE - ok
20:16:42.0394 0x0c1c [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:16:42.0394 0x0c1c QWAVEdrv - ok
20:16:42.0409 0x0c1c [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:16:42.0440 0x0c1c RasAcd - ok
20:16:42.0456 0x0c1c [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:16:42.0487 0x0c1c RasAgileVpn - ok
20:16:42.0503 0x0c1c [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
20:16:42.0518 0x0c1c RasAuto - ok
20:16:42.0534 0x0c1c [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:16:42.0550 0x0c1c Rasl2tp - ok
20:16:42.0565 0x0c1c [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
20:16:42.0596 0x0c1c RasMan - ok
20:16:42.0596 0x0c1c [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:16:42.0628 0x0c1c RasPppoe - ok
20:16:42.0643 0x0c1c [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:16:42.0674 0x0c1c RasSstp - ok
20:16:42.0690 0x0c1c [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:16:42.0706 0x0c1c rdbss - ok
20:16:42.0721 0x0c1c [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
20:16:42.0737 0x0c1c rdpbus - ok
20:16:42.0752 0x0c1c [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:16:42.0768 0x0c1c RDPCDD - ok
20:16:42.0799 0x0c1c [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
20:16:42.0799 0x0c1c RDPDR - ok
20:16:42.0815 0x0c1c [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:16:42.0830 0x0c1c RDPENCDD - ok
20:16:42.0862 0x0c1c [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:16:42.0877 0x0c1c RDPREFMP - ok
20:16:42.0893 0x0c1c [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:16:42.0924 0x0c1c RDPWD - ok
20:16:42.0940 0x0c1c [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:16:42.0940 0x0c1c rdyboost - ok
20:16:42.0971 0x0c1c [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:16:42.0986 0x0c1c RemoteAccess - ok
20:16:43.0002 0x0c1c [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:16:43.0033 0x0c1c RemoteRegistry - ok
20:16:43.0049 0x0c1c [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:16:43.0064 0x0c1c RpcEptMapper - ok
20:16:43.0096 0x0c1c [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
20:16:43.0111 0x0c1c RpcLocator - ok
20:16:43.0127 0x0c1c [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
20:16:43.0158 0x0c1c RpcSs - ok
20:16:43.0174 0x0c1c [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:16:43.0205 0x0c1c rspndr - ok
20:16:43.0220 0x0c1c [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
20:16:43.0236 0x0c1c s3cap - ok
20:16:43.0236 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
20:16:43.0252 0x0c1c SamSs - ok
20:16:43.0267 0x0c1c [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
20:16:43.0283 0x0c1c sbp2port - ok
20:16:43.0298 0x0c1c [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:16:43.0314 0x0c1c SCardSvr - ok
20:16:43.0330 0x0c1c [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:16:43.0361 0x0c1c scfilter - ok
20:16:43.0408 0x0c1c [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
20:16:43.0439 0x0c1c Schedule - ok
20:16:43.0454 0x0c1c [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:16:43.0486 0x0c1c SCPolicySvc - ok
20:16:43.0501 0x0c1c [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:16:43.0517 0x0c1c SDRSVC - ok
20:16:43.0532 0x0c1c [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:16:43.0548 0x0c1c secdrv - ok
20:16:43.0564 0x0c1c [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
20:16:43.0579 0x0c1c seclogon - ok
20:16:43.0595 0x0c1c [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
20:16:43.0626 0x0c1c SENS - ok
20:16:43.0626 0x0c1c [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:16:43.0642 0x0c1c SensrSvc - ok
20:16:43.0657 0x0c1c [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
20:16:43.0657 0x0c1c Serenum - ok
20:16:43.0673 0x0c1c [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
20:16:43.0688 0x0c1c Serial - ok
20:16:43.0704 0x0c1c [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
20:16:43.0704 0x0c1c sermouse - ok
20:16:43.0720 0x0c1c [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
20:16:43.0751 0x0c1c SessionEnv - ok
20:16:43.0766 0x0c1c [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
20:16:43.0766 0x0c1c sffdisk - ok
20:16:43.0782 0x0c1c [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
20:16:43.0798 0x0c1c sffp_mmc - ok
20:16:43.0813 0x0c1c [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
20:16:43.0813 0x0c1c sffp_sd - ok
20:16:43.0829 0x0c1c [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
20:16:43.0844 0x0c1c sfloppy - ok
20:16:43.0860 0x0c1c [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:16:43.0891 0x0c1c SharedAccess - ok
20:16:43.0922 0x0c1c [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:16:43.0938 0x0c1c ShellHWDetection - ok
20:16:43.0954 0x0c1c [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
20:16:43.0954 0x0c1c sisagp - ok
20:16:43.0985 0x0c1c [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
20:16:43.0985 0x0c1c SiSRaid2 - ok
20:16:44.0000 0x0c1c [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
20:16:44.0016 0x0c1c SiSRaid4 - ok
20:16:44.0032 0x0c1c [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:16:44.0063 0x0c1c Smb - ok
20:16:44.0078 0x0c1c [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:16:44.0094 0x0c1c SNMPTRAP - ok
20:16:44.0094 0x0c1c [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
20:16:44.0110 0x0c1c spldr - ok
20:16:44.0125 0x0c1c [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
20:16:44.0156 0x0c1c Spooler - ok
20:16:44.0250 0x0c1c [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
20:16:44.0344 0x0c1c sppsvc - ok
20:16:44.0375 0x0c1c [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:16:44.0390 0x0c1c sppuinotify - ok
20:16:44.0422 0x0c1c [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
20:16:44.0453 0x0c1c srv - ok
20:16:44.0468 0x0c1c [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:16:44.0500 0x0c1c srv2 - ok
20:16:44.0500 0x0c1c [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:16:44.0531 0x0c1c srvnet - ok
20:16:44.0546 0x0c1c [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:16:44.0562 0x0c1c SSDPSRV - ok
20:16:44.0578 0x0c1c [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:16:44.0609 0x0c1c SstpSvc - ok
20:16:44.0609 0x0c1c [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
20:16:44.0624 0x0c1c stexstor - ok
20:16:44.0640 0x0c1c [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
20:16:44.0671 0x0c1c StiSvc - ok
20:16:44.0687 0x0c1c [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
20:16:44.0687 0x0c1c storflt - ok
20:16:44.0702 0x0c1c [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
20:16:44.0718 0x0c1c StorSvc - ok
20:16:44.0749 0x0c1c [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
20:16:44.0749 0x0c1c storvsc - ok
20:16:44.0765 0x0c1c [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
20:16:44.0765 0x0c1c swenum - ok
20:16:44.0796 0x0c1c [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
20:16:44.0827 0x0c1c swprv - ok
20:16:44.0858 0x0c1c [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
20:16:44.0905 0x0c1c SysMain - ok
20:16:44.0921 0x0c1c [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:16:44.0936 0x0c1c TabletInputService - ok
20:16:44.0952 0x0c1c [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
20:16:44.0983 0x0c1c TapiSrv - ok
20:16:44.0999 0x0c1c [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
20:16:45.0014 0x0c1c TBS - ok
20:16:45.0061 0x0c1c [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:16:45.0092 0x0c1c Tcpip - ok
20:16:45.0139 0x0c1c [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:16:45.0186 0x0c1c TCPIP6 - ok
20:16:45.0202 0x0c1c [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:16:45.0217 0x0c1c tcpipreg - ok
20:16:45.0233 0x0c1c [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:16:45.0264 0x0c1c TDPIPE - ok
20:16:45.0295 0x0c1c [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:16:45.0326 0x0c1c TDTCP - ok
20:16:45.0358 0x0c1c [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:16:45.0389 0x0c1c tdx - ok
20:16:45.0404 0x0c1c [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
20:16:45.0404 0x0c1c TermDD - ok
20:16:45.0436 0x0c1c [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
20:16:45.0467 0x0c1c TermService - ok
20:16:45.0482 0x0c1c [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
20:16:45.0498 0x0c1c Themes - ok
20:16:45.0514 0x0c1c [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
20:16:45.0529 0x0c1c THREADORDER - ok
20:16:45.0545 0x0c1c [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
20:16:45.0576 0x0c1c TrkWks - ok
20:16:45.0685 0x0c1c [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:16:45.0701 0x0c1c TrustedInstaller - ok
20:16:45.0716 0x0c1c [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:16:45.0732 0x0c1c tssecsrv - ok
20:16:45.0763 0x0c1c [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:16:45.0779 0x0c1c tunnel - ok
20:16:45.0794 0x0c1c [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
20:16:45.0810 0x0c1c uagp35 - ok
20:16:45.0826 0x0c1c [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:16:45.0857 0x0c1c udfs - ok
20:16:45.0872 0x0c1c [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:16:45.0888 0x0c1c UI0Detect - ok
20:16:45.0904 0x0c1c [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
20:16:45.0904 0x0c1c uliagpkx - ok
20:16:45.0919 0x0c1c [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:16:45.0935 0x0c1c umbus - ok
20:16:45.0950 0x0c1c [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
20:16:45.0966 0x0c1c UmPass - ok
20:16:45.0982 0x0c1c [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
20:16:45.0997 0x0c1c UmRdpService - ok
20:16:46.0013 0x0c1c [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
20:16:46.0044 0x0c1c upnphost - ok
20:16:46.0060 0x0c1c [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:16:46.0075 0x0c1c usbccgp - ok
20:16:46.0075 0x0c1c [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
20:16:46.0091 0x0c1c usbcir - ok
20:16:46.0106 0x0c1c [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
20:16:46.0122 0x0c1c usbehci - ok
20:16:46.0138 0x0c1c [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:16:46.0153 0x0c1c usbhub - ok
20:16:46.0153 0x0c1c [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
20:16:46.0169 0x0c1c usbohci - ok
20:16:46.0184 0x0c1c [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
20:16:46.0200 0x0c1c usbprint - ok
20:16:46.0200 0x0c1c [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:16:46.0216 0x0c1c USBSTOR - ok
20:16:46.0231 0x0c1c [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
20:16:46.0231 0x0c1c usbuhci - ok
20:16:46.0262 0x0c1c [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
20:16:46.0278 0x0c1c usbvideo - ok
20:16:46.0294 0x0c1c [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
20:16:46.0325 0x0c1c UxSms - ok
20:16:46.0325 0x0c1c [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
20:16:46.0340 0x0c1c VaultSvc - ok
20:16:46.0356 0x0c1c [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
20:16:46.0356 0x0c1c vdrvroot - ok
20:16:46.0387 0x0c1c [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
20:16:46.0403 0x0c1c vds - ok
20:16:46.0418 0x0c1c [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:16:46.0434 0x0c1c vga - ok
20:16:46.0434 0x0c1c [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:16:46.0465 0x0c1c VgaSave - ok
20:16:46.0481 0x0c1c [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
20:16:46.0481 0x0c1c vhdmp - ok
20:16:46.0496 0x0c1c [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
20:16:46.0496 0x0c1c viaagp - ok
20:16:46.0512 0x0c1c [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
20:16:46.0528 0x0c1c ViaC7 - ok
20:16:46.0543 0x0c1c [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
20:16:46.0543 0x0c1c viaide - ok
20:16:46.0574 0x0c1c [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
20:16:46.0574 0x0c1c vmbus - ok
20:16:46.0606 0x0c1c [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
20:16:46.0606 0x0c1c VMBusHID - ok
20:16:46.0621 0x0c1c [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
20:16:46.0621 0x0c1c volmgr - ok
20:16:46.0652 0x0c1c [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:16:46.0652 0x0c1c volmgrx - ok
20:16:46.0684 0x0c1c [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
20:16:46.0699 0x0c1c volsnap - ok
20:16:46.0715 0x0c1c [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
20:16:46.0730 0x0c1c vsmraid - ok
20:16:46.0793 0x0c1c [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
20:16:46.0824 0x0c1c VSS - ok
20:16:46.0855 0x0c1c [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
20:16:46.0855 0x0c1c vwifibus - ok
20:16:46.0886 0x0c1c [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
20:16:46.0918 0x0c1c W32Time - ok
20:16:46.0918 0x0c1c [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
20:16:46.0933 0x0c1c WacomPen - ok
20:16:46.0949 0x0c1c [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:16:46.0964 0x0c1c WANARP - ok
20:16:46.0980 0x0c1c [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:16:46.0996 0x0c1c Wanarpv6 - ok
20:16:47.0042 0x0c1c [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
20:16:47.0089 0x0c1c wbengine - ok
20:16:47.0105 0x0c1c [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:16:47.0120 0x0c1c WbioSrvc - ok
20:16:47.0152 0x0c1c [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:16:47.0167 0x0c1c wcncsvc - ok
20:16:47.0183 0x0c1c [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:16:47.0183 0x0c1c WcsPlugInService - ok
20:16:47.0198 0x0c1c [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
20:16:47.0198 0x0c1c Wd - ok
20:16:47.0230 0x0c1c [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:16:47.0245 0x0c1c Wdf01000 - ok
20:16:47.0261 0x0c1c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:16:47.0276 0x0c1c WdiServiceHost - ok
20:16:47.0276 0x0c1c [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:16:47.0292 0x0c1c WdiSystemHost - ok
20:16:47.0308 0x0c1c [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
20:16:47.0323 0x0c1c WebClient - ok
20:16:47.0339 0x0c1c [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:16:47.0370 0x0c1c Wecsvc - ok
20:16:47.0386 0x0c1c [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:16:47.0417 0x0c1c wercplsupport - ok
20:16:47.0432 0x0c1c [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
20:16:47.0448 0x0c1c WerSvc - ok
20:16:47.0479 0x0c1c [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:16:47.0495 0x0c1c WfpLwf - ok
20:16:47.0510 0x0c1c [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:16:47.0510 0x0c1c WIMMount - ok
20:16:47.0573 0x0c1c [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
20:16:47.0604 0x0c1c WinDefend - ok
20:16:47.0604 0x0c1c WinHttpAutoProxySvc - ok
20:16:47.0651 0x0c1c [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:16:47.0682 0x0c1c Winmgmt - ok
20:16:47.0713 0x0c1c [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
20:16:47.0776 0x0c1c WinRM - ok
20:16:47.0822 0x0c1c [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:16:47.0854 0x0c1c Wlansvc - ok
20:16:47.0869 0x0c1c [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
20:16:47.0869 0x0c1c WmiAcpi - ok
20:16:47.0885 0x0c1c [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:16:47.0900 0x0c1c wmiApSrv - ok
20:16:47.0963 0x0c1c [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
20:16:47.0994 0x0c1c WMPNetworkSvc - ok
20:16:48.0010 0x0c1c [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:16:48.0025 0x0c1c WPCSvc - ok
20:16:48.0041 0x0c1c [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:16:48.0056 0x0c1c WPDBusEnum - ok
20:16:48.0056 0x0c1c [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:16:48.0088 0x0c1c ws2ifsl - ok
20:16:48.0103 0x0c1c [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
20:16:48.0119 0x0c1c wscsvc - ok
20:16:48.0119 0x0c1c WSearch - ok
20:16:48.0212 0x0c1c [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
20:16:48.0275 0x0c1c wuauserv - ok
20:16:48.0306 0x0c1c [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:16:48.0337 0x0c1c WudfPf - ok
20:16:48.0353 0x0c1c [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
20:16:48.0384 0x0c1c WUDFRd - ok
20:16:48.0400 0x0c1c [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:16:48.0431 0x0c1c wudfsvc - ok
20:16:48.0446 0x0c1c [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
20:16:48.0462 0x0c1c WwanSvc - ok
20:16:48.0478 0x0c1c ================ Scan global ===============================
20:16:48.0493 0x0c1c [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
20:16:48.0509 0x0c1c [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
20:16:48.0524 0x0c1c [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
20:16:48.0540 0x0c1c [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
20:16:48.0571 0x0c1c [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
20:16:48.0587 0x0c1c [ Global ] - ok
20:16:48.0587 0x0c1c ================ Scan MBR ==================================
20:16:48.0587 0x0c1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
20:16:48.0836 0x0c1c \Device\Harddisk1\DR1 - ok
20:16:48.0852 0x0c1c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:16:48.0992 0x0c1c \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
20:16:48.0992 0x0c1c \Device\Harddisk0\DR0 ( TDSS File System ) - warning
20:17:01.0878 0x0c1c ================ Scan VBR ==================================
20:17:01.0878 0x0c1c [ B484DD4AEDC500EFC2B63563447978CD ] \Device\Harddisk1\DR1\Partition1
20:17:01.0878 0x0c1c \Device\Harddisk1\DR1\Partition1 - ok
20:17:01.0878 0x0c1c [ E7209B150E6B7ED08C57E02057C869BF ] \Device\Harddisk1\DR1\Partition2
20:17:01.0878 0x0c1c \Device\Harddisk1\DR1\Partition2 - ok
20:17:01.0894 0x0c1c [ CBC436868EFF78E88EE7E6F9A6C721EC ] \Device\Harddisk0\DR0\Partition1
20:17:01.0894 0x0c1c \Device\Harddisk0\DR0\Partition1 - ok
20:17:01.0894 0x0c1c [ C64103FFB18E3D49843A98B0714F3236 ] \Device\Harddisk0\DR0\Partition2
20:17:01.0925 0x0c1c \Device\Harddisk0\DR0\Partition2 - ok
20:17:01.0925 0x0c1c ================ Scan generic autorun ======================
20:17:01.0987 0x0c1c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:17:02.0034 0x0c1c Sidebar - ok
20:17:02.0065 0x0c1c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:17:02.0081 0x0c1c mctadmin - ok
20:17:02.0128 0x0c1c [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
20:17:02.0174 0x0c1c Sidebar - ok
20:17:02.0174 0x0c1c [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
20:17:02.0190 0x0c1c mctadmin - ok
20:17:02.0190 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:03.0204 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:04.0218 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:05.0232 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:06.0246 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:07.0260 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:08.0274 0x0c1c Waiting for KSN requests completion. In queue: 295
20:17:09.0288 0x0c1c Waiting for KSN requests completion. In queue: 291
20:17:10.0302 0x0c1c Waiting for KSN requests completion. In queue: 291
20:17:11.0316 0x0c1c Waiting for KSN requests completion. In queue: 291
20:17:12.0330 0x0c1c Win FW state via NFP2: enabled
20:17:15.0044 0x0c1c ============================================================
20:17:15.0044 0x0c1c Scan finished
20:17:15.0044 0x0c1c ============================================================
20:17:15.0044 0x06d8 Detected object count: 1
20:17:15.0044 0x06d8 Actual detected object count: 1
20:17:47.0040 0x06d8 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
20:17:47.0040 0x06d8 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
20:32:15.0167 0x0764 Deinitialize success
|
|
05.11.2014, 14:51
| #4 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Starte TDSSkiller.exe mit Doppelklick. Vista und Win7 User mit Rechtsklick "als Administrator starten"
Als Beispiel: C:\TDSSKiller.<version_date_time>log.txt Poste den Inhalt bitte hier in deinen Thread.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
05.11.2014, 22:03
| #5 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht So. Hab jetzt noch einmal die anleitung zum TDSSkiller gelesen. Und naja, hier der log nach dem delete: Code:
ATTFilter ÿþ15:28:47.0399 0x02bc TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
15:28:53.0998 0x02bc ============================================================
15:28:53.0998 0x02bc Current date / time: 2014/11/05 15:28:53.0998
15:28:53.0998 0x02bc SystemInfo:
15:28:53.0998 0x02bc
15:28:53.0998 0x02bc OS Version: 6.1.7600 ServicePack: 0.0
15:28:53.0998 0x02bc Product type: Workstation
15:28:53.0998 0x02bc ComputerName: CEROX
15:28:53.0998 0x02bc UserName: Luca
15:28:53.0998 0x02bc Windows directory: C:\Windows
15:28:53.0998 0x02bc System windows directory: C:\Windows
15:28:53.0998 0x02bc Processor architecture: Intel x86
15:28:53.0998 0x02bc Number of processors: 4
15:28:53.0998 0x02bc Page size: 0x1000
15:28:53.0998 0x02bc Boot type: Normal boot
15:28:53.0998 0x02bc ============================================================
15:28:57.0711 0x02bc KLMD registered as C:\Windows\system32\drivers\33539887.sys
15:28:57.0914 0x02bc System UUID: {0C7871EE-B96F-5D86-99CB-3D0BA5241722}
15:28:58.0241 0x02bc Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:58.0241 0x02bc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
15:28:58.0272 0x02bc ============================================================
15:28:58.0272 0x02bc \Device\Harddisk1\DR1:
15:28:58.0272 0x02bc MBR partitions:
15:28:58.0272 0x02bc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B802CE
15:28:58.0288 0x02bc \Device\Harddisk1\DR1\Partition2: MBR, Type 0xB, StartLBA 0x37B8034C, BlocksNum 0x28048F5
15:28:58.0288 0x02bc \Device\Harddisk0\DR0:
15:28:58.0288 0x02bc MBR partitions:
15:28:58.0288 0x02bc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
15:28:58.0288 0x02bc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38DB0000
15:28:58.0288 0x02bc ============================================================
15:28:58.0335 0x02bc C: <-> \Device\Harddisk1\DR1\Partition1
15:28:58.0335 0x02bc D: <-> \Device\Harddisk1\DR1\Partition2
15:28:58.0350 0x02bc F: <-> \Device\Harddisk0\DR0\Partition1
15:28:58.0350 0x02bc G: <-> \Device\Harddisk0\DR0\Partition2
15:28:58.0350 0x02bc ============================================================
15:28:58.0350 0x02bc Initialize success
15:28:58.0350 0x02bc ============================================================
15:29:48.0739 0x03a0 ============================================================
15:29:48.0739 0x03a0 Scan started
15:29:48.0739 0x03a0 Mode: Manual; SigCheck; TDLFS;
15:29:48.0739 0x03a0 ============================================================
15:29:48.0739 0x03a0 KSN ping started
15:30:02.0482 0x03a0 KSN ping finished: true
15:30:03.0512 0x03a0 ================ Scan system memory ========================
15:30:03.0512 0x03a0 System memory - ok
15:30:03.0512 0x03a0 ================ Scan services =============================
15:30:03.0621 0x03a0 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
15:30:03.0683 0x03a0 1394ohci - ok
15:30:03.0715 0x03a0 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
15:30:03.0730 0x03a0 ACPI - ok
15:30:03.0746 0x03a0 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
15:30:03.0777 0x03a0 AcpiPmi - ok
15:30:03.0824 0x03a0 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
15:30:03.0839 0x03a0 adp94xx - ok
15:30:03.0855 0x03a0 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
15:30:03.0855 0x03a0 adpahci - ok
15:30:03.0871 0x03a0 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
15:30:03.0886 0x03a0 adpu320 - ok
15:30:03.0902 0x03a0 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
15:30:03.0949 0x03a0 AeLookupSvc - ok
15:30:03.0995 0x03a0 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
15:30:04.0058 0x03a0 AFD - ok
15:30:04.0089 0x03a0 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
15:30:04.0105 0x03a0 agp440 - ok
15:30:04.0105 0x03a0 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
15:30:04.0120 0x03a0 aic78xx - ok
15:30:04.0151 0x03a0 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
15:30:04.0183 0x03a0 ALG - ok
15:30:04.0214 0x03a0 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
15:30:04.0214 0x03a0 aliide - ok
15:30:04.0245 0x03a0 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
15:30:04.0245 0x03a0 amdagp - ok
15:30:04.0245 0x03a0 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
15:30:04.0261 0x03a0 amdide - ok
15:30:04.0276 0x03a0 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
15:30:04.0307 0x03a0 AmdK8 - ok
15:30:04.0323 0x03a0 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
15:30:04.0370 0x03a0 AmdPPM - ok
15:30:04.0401 0x03a0 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
15:30:04.0401 0x03a0 amdsata - ok
15:30:04.0417 0x03a0 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
15:30:04.0432 0x03a0 amdsbs - ok
15:30:04.0432 0x03a0 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
15:30:04.0432 0x03a0 amdxata - ok
15:30:04.0463 0x03a0 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
15:30:04.0495 0x03a0 AppID - ok
15:30:04.0526 0x03a0 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
15:30:04.0573 0x03a0 AppIDSvc - ok
15:30:04.0588 0x03a0 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
15:30:04.0604 0x03a0 Appinfo - ok
15:30:04.0651 0x03a0 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
15:30:04.0666 0x03a0 AppMgmt - ok
15:30:04.0697 0x03a0 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
15:30:04.0697 0x03a0 arc - ok
15:30:04.0697 0x03a0 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
15:30:04.0713 0x03a0 arcsas - ok
15:30:04.0729 0x03a0 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
15:30:04.0775 0x03a0 AsyncMac - ok
15:30:04.0853 0x03a0 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
15:30:04.0869 0x03a0 atapi - ok
15:30:05.0009 0x03a0 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
15:30:05.0212 0x03a0 AudioEndpointBuilder - ok
15:30:05.0259 0x03a0 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
15:30:05.0290 0x03a0 Audiosrv - ok
15:30:05.0306 0x03a0 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
15:30:05.0337 0x03a0 AxInstSV - ok
15:30:05.0399 0x03a0 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
15:30:05.0431 0x03a0 b06bdrv - ok
15:30:05.0477 0x03a0 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
15:30:05.0509 0x03a0 b57nd60x - ok
15:30:05.0555 0x03a0 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
15:30:05.0571 0x03a0 BDESVC - ok
15:30:05.0587 0x03a0 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
15:30:05.0618 0x03a0 Beep - ok
15:30:05.0665 0x03a0 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
15:30:05.0711 0x03a0 BFE - ok
15:30:05.0774 0x03a0 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\System32\qmgr.dll
15:30:05.0836 0x03a0 BITS - ok
15:30:05.0852 0x03a0 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
15:30:05.0867 0x03a0 blbdrive - ok
15:30:05.0883 0x03a0 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
15:30:05.0914 0x03a0 bowser - ok
15:30:05.0945 0x03a0 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
15:30:05.0961 0x03a0 BrFiltLo - ok
15:30:05.0992 0x03a0 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
15:30:06.0023 0x03a0 BrFiltUp - ok
15:30:06.0055 0x03a0 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
15:30:06.0086 0x03a0 Browser - ok
15:30:06.0101 0x03a0 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
15:30:06.0148 0x03a0 Brserid - ok
15:30:06.0164 0x03a0 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
15:30:06.0211 0x03a0 BrSerWdm - ok
15:30:06.0226 0x03a0 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
15:30:06.0257 0x03a0 BrUsbMdm - ok
15:30:06.0273 0x03a0 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
15:30:06.0304 0x03a0 BrUsbSer - ok
15:30:06.0335 0x03a0 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
15:30:06.0367 0x03a0 BTHMODEM - ok
15:30:06.0398 0x03a0 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
15:30:06.0429 0x03a0 bthserv - ok
15:30:06.0460 0x03a0 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
15:30:06.0507 0x03a0 cdfs - ok
15:30:06.0554 0x03a0 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
15:30:06.0585 0x03a0 cdrom - ok
15:30:06.0616 0x03a0 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
15:30:06.0647 0x03a0 CertPropSvc - ok
15:30:06.0679 0x03a0 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
15:30:06.0694 0x03a0 circlass - ok
15:30:06.0710 0x03a0 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
15:30:06.0725 0x03a0 CLFS - ok
15:30:06.0788 0x03a0 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
15:30:06.0788 0x03a0 clr_optimization_v2.0.50727_32 - ok
15:30:06.0819 0x03a0 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
15:30:06.0819 0x03a0 CmBatt - ok
15:30:06.0835 0x03a0 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
15:30:06.0850 0x03a0 cmdide - ok
15:30:06.0850 0x03a0 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
15:30:06.0881 0x03a0 CNG - ok
15:30:06.0881 0x03a0 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
15:30:06.0897 0x03a0 Compbatt - ok
15:30:06.0928 0x03a0 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
15:30:06.0944 0x03a0 CompositeBus - ok
15:30:06.0959 0x03a0 COMSysApp - ok
15:30:06.0975 0x03a0 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
15:30:06.0991 0x03a0 crcdisk - ok
15:30:07.0022 0x03a0 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
15:30:07.0069 0x03a0 CryptSvc - ok
15:30:07.0100 0x03a0 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
15:30:07.0131 0x03a0 CSC - ok
15:30:07.0178 0x03a0 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
15:30:07.0225 0x03a0 CscService - ok
15:30:07.0271 0x03a0 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
15:30:07.0334 0x03a0 DcomLaunch - ok
15:30:07.0365 0x03a0 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
15:30:07.0427 0x03a0 defragsvc - ok
15:30:07.0459 0x03a0 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
15:30:07.0490 0x03a0 DfsC - ok
15:30:07.0505 0x03a0 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
15:30:07.0583 0x03a0 Dhcp - ok
15:30:07.0583 0x03a0 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
15:30:07.0630 0x03a0 discache - ok
15:30:07.0661 0x03a0 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
15:30:07.0677 0x03a0 Disk - ok
15:30:07.0677 0x03a0 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
15:30:07.0739 0x03a0 Dnscache - ok
15:30:07.0755 0x03a0 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
15:30:07.0802 0x03a0 dot3svc - ok
15:30:07.0817 0x03a0 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
15:30:07.0849 0x03a0 DPS - ok
15:30:07.0880 0x03a0 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
15:30:07.0911 0x03a0 drmkaud - ok
15:30:07.0958 0x03a0 [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
15:30:08.0020 0x03a0 DXGKrnl - ok
15:30:08.0067 0x03a0 [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
15:30:08.0098 0x03a0 e1express - ok
15:30:08.0145 0x03a0 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
15:30:08.0192 0x03a0 EapHost - ok
15:30:08.0301 0x03a0 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
15:30:08.0410 0x03a0 ebdrv - ok
15:30:08.0457 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
15:30:08.0473 0x03a0 EFS - ok
15:30:08.0535 0x03a0 [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
15:30:08.0582 0x03a0 ehRecvr - ok
15:30:08.0582 0x03a0 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
15:30:08.0613 0x03a0 ehSched - ok
15:30:08.0660 0x03a0 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
15:30:08.0675 0x03a0 elxstor - ok
15:30:08.0691 0x03a0 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
15:30:08.0722 0x03a0 ErrDev - ok
15:30:08.0769 0x03a0 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
15:30:08.0816 0x03a0 EventSystem - ok
15:30:08.0847 0x03a0 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
15:30:08.0878 0x03a0 exfat - ok
15:30:08.0894 0x03a0 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
15:30:08.0941 0x03a0 fastfat - ok
15:30:08.0972 0x03a0 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
15:30:09.0019 0x03a0 Fax - ok
15:30:09.0050 0x03a0 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
15:30:09.0081 0x03a0 fdc - ok
15:30:09.0097 0x03a0 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
15:30:09.0143 0x03a0 fdPHost - ok
15:30:09.0159 0x03a0 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
15:30:09.0175 0x03a0 FDResPub - ok
15:30:09.0206 0x03a0 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
15:30:09.0206 0x03a0 FileInfo - ok
15:30:09.0221 0x03a0 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
15:30:09.0237 0x03a0 Filetrace - ok
15:30:09.0253 0x03a0 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
15:30:09.0284 0x03a0 flpydisk - ok
15:30:09.0315 0x03a0 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
15:30:09.0315 0x03a0 FltMgr - ok
15:30:09.0362 0x03a0 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
15:30:09.0409 0x03a0 FontCache - ok
15:30:09.0455 0x03a0 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
15:30:09.0471 0x03a0 FontCache3.0.0.0 - ok
15:30:09.0487 0x03a0 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
15:30:09.0487 0x03a0 FsDepends - ok
15:30:09.0502 0x03a0 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
15:30:09.0502 0x03a0 Fs_Rec - ok
15:30:09.0518 0x03a0 [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
15:30:09.0533 0x03a0 fvevol - ok
15:30:09.0565 0x03a0 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
15:30:09.0565 0x03a0 gagp30kx - ok
15:30:09.0596 0x03a0 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
15:30:09.0643 0x03a0 gpsvc - ok
15:30:09.0658 0x03a0 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
15:30:09.0689 0x03a0 hcw85cir - ok
15:30:09.0752 0x03a0 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
15:30:09.0799 0x03a0 HdAudAddService - ok
15:30:09.0814 0x03a0 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
15:30:09.0845 0x03a0 HDAudBus - ok
15:30:09.0892 0x03a0 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
15:30:09.0892 0x03a0 HidBatt - ok
15:30:09.0908 0x03a0 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
15:30:09.0939 0x03a0 HidBth - ok
15:30:09.0970 0x03a0 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
15:30:09.0986 0x03a0 HidIr - ok
15:30:10.0001 0x03a0 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
15:30:10.0048 0x03a0 hidserv - ok
15:30:10.0079 0x03a0 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
15:30:10.0111 0x03a0 HidUsb - ok
15:30:10.0142 0x03a0 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
15:30:10.0173 0x03a0 hkmsvc - ok
15:30:10.0189 0x03a0 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
15:30:10.0220 0x03a0 HomeGroupListener - ok
15:30:10.0329 0x03a0 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
15:30:10.0360 0x03a0 HomeGroupProvider - ok
15:30:10.0391 0x03a0 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
15:30:10.0407 0x03a0 HpSAMD - ok
15:30:10.0423 0x03a0 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
15:30:10.0469 0x03a0 HTTP - ok
15:30:10.0469 0x03a0 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
15:30:10.0485 0x03a0 hwpolicy - ok
15:30:10.0501 0x03a0 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
15:30:10.0532 0x03a0 i8042prt - ok
15:30:10.0563 0x03a0 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
15:30:10.0594 0x03a0 iaStorV - ok
15:30:10.0641 0x03a0 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
15:30:10.0657 0x03a0 idsvc - ok
15:30:10.0672 0x03a0 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
15:30:10.0672 0x03a0 iirsp - ok
15:30:10.0719 0x03a0 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
15:30:10.0781 0x03a0 IKEEXT - ok
15:30:10.0813 0x03a0 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
15:30:10.0828 0x03a0 intelide - ok
15:30:10.0828 0x03a0 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
15:30:10.0844 0x03a0 intelppm - ok
15:30:10.0859 0x03a0 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
15:30:10.0875 0x03a0 IPBusEnum - ok
15:30:10.0891 0x03a0 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
15:30:10.0906 0x03a0 IpFilterDriver - ok
15:30:10.0937 0x03a0 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
15:30:10.0984 0x03a0 iphlpsvc - ok
15:30:11.0015 0x03a0 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
15:30:11.0031 0x03a0 IPMIDRV - ok
15:30:11.0047 0x03a0 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
15:30:11.0078 0x03a0 IPNAT - ok
15:30:11.0109 0x03a0 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
15:30:11.0125 0x03a0 IRENUM - ok
15:30:11.0125 0x03a0 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
15:30:11.0140 0x03a0 isapnp - ok
15:30:11.0156 0x03a0 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
15:30:11.0156 0x03a0 iScsiPrt - ok
15:30:11.0187 0x03a0 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
15:30:11.0187 0x03a0 kbdclass - ok
15:30:11.0187 0x03a0 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
15:30:11.0218 0x03a0 kbdhid - ok
15:30:11.0249 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
15:30:11.0265 0x03a0 KeyIso - ok
15:30:11.0265 0x03a0 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
15:30:11.0281 0x03a0 KSecDD - ok
15:30:11.0281 0x03a0 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
15:30:11.0296 0x03a0 KSecPkg - ok
15:30:11.0327 0x03a0 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
15:30:11.0374 0x03a0 KtmRm - ok
15:30:11.0405 0x03a0 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\system32\srvsvc.dll
15:30:11.0468 0x03a0 LanmanServer - ok
15:30:11.0499 0x03a0 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
15:30:11.0530 0x03a0 LanmanWorkstation - ok
15:30:11.0561 0x03a0 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
15:30:11.0593 0x03a0 lltdio - ok
15:30:11.0639 0x03a0 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
15:30:11.0671 0x03a0 lltdsvc - ok
15:30:11.0686 0x03a0 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
15:30:11.0717 0x03a0 lmhosts - ok
15:30:11.0749 0x03a0 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
15:30:11.0764 0x03a0 LSI_FC - ok
15:30:11.0764 0x03a0 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
15:30:11.0780 0x03a0 LSI_SAS - ok
15:30:11.0795 0x03a0 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
15:30:11.0795 0x03a0 LSI_SAS2 - ok
15:30:11.0795 0x03a0 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
15:30:11.0811 0x03a0 LSI_SCSI - ok
15:30:11.0811 0x03a0 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
15:30:11.0858 0x03a0 luafv - ok
15:30:11.0889 0x03a0 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
15:30:11.0889 0x03a0 Mcx2Svc - ok
15:30:11.0905 0x03a0 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
15:30:11.0905 0x03a0 megasas - ok
15:30:11.0920 0x03a0 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
15:30:11.0920 0x03a0 MegaSR - ok
15:30:11.0951 0x03a0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
15:30:11.0967 0x03a0 MMCSS - ok
15:30:11.0983 0x03a0 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
15:30:12.0029 0x03a0 Modem - ok
15:30:12.0092 0x03a0 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
15:30:12.0139 0x03a0 monitor - ok
15:30:12.0170 0x03a0 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
15:30:12.0170 0x03a0 mouclass - ok
15:30:12.0185 0x03a0 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
15:30:12.0217 0x03a0 mouhid - ok
15:30:12.0217 0x03a0 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
15:30:12.0232 0x03a0 mountmgr - ok
15:30:12.0310 0x03a0 [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
15:30:12.0326 0x03a0 MozillaMaintenance - ok
15:30:12.0341 0x03a0 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
15:30:12.0357 0x03a0 mpio - ok
15:30:12.0373 0x03a0 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
15:30:12.0419 0x03a0 mpsdrv - ok
15:30:12.0451 0x03a0 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
15:30:12.0497 0x03a0 MpsSvc - ok
15:30:12.0513 0x03a0 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
15:30:12.0529 0x03a0 MRxDAV - ok
15:30:12.0529 0x03a0 [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
15:30:12.0575 0x03a0 mrxsmb - ok
15:30:12.0575 0x03a0 [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
15:30:12.0607 0x03a0 mrxsmb10 - ok
15:30:12.0607 0x03a0 [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
15:30:12.0638 0x03a0 mrxsmb20 - ok
15:30:12.0638 0x03a0 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
15:30:12.0653 0x03a0 msahci - ok
15:30:12.0653 0x03a0 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
15:30:12.0669 0x03a0 msdsm - ok
15:30:12.0700 0x03a0 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
15:30:12.0731 0x03a0 MSDTC - ok
15:30:12.0731 0x03a0 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
15:30:12.0763 0x03a0 Msfs - ok
15:30:12.0778 0x03a0 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
15:30:12.0825 0x03a0 mshidkmdf - ok
15:30:12.0825 0x03a0 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
15:30:12.0841 0x03a0 msisadrv - ok
15:30:12.0887 0x03a0 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
15:30:12.0903 0x03a0 MSiSCSI - ok
15:30:12.0919 0x03a0 msiserver - ok
15:30:12.0919 0x03a0 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
15:30:12.0981 0x03a0 MSKSSRV - ok
15:30:12.0997 0x03a0 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
15:30:13.0043 0x03a0 MSPCLOCK - ok
15:30:13.0075 0x03a0 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
15:30:13.0121 0x03a0 MSPQM - ok
15:30:13.0153 0x03a0 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
15:30:13.0153 0x03a0 MsRPC - ok
15:30:13.0168 0x03a0 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
15:30:13.0168 0x03a0 mssmbios - ok
15:30:13.0184 0x03a0 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
15:30:13.0199 0x03a0 MSTEE - ok
15:30:13.0215 0x03a0 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
15:30:13.0246 0x03a0 MTConfig - ok
15:30:13.0246 0x03a0 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
15:30:13.0262 0x03a0 Mup - ok
15:30:13.0293 0x03a0 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
15:30:13.0355 0x03a0 napagent - ok
15:30:13.0402 0x03a0 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
15:30:13.0433 0x03a0 NativeWifiP - ok
15:30:13.0480 0x03a0 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
15:30:13.0511 0x03a0 NDIS - ok
15:30:13.0527 0x03a0 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
15:30:13.0558 0x03a0 NdisCap - ok
15:30:13.0558 0x03a0 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
15:30:13.0589 0x03a0 NdisTapi - ok
15:30:13.0605 0x03a0 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
15:30:13.0621 0x03a0 Ndisuio - ok
15:30:13.0636 0x03a0 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
15:30:13.0652 0x03a0 NdisWan - ok
15:30:13.0667 0x03a0 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
15:30:13.0683 0x03a0 NDProxy - ok
15:30:13.0683 0x03a0 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
15:30:13.0714 0x03a0 NetBIOS - ok
15:30:13.0714 0x03a0 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
15:30:13.0761 0x03a0 NetBT - ok
15:30:13.0777 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
15:30:13.0792 0x03a0 Netlogon - ok
15:30:13.0808 0x03a0 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
15:30:13.0870 0x03a0 Netman - ok
15:30:13.0901 0x03a0 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
15:30:13.0964 0x03a0 netprofm - ok
15:30:14.0011 0x03a0 [ FE2AA5A684B0DD9B1FAE57B7817C198B, 59137B15AD038C31BEB909EC11019E08C072DD7EE611B9618B7523880453BD4F ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
15:30:14.0011 0x03a0 NetTcpPortSharing - ok
15:30:14.0042 0x03a0 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
15:30:14.0042 0x03a0 nfrd960 - ok
15:30:14.0057 0x03a0 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
15:30:14.0104 0x03a0 NlaSvc - ok
15:30:14.0120 0x03a0 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
15:30:14.0135 0x03a0 Npfs - ok
15:30:14.0167 0x03a0 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
15:30:14.0182 0x03a0 nsi - ok
15:30:14.0198 0x03a0 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
15:30:14.0245 0x03a0 nsiproxy - ok
15:30:14.0291 0x03a0 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
15:30:14.0323 0x03a0 Ntfs - ok
15:30:14.0338 0x03a0 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
15:30:14.0369 0x03a0 Null - ok
15:30:14.0666 0x03a0 [ B0881DDA5A8160422561FFAB7F0008B1, 0D89792394CF44119CCBE9B1E8C0F5563ED41141C17C6B2D32B1D1C458BAC359 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
15:30:14.0931 0x03a0 nvlddmkm - ok
15:30:14.0978 0x03a0 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
15:30:14.0978 0x03a0 nvraid - ok
15:30:14.0993 0x03a0 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
15:30:15.0009 0x03a0 nvstor - ok
15:30:15.0025 0x03a0 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
15:30:15.0025 0x03a0 nv_agp - ok
15:30:15.0040 0x03a0 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
15:30:15.0071 0x03a0 ohci1394 - ok
15:30:15.0118 0x03a0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
15:30:15.0134 0x03a0 p2pimsvc - ok
15:30:15.0165 0x03a0 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
15:30:15.0181 0x03a0 p2psvc - ok
15:30:15.0212 0x03a0 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
15:30:15.0243 0x03a0 Parport - ok
15:30:15.0243 0x03a0 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
15:30:15.0259 0x03a0 partmgr - ok
15:30:15.0290 0x03a0 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
15:30:15.0321 0x03a0 Parvdm - ok
15:30:15.0352 0x03a0 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
15:30:15.0368 0x03a0 PcaSvc - ok
15:30:15.0383 0x03a0 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
15:30:15.0383 0x03a0 pci - ok
15:30:15.0399 0x03a0 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
15:30:15.0399 0x03a0 pciide - ok
15:30:15.0415 0x03a0 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
15:30:15.0430 0x03a0 pcmcia - ok
15:30:15.0430 0x03a0 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
15:30:15.0446 0x03a0 pcw - ok
15:30:15.0477 0x03a0 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
15:30:15.0524 0x03a0 PEAUTH - ok
15:30:15.0586 0x03a0 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
15:30:15.0649 0x03a0 PeerDistSvc - ok
15:30:15.0727 0x03a0 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
15:30:15.0805 0x03a0 pla - ok
15:30:15.0836 0x03a0 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
15:30:15.0883 0x03a0 PlugPlay - ok
15:30:15.0914 0x03a0 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
15:30:15.0945 0x03a0 PNRPAutoReg - ok
15:30:15.0976 0x03a0 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
15:30:15.0992 0x03a0 PNRPsvc - ok
15:30:16.0039 0x03a0 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
15:30:16.0101 0x03a0 PolicyAgent - ok
15:30:16.0117 0x03a0 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
15:30:16.0148 0x03a0 Power - ok
15:30:16.0163 0x03a0 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
15:30:16.0210 0x03a0 PptpMiniport - ok
15:30:16.0241 0x03a0 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
15:30:16.0273 0x03a0 Processor - ok
15:30:16.0304 0x03a0 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
15:30:16.0335 0x03a0 ProfSvc - ok
15:30:16.0366 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
15:30:16.0366 0x03a0 ProtectedStorage - ok
15:30:16.0397 0x03a0 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
15:30:16.0429 0x03a0 Psched - ok
15:30:16.0507 0x03a0 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
15:30:16.0538 0x03a0 ql2300 - ok
15:30:16.0553 0x03a0 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
15:30:16.0569 0x03a0 ql40xx - ok
15:30:16.0585 0x03a0 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
15:30:16.0616 0x03a0 QWAVE - ok
15:30:16.0631 0x03a0 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
15:30:16.0631 0x03a0 QWAVEdrv - ok
15:30:16.0663 0x03a0 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
15:30:16.0709 0x03a0 RasAcd - ok
15:30:16.0741 0x03a0 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
15:30:16.0787 0x03a0 RasAgileVpn - ok
15:30:16.0834 0x03a0 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
15:30:16.0865 0x03a0 RasAuto - ok
15:30:16.0881 0x03a0 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
15:30:16.0928 0x03a0 Rasl2tp - ok
15:30:16.0959 0x03a0 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
15:30:16.0975 0x03a0 RasMan - ok
15:30:16.0990 0x03a0 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
15:30:17.0021 0x03a0 RasPppoe - ok
15:30:17.0053 0x03a0 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
15:30:17.0068 0x03a0 RasSstp - ok
15:30:17.0084 0x03a0 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
15:30:17.0099 0x03a0 rdbss - ok
15:30:17.0146 0x03a0 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
15:30:17.0162 0x03a0 rdpbus - ok
15:30:17.0162 0x03a0 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
15:30:17.0193 0x03a0 RDPCDD - ok
15:30:17.0209 0x03a0 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
15:30:17.0240 0x03a0 RDPDR - ok
15:30:17.0287 0x03a0 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
15:30:17.0302 0x03a0 RDPENCDD - ok
15:30:17.0318 0x03a0 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
15:30:17.0365 0x03a0 RDPREFMP - ok
15:30:17.0396 0x03a0 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
15:30:17.0427 0x03a0 RDPWD - ok
15:30:17.0443 0x03a0 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
15:30:17.0458 0x03a0 rdyboost - ok
15:30:17.0474 0x03a0 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
15:30:17.0505 0x03a0 RemoteAccess - ok
15:30:17.0536 0x03a0 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
15:30:17.0567 0x03a0 RemoteRegistry - ok
15:30:17.0583 0x03a0 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
15:30:17.0630 0x03a0 RpcEptMapper - ok
15:30:17.0645 0x03a0 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
15:30:17.0677 0x03a0 RpcLocator - ok
15:30:17.0708 0x03a0 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
15:30:17.0739 0x03a0 RpcSs - ok
15:30:17.0770 0x03a0 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
15:30:17.0786 0x03a0 rspndr - ok
15:30:17.0801 0x03a0 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
15:30:17.0817 0x03a0 s3cap - ok
15:30:17.0817 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
15:30:17.0833 0x03a0 SamSs - ok
15:30:17.0848 0x03a0 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
15:30:17.0848 0x03a0 sbp2port - ok
15:30:17.0864 0x03a0 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
15:30:17.0926 0x03a0 SCardSvr - ok
15:30:17.0942 0x03a0 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
15:30:17.0989 0x03a0 scfilter - ok
15:30:18.0067 0x03a0 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
15:30:18.0129 0x03a0 Schedule - ok
15:30:18.0145 0x03a0 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
15:30:18.0176 0x03a0 SCPolicySvc - ok
15:30:18.0191 0x03a0 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
15:30:18.0223 0x03a0 SDRSVC - ok
15:30:18.0254 0x03a0 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
15:30:18.0301 0x03a0 secdrv - ok
15:30:18.0332 0x03a0 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
15:30:18.0379 0x03a0 seclogon - ok
15:30:18.0379 0x03a0 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
15:30:18.0410 0x03a0 SENS - ok
15:30:18.0457 0x03a0 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
15:30:18.0488 0x03a0 SensrSvc - ok
15:30:18.0519 0x03a0 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
15:30:18.0535 0x03a0 Serenum - ok
15:30:18.0550 0x03a0 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
15:30:18.0581 0x03a0 Serial - ok
15:30:18.0597 0x03a0 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
15:30:18.0597 0x03a0 sermouse - ok
15:30:18.0628 0x03a0 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
15:30:18.0675 0x03a0 SessionEnv - ok
15:30:18.0691 0x03a0 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
15:30:18.0722 0x03a0 sffdisk - ok
15:30:18.0753 0x03a0 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
15:30:18.0784 0x03a0 sffp_mmc - ok
15:30:18.0800 0x03a0 [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
15:30:18.0815 0x03a0 sffp_sd - ok
15:30:18.0831 0x03a0 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
15:30:18.0862 0x03a0 sfloppy - ok
15:30:18.0909 0x03a0 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
15:30:18.0940 0x03a0 SharedAccess - ok
15:30:18.0971 0x03a0 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
15:30:19.0018 0x03a0 ShellHWDetection - ok
15:30:19.0065 0x03a0 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
15:30:19.0065 0x03a0 sisagp - ok
15:30:19.0081 0x03a0 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
15:30:19.0096 0x03a0 SiSRaid2 - ok
15:30:19.0096 0x03a0 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
15:30:19.0112 0x03a0 SiSRaid4 - ok
15:30:19.0127 0x03a0 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
15:30:19.0174 0x03a0 Smb - ok
15:30:19.0205 0x03a0 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
15:30:19.0221 0x03a0 SNMPTRAP - ok
15:30:19.0237 0x03a0 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
15:30:19.0252 0x03a0 spldr - ok
15:30:19.0268 0x03a0 [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
15:30:19.0283 0x03a0 Spooler - ok
15:30:19.0393 0x03a0 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
15:30:19.0486 0x03a0 sppsvc - ok
15:30:19.0502 0x03a0 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
15:30:19.0549 0x03a0 sppuinotify - ok
15:30:19.0580 0x03a0 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
15:30:19.0611 0x03a0 srv - ok
15:30:19.0627 0x03a0 [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
15:30:19.0642 0x03a0 srv2 - ok
15:30:19.0673 0x03a0 [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
15:30:19.0689 0x03a0 srvnet - ok
15:30:19.0705 0x03a0 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
15:30:19.0736 0x03a0 SSDPSRV - ok
15:30:19.0736 0x03a0 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
15:30:19.0783 0x03a0 SstpSvc - ok
15:30:19.0798 0x03a0 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
15:30:19.0798 0x03a0 stexstor - ok
15:30:19.0845 0x03a0 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
15:30:19.0876 0x03a0 StiSvc - ok
15:30:19.0892 0x03a0 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
15:30:19.0892 0x03a0 storflt - ok
15:30:19.0923 0x03a0 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
15:30:19.0939 0x03a0 StorSvc - ok
15:30:19.0939 0x03a0 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
15:30:19.0954 0x03a0 storvsc - ok
15:30:19.0970 0x03a0 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
15:30:19.0970 0x03a0 swenum - ok
15:30:20.0001 0x03a0 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
15:30:20.0032 0x03a0 swprv - ok
15:30:20.0079 0x03a0 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
15:30:20.0141 0x03a0 SysMain - ok
15:30:20.0157 0x03a0 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
15:30:20.0173 0x03a0 TabletInputService - ok
15:30:20.0204 0x03a0 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
15:30:20.0251 0x03a0 TapiSrv - ok
15:30:20.0251 0x03a0 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
15:30:20.0297 0x03a0 TBS - ok
15:30:20.0360 0x03a0 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
15:30:20.0391 0x03a0 Tcpip - ok
15:30:20.0453 0x03a0 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
15:30:20.0485 0x03a0 TCPIP6 - ok
15:30:20.0500 0x03a0 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
15:30:20.0547 0x03a0 tcpipreg - ok
15:30:20.0563 0x03a0 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
15:30:20.0578 0x03a0 TDPIPE - ok
15:30:20.0594 0x03a0 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
15:30:20.0641 0x03a0 TDTCP - ok
15:30:20.0641 0x03a0 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
15:30:20.0672 0x03a0 tdx - ok
15:30:20.0672 0x03a0 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
15:30:20.0672 0x03a0 TermDD - ok
15:30:20.0719 0x03a0 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
15:30:20.0781 0x03a0 TermService - ok
15:30:20.0812 0x03a0 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
15:30:20.0843 0x03a0 Themes - ok
15:30:20.0875 0x03a0 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
15:30:20.0890 0x03a0 THREADORDER - ok
15:30:20.0906 0x03a0 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
15:30:20.0953 0x03a0 TrkWks - ok
15:30:20.0999 0x03a0 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
15:30:21.0015 0x03a0 TrustedInstaller - ok
15:30:21.0015 0x03a0 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
15:30:21.0046 0x03a0 tssecsrv - ok
15:30:21.0077 0x03a0 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
15:30:21.0109 0x03a0 tunnel - ok
15:30:21.0109 0x03a0 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
15:30:21.0124 0x03a0 uagp35 - ok
15:30:21.0140 0x03a0 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
15:30:21.0171 0x03a0 udfs - ok
15:30:21.0187 0x03a0 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
15:30:21.0218 0x03a0 UI0Detect - ok
15:30:21.0249 0x03a0 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
15:30:21.0265 0x03a0 uliagpkx - ok
15:30:21.0280 0x03a0 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
15:30:21.0296 0x03a0 umbus - ok
15:30:21.0311 0x03a0 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
15:30:21.0327 0x03a0 UmPass - ok
15:30:21.0358 0x03a0 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
15:30:21.0374 0x03a0 UmRdpService - ok
15:30:21.0389 0x03a0 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
15:30:21.0421 0x03a0 upnphost - ok
15:30:21.0452 0x03a0 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
15:30:21.0483 0x03a0 usbccgp - ok
15:30:21.0530 0x03a0 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
15:30:21.0561 0x03a0 usbcir - ok
15:30:21.0561 0x03a0 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
15:30:21.0592 0x03a0 usbehci - ok
15:30:21.0608 0x03a0 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
15:30:21.0623 0x03a0 usbhub - ok
15:30:21.0639 0x03a0 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
15:30:21.0655 0x03a0 usbohci - ok
15:30:21.0670 0x03a0 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
15:30:21.0701 0x03a0 usbprint - ok
15:30:21.0701 0x03a0 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
15:30:21.0717 0x03a0 USBSTOR - ok
15:30:21.0717 0x03a0 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
15:30:21.0717 0x03a0 usbuhci - ok
15:30:21.0764 0x03a0 [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
15:30:21.0779 0x03a0 usbvideo - ok
15:30:21.0811 0x03a0 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
15:30:21.0857 0x03a0 UxSms - ok
15:30:21.0873 0x03a0 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
15:30:21.0889 0x03a0 VaultSvc - ok
15:30:21.0920 0x03a0 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
15:30:21.0920 0x03a0 vdrvroot - ok
15:30:21.0951 0x03a0 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
15:30:21.0982 0x03a0 vds - ok
15:30:22.0013 0x03a0 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
15:30:22.0013 0x03a0 vga - ok
15:30:22.0029 0x03a0 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
15:30:22.0045 0x03a0 VgaSave - ok
15:30:22.0060 0x03a0 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
15:30:22.0060 0x03a0 vhdmp - ok
15:30:22.0091 0x03a0 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
15:30:22.0091 0x03a0 viaagp - ok
15:30:22.0107 0x03a0 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
15:30:22.0123 0x03a0 ViaC7 - ok
15:30:22.0154 0x03a0 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
15:30:22.0154 0x03a0 viaide - ok
15:30:22.0185 0x03a0 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
15:30:22.0201 0x03a0 vmbus - ok
15:30:22.0201 0x03a0 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
15:30:22.0216 0x03a0 VMBusHID - ok
15:30:22.0216 0x03a0 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
15:30:22.0232 0x03a0 volmgr - ok
15:30:22.0232 0x03a0 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
15:30:22.0247 0x03a0 volmgrx - ok
15:30:22.0263 0x03a0 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
15:30:22.0279 0x03a0 volsnap - ok
15:30:22.0294 0x03a0 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
15:30:22.0310 0x03a0 vsmraid - ok
15:30:22.0403 0x03a0 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
15:30:22.0466 0x03a0 VSS - ok
15:30:22.0481 0x03a0 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
15:30:22.0497 0x03a0 vwifibus - ok
15:30:22.0513 0x03a0 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
15:30:22.0559 0x03a0 W32Time - ok
15:30:22.0575 0x03a0 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
15:30:22.0591 0x03a0 WacomPen - ok
15:30:22.0606 0x03a0 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
15:30:22.0622 0x03a0 WANARP - ok
15:30:22.0637 0x03a0 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
15:30:22.0669 0x03a0 Wanarpv6 - ok
15:30:22.0715 0x03a0 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
15:30:22.0747 0x03a0 wbengine - ok
15:30:22.0762 0x03a0 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
15:30:22.0778 0x03a0 WbioSrvc - ok
15:30:22.0793 0x03a0 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
15:30:22.0825 0x03a0 wcncsvc - ok
15:30:22.0856 0x03a0 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
15:30:22.0887 0x03a0 WcsPlugInService - ok
15:30:22.0903 0x03a0 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
15:30:22.0918 0x03a0 Wd - ok
15:30:22.0934 0x03a0 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
15:30:22.0949 0x03a0 Wdf01000 - ok
15:30:22.0949 0x03a0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
15:30:22.0996 0x03a0 WdiServiceHost - ok
15:30:23.0012 0x03a0 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
15:30:23.0027 0x03a0 WdiSystemHost - ok
15:30:23.0043 0x03a0 [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
15:30:23.0059 0x03a0 WebClient - ok
15:30:23.0074 0x03a0 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
15:30:23.0105 0x03a0 Wecsvc - ok
15:30:23.0105 0x03a0 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
15:30:23.0152 0x03a0 wercplsupport - ok
15:30:23.0183 0x03a0 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
15:30:23.0215 0x03a0 WerSvc - ok
15:30:23.0230 0x03a0 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
15:30:23.0261 0x03a0 WfpLwf - ok
15:30:23.0277 0x03a0 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
15:30:23.0277 0x03a0 WIMMount - ok
15:30:23.0339 0x03a0 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
15:30:23.0355 0x03a0 WinDefend - ok
15:30:23.0371 0x03a0 WinHttpAutoProxySvc - ok
15:30:23.0402 0x03a0 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
15:30:23.0433 0x03a0 Winmgmt - ok
15:30:23.0480 0x03a0 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
15:30:23.0558 0x03a0 WinRM - ok
15:30:23.0605 0x03a0 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
15:30:23.0651 0x03a0 Wlansvc - ok
15:30:23.0683 0x03a0 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
15:30:23.0698 0x03a0 WmiAcpi - ok
15:30:23.0714 0x03a0 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
15:30:23.0745 0x03a0 wmiApSrv - ok
15:30:23.0823 0x03a0 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
15:30:23.0885 0x03a0 WMPNetworkSvc - ok
15:30:23.0917 0x03a0 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
15:30:23.0932 0x03a0 WPCSvc - ok
15:30:23.0932 0x03a0 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
15:30:23.0948 0x03a0 WPDBusEnum - ok
15:30:23.0963 0x03a0 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
15:30:23.0995 0x03a0 ws2ifsl - ok
15:30:24.0088 0x03a0 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
15:30:24.0182 0x03a0 wscsvc - ok
15:30:24.0182 0x03a0 WSearch - ok
15:30:24.0431 0x03a0 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
15:30:24.0478 0x03a0 wuauserv - ok
15:30:24.0494 0x03a0 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
15:30:24.0525 0x03a0 WudfPf - ok
15:30:24.0541 0x03a0 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
15:30:24.0556 0x03a0 WUDFRd - ok
15:30:24.0587 0x03a0 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
15:30:24.0619 0x03a0 wudfsvc - ok
15:30:24.0650 0x03a0 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
15:30:24.0681 0x03a0 WwanSvc - ok
15:30:24.0712 0x03a0 ================ Scan global ===============================
15:30:24.0712 0x03a0 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
15:30:24.0743 0x03a0 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:30:24.0775 0x03a0 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
15:30:24.0853 0x03a0 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
15:30:24.0868 0x03a0 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
15:30:24.0868 0x03a0 [ Global ] - ok
15:30:24.0868 0x03a0 ================ Scan MBR ==================================
15:30:24.0884 0x03a0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
15:30:25.0102 0x03a0 \Device\Harddisk1\DR1 - ok
15:30:25.0102 0x03a0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
15:30:25.0243 0x03a0 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
15:30:25.0243 0x03a0 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
15:30:27.0941 0x03a0 ================ Scan VBR ==================================
15:30:27.0973 0x03a0 [ B484DD4AEDC500EFC2B63563447978CD ] \Device\Harddisk1\DR1\Partition1
15:30:27.0973 0x03a0 \Device\Harddisk1\DR1\Partition1 - ok
15:30:27.0973 0x03a0 [ E7209B150E6B7ED08C57E02057C869BF ] \Device\Harddisk1\DR1\Partition2
15:30:27.0973 0x03a0 \Device\Harddisk1\DR1\Partition2 - ok
15:30:27.0973 0x03a0 [ CBC436868EFF78E88EE7E6F9A6C721EC ] \Device\Harddisk0\DR0\Partition1
15:30:27.0973 0x03a0 \Device\Harddisk0\DR0\Partition1 - ok
15:30:27.0973 0x03a0 [ C64103FFB18E3D49843A98B0714F3236 ] \Device\Harddisk0\DR0\Partition2
15:30:27.0988 0x03a0 \Device\Harddisk0\DR0\Partition2 - ok
15:30:27.0988 0x03a0 ================ Scan generic autorun ======================
15:30:28.0066 0x03a0 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:30:28.0097 0x03a0 Sidebar - ok
15:30:28.0113 0x03a0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
15:30:28.0129 0x03a0 mctadmin - ok
15:30:28.0175 0x03a0 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
15:30:28.0222 0x03a0 Sidebar - ok
15:30:28.0222 0x03a0 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
15:30:28.0238 0x03a0 mctadmin - ok
15:30:28.0238 0x03a0 Waiting for KSN requests completion. In queue: 328
15:30:29.0252 0x03a0 Waiting for KSN requests completion. In queue: 328
15:30:30.0266 0x03a0 Waiting for KSN requests completion. In queue: 328
15:30:31.0280 0x03a0 Waiting for KSN requests completion. In queue: 328
15:30:32.0294 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:33.0308 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:34.0322 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:35.0336 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:36.0350 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:37.0364 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:38.0378 0x03a0 Waiting for KSN requests completion. In queue: 324
15:30:39.0392 0x03a0 Waiting for KSN requests completion. In queue: 309
15:30:40.0406 0x03a0 Waiting for KSN requests completion. In queue: 309
15:30:41.0420 0x03a0 Waiting for KSN requests completion. In queue: 309
15:30:42.0434 0x03a0 Waiting for KSN requests completion. In queue: 309
15:30:43.0448 0x03a0 Waiting for KSN requests completion. In queue: 309
15:30:44.0462 0x03a0 Win FW state via NFP2: enabled
15:30:47.0161 0x03a0 ============================================================
15:30:47.0161 0x03a0 Scan finished
15:30:47.0161 0x03a0 ============================================================
15:30:47.0161 0x077c Detected object count: 1
15:30:47.0161 0x077c Actual detected object count: 1
21:38:12.0158 0x077c \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
21:38:12.0158 0x077c \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
21:38:12.0158 0x077c \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
21:38:12.0158 0x077c \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
21:38:12.0158 0x077c \Device\Harddisk0\DR0\TDLFS\ldr64 - copied to quarantine
21:38:12.0173 0x077c \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
21:38:12.0189 0x077c \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
21:38:12.0189 0x077c \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
21:38:12.0189 0x077c \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
21:38:12.0189 0x077c \Device\Harddisk0\DR0\TDLFS - deleted
21:38:12.0189 0x077c \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete
|
|
06.11.2014, 13:43
| #6 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht hi, jetzt bitte nochmal nen Scan mit TDSSKiller machen und das Log posten, dann: Scan mit Combofix
__________________ --> Sämtliche Browser laden Websites sehr Langsam bzw Garnicht |
|
06.11.2014, 16:46
| #7 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht TDSSKiller Code:
ATTFilter 16:24:04.0840 0x08dc TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
16:24:08.0475 0x08dc ============================================================
16:24:08.0475 0x08dc Current date / time: 2014/11/06 16:24:08.0475
16:24:08.0475 0x08dc SystemInfo:
16:24:08.0475 0x08dc
16:24:08.0475 0x08dc OS Version: 6.1.7600 ServicePack: 0.0
16:24:08.0475 0x08dc Product type: Workstation
16:24:08.0475 0x08dc ComputerName: CEROX
16:24:08.0475 0x08dc UserName: Luca
16:24:08.0475 0x08dc Windows directory: C:\Windows
16:24:08.0475 0x08dc System windows directory: C:\Windows
16:24:08.0475 0x08dc Processor architecture: Intel x86
16:24:08.0475 0x08dc Number of processors: 4
16:24:08.0475 0x08dc Page size: 0x1000
16:24:08.0475 0x08dc Boot type: Normal boot
16:24:08.0475 0x08dc ============================================================
16:24:13.0966 0x08dc KLMD registered as C:\Windows\system32\drivers\02620293.sys
16:24:14.0185 0x08dc System UUID: {0C7871EE-B96F-5D86-99CB-3D0BA5241722}
16:24:14.0684 0x08dc Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:24:14.0699 0x08dc Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
16:24:14.0731 0x08dc ============================================================
16:24:14.0731 0x08dc \Device\Harddisk0\DR0:
16:24:14.0731 0x08dc MBR partitions:
16:24:14.0731 0x08dc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x37B802CE
16:24:14.0746 0x08dc \Device\Harddisk0\DR0\Partition2: MBR, Type 0xB, StartLBA 0x37B8034C, BlocksNum 0x28048F5
16:24:14.0746 0x08dc \Device\Harddisk1\DR1:
16:24:14.0746 0x08dc MBR partitions:
16:24:14.0746 0x08dc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
16:24:14.0746 0x08dc \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x38DB0000
16:24:14.0746 0x08dc ============================================================
16:24:14.0793 0x08dc C: <-> \Device\Harddisk0\DR0\Partition1
16:24:14.0793 0x08dc D: <-> \Device\Harddisk0\DR0\Partition2
16:24:14.0809 0x08dc F: <-> \Device\Harddisk1\DR1\Partition1
16:24:14.0824 0x08dc G: <-> \Device\Harddisk1\DR1\Partition2
16:24:14.0824 0x08dc ============================================================
16:24:14.0824 0x08dc Initialize success
16:24:14.0824 0x08dc ============================================================
16:24:21.0969 0x0d38 ============================================================
16:24:21.0969 0x0d38 Scan started
16:24:21.0969 0x0d38 Mode: Manual; SigCheck; TDLFS;
16:24:21.0969 0x0d38 ============================================================
16:24:21.0969 0x0d38 KSN ping started
16:24:36.0274 0x0d38 KSN ping finished: true
16:24:37.0382 0x0d38 ================ Scan system memory ========================
16:24:37.0382 0x0d38 System memory - ok
16:24:37.0382 0x0d38 ================ Scan services =============================
16:24:37.0491 0x0d38 [ 6D2ACA41739BFE8CB86EE8E85F29697D, 74A4F53C8309A8E5E94CDE4D440DD5308566185E6D8D98FD08E70A25BD728C91 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
16:24:37.0538 0x0d38 1394ohci - ok
16:24:37.0569 0x0d38 [ F0E07D144C8685B8774BC32FC8DA4DF0, 39816ED2623CA9ABE2B2EDCDB2F8481634742F00FEEF7E324F34D2BAAD668A67 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
16:24:37.0585 0x0d38 ACPI - ok
16:24:37.0616 0x0d38 [ 98D81CA942D19F7D9153B095162AC013, ACE5C073323176621F3312AA9B1EE1A3382F8CDD590D90DC57B34035FD6BC281 ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
16:24:37.0663 0x0d38 AcpiPmi - ok
16:24:37.0694 0x0d38 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
16:24:37.0725 0x0d38 adp94xx - ok
16:24:37.0725 0x0d38 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
16:24:37.0756 0x0d38 adpahci - ok
16:24:37.0756 0x0d38 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
16:24:37.0772 0x0d38 adpu320 - ok
16:24:37.0803 0x0d38 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
16:24:37.0897 0x0d38 AeLookupSvc - ok
16:24:37.0928 0x0d38 [ DDC040FDB01EF1712A6B13E52AFB104C, BF17E91BBB85A04F1EEF580CD006101332CDE5B876A0D04C6932F30707BB184F ] AFD C:\Windows\system32\drivers\afd.sys
16:24:37.0990 0x0d38 AFD - ok
16:24:38.0053 0x0d38 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
16:24:38.0068 0x0d38 agp440 - ok
16:24:38.0084 0x0d38 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\DRIVERS\djsvs.sys
16:24:38.0084 0x0d38 aic78xx - ok
16:24:38.0115 0x0d38 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
16:24:38.0162 0x0d38 ALG - ok
16:24:38.0178 0x0d38 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
16:24:38.0178 0x0d38 aliide - ok
16:24:38.0209 0x0d38 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\DRIVERS\amdagp.sys
16:24:38.0209 0x0d38 amdagp - ok
16:24:38.0224 0x0d38 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
16:24:38.0224 0x0d38 amdide - ok
16:24:38.0240 0x0d38 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
16:24:38.0271 0x0d38 AmdK8 - ok
16:24:38.0287 0x0d38 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
16:24:38.0334 0x0d38 AmdPPM - ok
16:24:38.0365 0x0d38 [ 2101A86C25C154F8314B24EF49D7FBC2, E4C1326CF55850793B45B2BFDF361C4E98A07FB13E08BFD6DB50135489700998 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
16:24:38.0380 0x0d38 amdsata - ok
16:24:38.0380 0x0d38 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
16:24:38.0396 0x0d38 amdsbs - ok
16:24:38.0412 0x0d38 [ B81C2B5616F6420A9941EA093A92B150, DA2000C9E06533232F8716A6674BC9DFD5C3AAE1FC46F7A91B8E917DB913F42F ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
16:24:38.0412 0x0d38 amdxata - ok
16:24:38.0427 0x0d38 [ FEB834C02CE1E84B6A38F953CA067706, E5A7F8B632ABFBD1283C3D44FB02449814EDB653B204E1720DAA780A6D64FD01 ] AppID C:\Windows\system32\drivers\appid.sys
16:24:38.0490 0x0d38 AppID - ok
16:24:38.0521 0x0d38 [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc C:\Windows\System32\appidsvc.dll
16:24:38.0568 0x0d38 AppIDSvc - ok
16:24:38.0599 0x0d38 [ 7DEAD9E3F65DCB2794F2711003BBF650, F541C30EEFD1BDB70F361B878B6E51DC728873695DD137148CE531FBACCDA21B ] Appinfo C:\Windows\System32\appinfo.dll
16:24:38.0646 0x0d38 Appinfo - ok
16:24:38.0692 0x0d38 [ A45D184DF6A8803DA13A0B329517A64A, C1D16B60A6D69689AE951DC3D6884ED2E233D144B3FC0B86BC1C50AAAAA01ED2 ] AppMgmt C:\Windows\System32\appmgmts.dll
16:24:38.0724 0x0d38 AppMgmt - ok
16:24:38.0739 0x0d38 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\DRIVERS\arc.sys
16:24:38.0755 0x0d38 arc - ok
16:24:38.0755 0x0d38 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
16:24:38.0770 0x0d38 arcsas - ok
16:24:38.0786 0x0d38 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
16:24:38.0817 0x0d38 AsyncMac - ok
16:24:38.0833 0x0d38 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
16:24:38.0833 0x0d38 atapi - ok
16:24:38.0895 0x0d38 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:24:38.0958 0x0d38 AudioEndpointBuilder - ok
16:24:38.0989 0x0d38 [ 510C873BFA135AA829F4180352772734, BC528D840EB338B0C5D11801C63D8EADD40AF8043DC77ACB4B42E8D20767538F ] Audiosrv C:\Windows\System32\Audiosrv.dll
16:24:39.0020 0x0d38 Audiosrv - ok
16:24:39.0036 0x0d38 [ DD6A431B43E34B91A767D1CE33728175, 8BFF6474C9DFBEC96FA7B2789EF9B17C7910B52DBCF70CDA1F0C698CFA5EFB6E ] AxInstSV C:\Windows\System32\AxInstSV.dll
16:24:39.0082 0x0d38 AxInstSV - ok
16:24:39.0129 0x0d38 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\DRIVERS\bxvbdx.sys
16:24:39.0192 0x0d38 b06bdrv - ok
16:24:39.0223 0x0d38 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
16:24:39.0270 0x0d38 b57nd60x - ok
16:24:39.0332 0x0d38 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
16:24:39.0379 0x0d38 BDESVC - ok
16:24:39.0394 0x0d38 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
16:24:39.0410 0x0d38 Beep - ok
16:24:39.0441 0x0d38 [ 85AC71C045CEB054ED48A7841AAE0C11, BA0C0CC50E5C49838116AC9A12A7CF1A683601FD08D3CF6EC06620C51C0806FF ] BFE C:\Windows\System32\bfe.dll
16:24:39.0519 0x0d38 BFE - ok
16:24:39.0566 0x0d38 [ 53F476476F55A27F580661BDE09C4EC4, 90DFBF97F011CFF41D2CFA2E33978BC746A7E693AC75EED1436130C4F10B4E67 ] BITS C:\Windows\System32\qmgr.dll
16:24:39.0644 0x0d38 BITS - ok
16:24:39.0675 0x0d38 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
16:24:39.0691 0x0d38 blbdrive - ok
16:24:39.0706 0x0d38 [ FCAFAEF6798D7B51FF029F99A9898961, BFB37686B1386EB883B99DB6AC342C20514939F8B7A5CEC5D63865B3DC2B4D4F ] bowser C:\Windows\system32\DRIVERS\bowser.sys
16:24:39.0738 0x0d38 bowser - ok
16:24:39.0769 0x0d38 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:24:39.0784 0x0d38 BrFiltLo - ok
16:24:39.0862 0x0d38 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:24:39.0878 0x0d38 BrFiltUp - ok
16:24:39.0894 0x0d38 [ 598E1280E7FF3744F4B8329366CC5635, 9B6392AEBE7EF26253487AF8C7C114822ABB187BA32DA8DBF622DB1B8DA6F1C0 ] Browser C:\Windows\System32\browser.dll
16:24:39.0909 0x0d38 Browser - ok
16:24:39.0940 0x0d38 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
16:24:39.0972 0x0d38 Brserid - ok
16:24:39.0972 0x0d38 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
16:24:40.0018 0x0d38 BrSerWdm - ok
16:24:40.0034 0x0d38 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
16:24:40.0050 0x0d38 BrUsbMdm - ok
16:24:40.0050 0x0d38 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
16:24:40.0081 0x0d38 BrUsbSer - ok
16:24:40.0112 0x0d38 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
16:24:40.0143 0x0d38 BTHMODEM - ok
16:24:40.0174 0x0d38 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
16:24:40.0206 0x0d38 bthserv - ok
16:24:40.0221 0x0d38 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
16:24:40.0268 0x0d38 cdfs - ok
16:24:40.0299 0x0d38 [ BA6E70AA0E6091BC39DE29477D866A77, A17A68BDA46995F75FB1C2C593A81CD3B2BFE290CEAA45FA2380DDF5537A23C9 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
16:24:40.0330 0x0d38 cdrom - ok
16:24:40.0377 0x0d38 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] CertPropSvc C:\Windows\System32\certprop.dll
16:24:40.0408 0x0d38 CertPropSvc - ok
16:24:40.0471 0x0d38 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
16:24:40.0486 0x0d38 circlass - ok
16:24:40.0502 0x0d38 [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS C:\Windows\system32\CLFS.sys
16:24:40.0518 0x0d38 CLFS - ok
16:24:40.0580 0x0d38 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:24:40.0596 0x0d38 clr_optimization_v2.0.50727_32 - ok
16:24:40.0596 0x0d38 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
16:24:40.0611 0x0d38 CmBatt - ok
16:24:40.0627 0x0d38 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
16:24:40.0642 0x0d38 cmdide - ok
16:24:40.0658 0x0d38 [ 1B675691ED940766149C93E8F4488D68, A55C41B2B343B1CF53D737ED1752D0510052094FFC60FDB833279A8A52398132 ] CNG C:\Windows\system32\Drivers\cng.sys
16:24:40.0689 0x0d38 CNG - ok
16:24:40.0689 0x0d38 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
16:24:40.0705 0x0d38 Compbatt - ok
16:24:40.0705 0x0d38 [ F1724BA27E97D627F808FB0BA77A28A6, F7D69082EEFEC0FB8B309F6AEE282D4A5DFC1A40851ED65904AA9582C5DEA5AB ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
16:24:40.0720 0x0d38 CompositeBus - ok
16:24:40.0736 0x0d38 COMSysApp - ok
16:24:40.0736 0x0d38 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
16:24:40.0752 0x0d38 crcdisk - ok
16:24:40.0830 0x0d38 [ 9C231178CE4FB385F4B54B0A9080B8A4, 08EFAEBFF68D5CCE432D75116ED4BDC63FEA651459C9AD363CBEEDB769806527 ] CryptSvc C:\Windows\system32\cryptsvc.dll
16:24:40.0876 0x0d38 CryptSvc - ok
16:24:40.0923 0x0d38 [ 27C9490BDD0AE48911AB8CF1932591ED, 751F576F797F8A7BA576C32598BD6FD2E60D4FACC7836CC5BA3F68C38D27CCCA ] CSC C:\Windows\system32\drivers\csc.sys
16:24:41.0001 0x0d38 CSC - ok
16:24:41.0032 0x0d38 [ 56FB5F222EA30D3D3FC459879772CB73, 2C4646774575858E26DBA9C73853E06D0BD18CC8A4C73C633071FF5FE04CA0F4 ] CscService C:\Windows\System32\cscsvc.dll
16:24:41.0079 0x0d38 CscService - ok
16:24:41.0126 0x0d38 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] DcomLaunch C:\Windows\system32\rpcss.dll
16:24:41.0204 0x0d38 DcomLaunch - ok
16:24:41.0235 0x0d38 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
16:24:41.0282 0x0d38 defragsvc - ok
16:24:41.0313 0x0d38 [ 8E09E52EE2E3CEB199EF3DD99CF9E3FB, B03D0CF11C1D0DCBB76E74D796F3AFA2F9598C918017C29670BED4E3A9962EF5 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
16:24:41.0329 0x0d38 DfsC - ok
16:24:41.0360 0x0d38 [ C56495FBD770712367CAD35E5DE72DA6, 9D5456A2E208F542F0B6C951EFCABA2A10919777C4287D7298A28F543D5BAC32 ] Dhcp C:\Windows\system32\dhcpcore.dll
16:24:41.0407 0x0d38 Dhcp - ok
16:24:41.0407 0x0d38 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
16:24:41.0454 0x0d38 discache - ok
16:24:41.0485 0x0d38 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\DRIVERS\disk.sys
16:24:41.0485 0x0d38 Disk - ok
16:24:41.0516 0x0d38 [ D0722E963D3C6145446874241401B209, 542B3E6EC7E0161AB4732380343139959775E749996A97684A5D423833DDB196 ] Dnscache C:\Windows\System32\dnsrslvr.dll
16:24:41.0625 0x0d38 Dnscache - ok
16:24:41.0656 0x0d38 [ 4408C85C21EEA48EB0CE486BAEEF0502, 67EA726F4053665D94D7790EC89616EA0698A7548073A9211E3F75937B4384BE ] dot3svc C:\Windows\System32\dot3svc.dll
16:24:41.0719 0x0d38 dot3svc - ok
16:24:41.0750 0x0d38 [ 7FA81C6E11CAA594ADB52084DA73A1E5, 9ED1C585D9CA091E75E4A2A1E5B923B104EBDC5FC9D12154DE909C583E4D0CAE ] DPS C:\Windows\system32\dps.dll
16:24:41.0781 0x0d38 DPS - ok
16:24:41.0812 0x0d38 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
16:24:41.0844 0x0d38 drmkaud - ok
16:24:41.0890 0x0d38 [ 39806CFEDDCC55E686A49BCCD2972F23, EFD5816D3E8E7F0F8D8E52AB9C534737F32D2D6D3EACCA78940792C553881C64 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
16:24:41.0968 0x0d38 DXGKrnl - ok
16:24:42.0015 0x0d38 [ CF0A6015F437161698C5B2A0A12CF052, C23A777CF5D34C96B16A4A6197DA3F14CC2F8C56421E422BBD46617C941DBBCE ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
16:24:42.0046 0x0d38 e1express - ok
16:24:42.0078 0x0d38 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
16:24:42.0124 0x0d38 EapHost - ok
16:24:42.0249 0x0d38 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\DRIVERS\evbdx.sys
16:24:42.0421 0x0d38 ebdrv - ok
16:24:42.0452 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] EFS C:\Windows\System32\lsass.exe
16:24:42.0483 0x0d38 EFS - ok
16:24:42.0530 0x0d38 [ 3A74A6E33685662B125A3269B1F2114F, 183E180E4B35E549B5D7363D926E17226FF70CFDE7328F7B0B3676B9A27E2569 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
16:24:42.0624 0x0d38 ehRecvr - ok
16:24:42.0624 0x0d38 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
16:24:42.0655 0x0d38 ehSched - ok
16:24:42.0702 0x0d38 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
16:24:42.0717 0x0d38 elxstor - ok
16:24:42.0733 0x0d38 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
16:24:42.0764 0x0d38 ErrDev - ok
16:24:42.0811 0x0d38 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
16:24:42.0842 0x0d38 EventSystem - ok
16:24:42.0858 0x0d38 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
16:24:42.0889 0x0d38 exfat - ok
16:24:42.0889 0x0d38 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
16:24:42.0936 0x0d38 fastfat - ok
16:24:42.0982 0x0d38 [ F7EA23CC5E6BF2181F3F399D54F6EFC1, 4659A2EDC5D5171668FB20BED7B56466A674876888519D6F524F7456EBD11263 ] Fax C:\Windows\system32\fxssvc.exe
16:24:43.0060 0x0d38 Fax - ok
16:24:43.0076 0x0d38 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\DRIVERS\fdc.sys
16:24:43.0107 0x0d38 fdc - ok
16:24:43.0138 0x0d38 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
16:24:43.0185 0x0d38 fdPHost - ok
16:24:43.0185 0x0d38 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
16:24:43.0216 0x0d38 FDResPub - ok
16:24:43.0232 0x0d38 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
16:24:43.0248 0x0d38 FileInfo - ok
16:24:43.0248 0x0d38 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
16:24:43.0279 0x0d38 Filetrace - ok
16:24:43.0279 0x0d38 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
16:24:43.0310 0x0d38 flpydisk - ok
16:24:43.0341 0x0d38 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
16:24:43.0357 0x0d38 FltMgr - ok
16:24:43.0388 0x0d38 [ B6512A85815FDC3D560C3705F5BDB93D, A04D60BF4649DD7582C0E26E9CED93841D8B2729FDF6E1551F48A94AFD5A6436 ] FontCache C:\Windows\system32\FntCache.dll
16:24:43.0466 0x0d38 FontCache - ok
16:24:43.0513 0x0d38 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
16:24:43.0513 0x0d38 FontCache3.0.0.0 - ok
16:24:43.0528 0x0d38 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
16:24:43.0544 0x0d38 FsDepends - ok
16:24:43.0544 0x0d38 [ A574B4360E438977038AAE4BF60D79A2, 7255CCDDDAC4853FA72E6487408C4B7390CBA37549CE952929B2A9CF3327C616 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
16:24:43.0560 0x0d38 Fs_Rec - ok
16:24:43.0575 0x0d38 [ 5592F5DBA26282D24D2B080EB438A4D7, 5376D6CFFE9A1406CFA0BF4325EB65206F57A5C50034DA7EB4238BEB08D4D6DB ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
16:24:43.0591 0x0d38 fvevol - ok
16:24:43.0622 0x0d38 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
16:24:43.0622 0x0d38 gagp30kx - ok
16:24:43.0653 0x0d38 [ 8BA3C04702BF8F927AB36AE8313CA4EE, 3B6460C8134AA9D6E4FB978201B35FE9B67DD5BBB6C8D9625F3097DDA30C2893 ] gpsvc C:\Windows\System32\gpsvc.dll
16:24:43.0716 0x0d38 gpsvc - ok
16:24:43.0747 0x0d38 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
16:24:43.0794 0x0d38 hcw85cir - ok
16:24:43.0840 0x0d38 [ 3530CAD25DEBA7DC7DE8BB51632CBC5F, 6706B8AD211A4B89B6571ACD227412026EAD87D71456B3EC6E7DD8FA15B997BE ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:24:43.0887 0x0d38 HdAudAddService - ok
16:24:43.0918 0x0d38 [ 717A2207FD6F13AD3E664C7D5A43C7BF, BF28A6F00B64FA0E801493E3289CFFD5E313E724DF7B5AB521C9E37A20890DCF ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
16:24:43.0965 0x0d38 HDAudBus - ok
16:24:43.0996 0x0d38 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
16:24:44.0028 0x0d38 HidBatt - ok
16:24:44.0043 0x0d38 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
16:24:44.0090 0x0d38 HidBth - ok
16:24:44.0121 0x0d38 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
16:24:44.0137 0x0d38 HidIr - ok
16:24:44.0152 0x0d38 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\system32\hidserv.dll
16:24:44.0184 0x0d38 hidserv - ok
16:24:44.0199 0x0d38 [ 25072FB35AC90B25F9E4E3BACF774102, EBCE089947CC5A251A517CB91E81FCB948B18405FBACA04C874D4A48AF88676D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
16:24:44.0230 0x0d38 HidUsb - ok
16:24:44.0262 0x0d38 [ 741C2A45CA8407E374AABA3E330B7872, FCF31C46297CFDF8240F0E783A61C8463FEDB1EF7A676AB89DFF0EAE9F3534B4 ] hkmsvc C:\Windows\system32\kmsvc.dll
16:24:44.0277 0x0d38 hkmsvc - ok
16:24:44.0293 0x0d38 [ A768CA158BB06782A2835B907F4873C3, EFF736C6BA38FB8FC8807286AB273E7274F505E8E59D952E8563DF77C412C5AE ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:24:44.0355 0x0d38 HomeGroupListener - ok
16:24:44.0386 0x0d38 [ FB08DEC5EF43D0C66D83B8E9694E7549, 9C9ECE9E90F524791FC5DCE797BAE39605F966592126FF058BA3FA0BEFD07BEB ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:24:44.0418 0x0d38 HomeGroupProvider - ok
16:24:44.0449 0x0d38 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
16:24:44.0464 0x0d38 HpSAMD - ok
16:24:44.0496 0x0d38 [ C531C7FD9E8B62021112787C4E2C5A5A, 09205E2A5BFB6C623B312B8AC82F7F7CA8A922B1D9A0E3952BD3BA47BBE1F18C ] HTTP C:\Windows\system32\drivers\HTTP.sys
16:24:44.0574 0x0d38 HTTP - ok
16:24:44.0574 0x0d38 [ 8305F33CDE89AD6C7A0763ED0B5A8D42, A7CA4978DC1FF6105EA39124DF854F0B1FD478476B871ED0E018AF3AE2165282 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
16:24:44.0574 0x0d38 hwpolicy - ok
16:24:44.0620 0x0d38 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
16:24:44.0652 0x0d38 i8042prt - ok
16:24:44.0667 0x0d38 [ 934AF4D7C5F457B9F0743F4299B77B67, F232554352BB7CD716D6173FC1AB2661E49480994BB22E9A6FE7A33B51F0A51B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
16:24:44.0683 0x0d38 iaStorV - ok
16:24:44.0761 0x0d38 [ 5AF815EB5BC9802E5A064E2BA62BFC0C, DC8CED05F623D30C57E8A7A382A219B4266C9C766ABF8A8D71783EACB8607B82 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
16:24:44.0792 0x0d38 idsvc - ok
16:24:44.0823 0x0d38 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
16:24:44.0823 0x0d38 iirsp - ok
16:24:44.0854 0x0d38 [ FAC0EE6562B121B1399D6E855583F7A5, 034C9EE9232EB2CE64297EC4BCBEB5DA443ED9176C436CC754EF84FFB4AD4B08 ] IKEEXT C:\Windows\System32\ikeext.dll
16:24:44.0932 0x0d38 IKEEXT - ok
16:24:45.0010 0x0d38 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
16:24:45.0010 0x0d38 intelide - ok
16:24:45.0026 0x0d38 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
16:24:45.0042 0x0d38 intelppm - ok
16:24:45.0057 0x0d38 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
16:24:45.0088 0x0d38 IPBusEnum - ok
16:24:45.0104 0x0d38 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:24:45.0135 0x0d38 IpFilterDriver - ok
16:24:45.0166 0x0d38 [ 477397B432A256A50EE7E4339EB9EA14, 3722938E69D16962F773F39669E9B90279DC9527BBC63564B33C89DAFD283497 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
16:24:45.0229 0x0d38 iphlpsvc - ok
16:24:45.0260 0x0d38 [ E4454B6C37D7FFD5649611F6496308A7, 5B2AA8C06076C9A1FF944E5EA07C29BA7FABEBB38E6BFB388ED46933EAC465FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
16:24:45.0276 0x0d38 IPMIDRV - ok
16:24:45.0291 0x0d38 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
16:24:45.0322 0x0d38 IPNAT - ok
16:24:45.0354 0x0d38 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
16:24:45.0369 0x0d38 IRENUM - ok
16:24:45.0385 0x0d38 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
16:24:45.0385 0x0d38 isapnp - ok
16:24:45.0400 0x0d38 [ ED46C223AE46C6866AB77CDC41C404B7, 1B2A4A3FF0E5F8F02717F20983D57612D62DFF809064A7E524700E7254BB7DB3 ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
16:24:45.0416 0x0d38 iScsiPrt - ok
16:24:45.0432 0x0d38 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
16:24:45.0447 0x0d38 kbdclass - ok
16:24:45.0447 0x0d38 [ 3D9F0EBF350EDCFD6498057301455964, B3CB5F0C045B06C86E683F3C67DC0D4E37AF16E20B189B05C926A5A7011438FB ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
16:24:45.0463 0x0d38 kbdhid - ok
16:24:45.0478 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] KeyIso C:\Windows\system32\lsass.exe
16:24:45.0494 0x0d38 KeyIso - ok
16:24:45.0494 0x0d38 [ E36A061EC11B373826905B21BE10948F, CB9F8B76E0A99307A841B66CBD96C7087CC0B068699CBEF01040E37C6EA60E6A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
16:24:45.0510 0x0d38 KSecDD - ok
16:24:45.0510 0x0d38 [ 26C046977E85B95036453D7B88BA1820, 375B284AFB407CAE417D2090B112A0ED1CCD516ABFDDBFCD5D6AADE859F14ACD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
16:24:45.0525 0x0d38 KSecPkg - ok
16:24:45.0556 0x0d38 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
16:24:45.0603 0x0d38 KtmRm - ok
16:24:45.0634 0x0d38 [ BCA92CB047A4326925ECEF759DBAA233, C2A188F5526882A2E3AC4CC0190452DA37CBD93043DFE5571A20E8EFE9D56DA3 ] LanmanServer C:\Windows\system32\srvsvc.dll
16:24:45.0681 0x0d38 LanmanServer - ok
16:24:45.0728 0x0d38 [ B9891F885DCF1F0513A51CB58493CB1F, C883D243E1E7B7AEA031FB90FE4FCEED631F835DC95F9D9D60BC554E6EC358C2 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:24:45.0775 0x0d38 LanmanWorkstation - ok
16:24:45.0806 0x0d38 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
16:24:45.0853 0x0d38 lltdio - ok
16:24:45.0884 0x0d38 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
16:24:45.0931 0x0d38 lltdsvc - ok
16:24:45.0931 0x0d38 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
16:24:45.0978 0x0d38 lmhosts - ok
16:24:46.0009 0x0d38 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
16:24:46.0024 0x0d38 LSI_FC - ok
16:24:46.0040 0x0d38 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
16:24:46.0056 0x0d38 LSI_SAS - ok
16:24:46.0056 0x0d38 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:24:46.0071 0x0d38 LSI_SAS2 - ok
16:24:46.0071 0x0d38 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:24:46.0087 0x0d38 LSI_SCSI - ok
16:24:46.0087 0x0d38 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
16:24:46.0134 0x0d38 luafv - ok
16:24:46.0165 0x0d38 [ E2B0887816ED336685954E3D8FDAA51D, 4DCB08ADC6A89DCA68D1285734B283B567888EF72249F6BBA73A63D1BD462466 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
16:24:46.0180 0x0d38 Mcx2Svc - ok
16:24:46.0196 0x0d38 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
16:24:46.0196 0x0d38 megasas - ok
16:24:46.0321 0x0d38 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
16:24:46.0352 0x0d38 MegaSR - ok
16:24:46.0368 0x0d38 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
16:24:46.0399 0x0d38 MMCSS - ok
16:24:46.0414 0x0d38 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
16:24:46.0430 0x0d38 Modem - ok
16:24:46.0446 0x0d38 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
16:24:46.0477 0x0d38 monitor - ok
16:24:46.0508 0x0d38 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
16:24:46.0508 0x0d38 mouclass - ok
16:24:46.0508 0x0d38 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
16:24:46.0555 0x0d38 mouhid - ok
16:24:46.0555 0x0d38 [ 921C18727C5920D6C0300736646931C2, 19ACE502982E9C5B0134676102EAEE96675C9CA237E410DB36C389D6B4078301 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
16:24:46.0570 0x0d38 mountmgr - ok
16:24:46.0648 0x0d38 [ A5F6ADC56FA516594E99C328A7E7FD54, 6FB011B00B8AB085F3083E967B89BBFCA1AC7677407E9E72AD582CCC8212D136 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
16:24:46.0664 0x0d38 MozillaMaintenance - ok
16:24:46.0680 0x0d38 [ 2AF5997438C55FB79D33D015C30E1974, E8F048A02FEB400C133D0BFC1659921E73B59549E3F7D2A13929901B87A1901F ] mpio C:\Windows\system32\DRIVERS\mpio.sys
16:24:46.0695 0x0d38 mpio - ok
16:24:46.0711 0x0d38 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
16:24:46.0758 0x0d38 mpsdrv - ok
16:24:46.0789 0x0d38 [ 5CD996CECF45CBC3E8D109C86B82D69E, ABE40DA4DA555D3D5054BE28BF82E775D90DCB9E31409DC95FABF2F016B17700 ] MpsSvc C:\Windows\system32\mpssvc.dll
16:24:46.0851 0x0d38 MpsSvc - ok
16:24:46.0867 0x0d38 [ B1BE47008D20E43DA3ADC37C24CDB89D, 6E8555E84B42E5098227B35EA5ABADF2CD3AC247B37CB9E9304FF67064EBE59B ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
16:24:46.0882 0x0d38 MRxDAV - ok
16:24:46.0882 0x0d38 [ F4A054BE78AF7F410129C4B64B07DC9B, 65E14D38CCAB4FBB0C0D4A12F11B2E150AEC00AC692EE92A5CE6C982CF1190F5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
16:24:46.0929 0x0d38 mrxsmb - ok
16:24:46.0945 0x0d38 [ DEFFA295BD1895C6ED8E3078412AC60B, 3F13CD67659EC2C8ABADC2C5B48B939ECDC6DB7CAAAAC3C2823AC12842BC1630 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:24:46.0976 0x0d38 mrxsmb10 - ok
16:24:46.0992 0x0d38 [ 24D76ABE5DCAD22F19D105F76FDF0CE1, D0A7E033B4DF4AA5A9600A2A7A890FDE20AC7CE87C660817EB92FE10E2DAD343 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:24:47.0023 0x0d38 mrxsmb20 - ok
16:24:47.0023 0x0d38 [ 4326D168944123F38DD3B2D9C37A0B12, 322AE93418BE3BA6B3E11C86431EC3F4B23CADC3B968B92978A08A7C0D0D8902 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
16:24:47.0038 0x0d38 msahci - ok
16:24:47.0054 0x0d38 [ 455029C7174A2DBB03DBA8A0D8BDDD9A, 614D71978B024109ADD9A7A74F74ABD5FAA1C36A2E859AF288398EAE7CD76DF2 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
16:24:47.0070 0x0d38 msdsm - ok
16:24:47.0085 0x0d38 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
16:24:47.0116 0x0d38 MSDTC - ok
16:24:47.0132 0x0d38 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
16:24:47.0148 0x0d38 Msfs - ok
16:24:47.0179 0x0d38 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
16:24:47.0210 0x0d38 mshidkmdf - ok
16:24:47.0226 0x0d38 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
16:24:47.0226 0x0d38 msisadrv - ok
16:24:47.0272 0x0d38 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
16:24:47.0304 0x0d38 MSiSCSI - ok
16:24:47.0304 0x0d38 msiserver - ok
16:24:47.0319 0x0d38 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
16:24:47.0366 0x0d38 MSKSSRV - ok
16:24:47.0397 0x0d38 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
16:24:47.0444 0x0d38 MSPCLOCK - ok
16:24:47.0475 0x0d38 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
16:24:47.0522 0x0d38 MSPQM - ok
16:24:47.0553 0x0d38 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
16:24:47.0569 0x0d38 MsRPC - ok
16:24:47.0569 0x0d38 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
16:24:47.0584 0x0d38 mssmbios - ok
16:24:47.0584 0x0d38 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
16:24:47.0616 0x0d38 MSTEE - ok
16:24:47.0631 0x0d38 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
16:24:47.0631 0x0d38 MTConfig - ok
16:24:47.0647 0x0d38 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
16:24:47.0647 0x0d38 Mup - ok
16:24:47.0678 0x0d38 [ 80284F1985C70C86F0B5F86DA2DFE1DF, 424A5BBC28C72DA0DBABEB9E423B8C409754CD1BA3DFC9E174BF22D8BCE1BE63 ] napagent C:\Windows\system32\qagentRT.dll
16:24:47.0740 0x0d38 napagent - ok
16:24:47.0803 0x0d38 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
16:24:47.0834 0x0d38 NativeWifiP - ok
16:24:47.0896 0x0d38 [ 23759D175A0A9BAAF04D05047BC135A8, 2C8C553B4E1ED3A644F619F16BCEDD5A3C6D74A17E6E75A3E740E06B1D636348 ] NDIS C:\Windows\system32\drivers\ndis.sys
16:24:47.0928 0x0d38 NDIS - ok
16:24:47.0959 0x0d38 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
16:24:47.0974 0x0d38 NdisCap - ok
16:24:47.0990 0x0d38 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
16:24:48.0021 0x0d38 NdisTapi - ok
16:24:48.0021 0x0d38 [ B30AE7F2B6D7E343B0DF32E6C08FCE75, 39BBBF7AF886732CB9ED3E6C06DA4318554089F3BEA74C74328FE1C6EF68E70B ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
16:24:48.0052 0x0d38 Ndisuio - ok
16:24:48.0052 0x0d38 [ 267C415EADCBE53C9CA873DEE39CF3A4, BAA8626BDA7B68176B19A99FBBD40FB2A774C8F44B56F9FFB99A1F5C16A1C555 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
16:24:48.0099 0x0d38 NdisWan - ok
16:24:48.0115 0x0d38 [ AF7E7C63DCEF3F8772726F86039D6EB4, 1CFDED48E8844138864786DBF9D5519162A6DB28F885A781934E8AFBD52EAC50 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
16:24:48.0130 0x0d38 NDProxy - ok
16:24:48.0146 0x0d38 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
16:24:48.0162 0x0d38 NetBIOS - ok
16:24:48.0177 0x0d38 [ DD52A733BF4CA5AF84562A5E2F963B91, 5CEB9664CED3D120F5408A12035748728710D41090A289CF66023CED4C838A1F ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
16:24:48.0208 0x0d38 NetBT - ok
16:24:48.0224 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] Netlogon C:\Windows\system32\lsass.exe
16:24:48.0240 0x0d38 Netlogon - ok
16:24:48.0271 0x0d38 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
16:24:48.0318 0x0d38 Netman - ok
16:24:48.0349 0x0d38 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
16:24:48.0411 0x0d38 netprofm - ok
16:24:48.0442 0x0d38 [ FE2AA5A684B0DD9B1FAE57B7817C198B, 59137B15AD038C31BEB909EC11019E08C072DD7EE611B9618B7523880453BD4F ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:24:48.0458 0x0d38 NetTcpPortSharing - ok
16:24:48.0474 0x0d38 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
16:24:48.0489 0x0d38 nfrd960 - ok
16:24:48.0520 0x0d38 [ 2226496E34BD40734946A054B1CD657F, 98392D98C9213822268971432BB55047ABD8B4EBD42483FA69BF50FB8FAD64A2 ] NlaSvc C:\Windows\System32\nlasvc.dll
16:24:48.0552 0x0d38 NlaSvc - ok
16:24:48.0552 0x0d38 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
16:24:48.0583 0x0d38 Npfs - ok
16:24:48.0583 0x0d38 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
16:24:48.0614 0x0d38 nsi - ok
16:24:48.0614 0x0d38 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
16:24:48.0661 0x0d38 nsiproxy - ok
16:24:48.0708 0x0d38 [ 3795DCD21F740EE799FB7223234215AF, B03DBFD33B201134473D23038E0BD86CFE64556754BF4EBA42C10B67AEECAEA6 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
16:24:48.0770 0x0d38 Ntfs - ok
16:24:48.0770 0x0d38 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
16:24:48.0801 0x0d38 Null - ok
16:24:49.0098 0x0d38 [ B0881DDA5A8160422561FFAB7F0008B1, 0D89792394CF44119CCBE9B1E8C0F5563ED41141C17C6B2D32B1D1C458BAC359 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:24:49.0472 0x0d38 nvlddmkm - ok
16:24:49.0519 0x0d38 [ 3F3D04B1D08D43C16EA7963954EC768D, BA82C1D3D9F4AA5F1C9729D61D4E06DB961FDF2B1E9B483D29DB308204DF0754 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
16:24:49.0534 0x0d38 nvraid - ok
16:24:49.0550 0x0d38 [ C99F251A5DE63C6F129CF71933ACED0F, 24D48A5F5D699AB0DD4D4435F8F7C6B73A924AEF8F9D1170FD644E26499546A2 ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
16:24:49.0550 0x0d38 nvstor - ok
16:24:49.0566 0x0d38 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
16:24:49.0581 0x0d38 nv_agp - ok
16:24:49.0581 0x0d38 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
16:24:49.0612 0x0d38 ohci1394 - ok
16:24:49.0659 0x0d38 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
16:24:49.0690 0x0d38 p2pimsvc - ok
16:24:49.0706 0x0d38 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
16:24:49.0737 0x0d38 p2psvc - ok
16:24:49.0768 0x0d38 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\DRIVERS\parport.sys
16:24:49.0800 0x0d38 Parport - ok
16:24:49.0800 0x0d38 [ FF4218952B51DE44FE910953A3E686B9, 871E4F8300AFE2AE770B8F00C12911A08D8BBD8E07C37A11AFF67CA92607A602 ] partmgr C:\Windows\system32\drivers\partmgr.sys
16:24:49.0815 0x0d38 partmgr - ok
16:24:49.0831 0x0d38 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\DRIVERS\parvdm.sys
16:24:49.0862 0x0d38 Parvdm - ok
16:24:49.0878 0x0d38 [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc C:\Windows\System32\pcasvc.dll
16:24:49.0893 0x0d38 PcaSvc - ok
16:24:49.0909 0x0d38 [ C858CB77C577780ECC456A892E7E7D0F, 21AE545B736739DE5A7B02CF227516BA6D02B1AAAECD8CC516CCF9F1FD710BCF ] pci C:\Windows\system32\DRIVERS\pci.sys
16:24:49.0909 0x0d38 pci - ok
16:24:49.0940 0x0d38 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
16:24:49.0940 0x0d38 pciide - ok
16:24:49.0956 0x0d38 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
16:24:49.0971 0x0d38 pcmcia - ok
16:24:49.0987 0x0d38 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
16:24:49.0987 0x0d38 pcw - ok
16:24:50.0018 0x0d38 [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
16:24:50.0143 0x0d38 PEAUTH - ok
16:24:50.0190 0x0d38 [ AF4D64D2A57B9772CF3801950B8058A6, C9C493A3775E6E1660CE5DF75DA574D0C04245FB88CF41B96217A725359C350D ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
16:24:50.0299 0x0d38 PeerDistSvc - ok
16:24:50.0361 0x0d38 [ 9C1BFF7910C89A1D12E57343475840CB, 62E00E1278BD263B2AC8CB803C31F2818C54DB143C49470FAD07731E04BD2DE3 ] pla C:\Windows\system32\pla.dll
16:24:50.0455 0x0d38 pla - ok
16:24:50.0502 0x0d38 [ 2CC2008F1296968FBA162ED9F9AFE328, 670E2BE4EB8210C9D6AEA635DFA20E390936762A22B2BB413BF9C7AF418150D6 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
16:24:50.0548 0x0d38 PlugPlay - ok
16:24:50.0564 0x0d38 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
16:24:50.0595 0x0d38 PNRPAutoReg - ok
16:24:50.0626 0x0d38 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
16:24:50.0642 0x0d38 PNRPsvc - ok
16:24:50.0689 0x0d38 [ 48E1B75C6DC0232FD92BAAE4BD344721, 5BA4EB5A60725836D8085EABF87F51160BA57E318A0C4378410217911A393CE7 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
16:24:50.0736 0x0d38 PolicyAgent - ok
16:24:50.0767 0x0d38 [ DBFF83F709A91049621C1D35DD45C92C, 0A722A44F431CAB5EA77FF5F25EB6975C2111B605564FF9FB59751067E7CD3A7 ] Power C:\Windows\system32\umpo.dll
16:24:50.0798 0x0d38 Power - ok
16:24:50.0829 0x0d38 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
16:24:50.0876 0x0d38 PptpMiniport - ok
16:24:50.0892 0x0d38 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\DRIVERS\processr.sys
16:24:50.0923 0x0d38 Processor - ok
16:24:50.0970 0x0d38 [ 630CF26F0227498B7D5A92B12548960F, 7B6E2A3C398DF2E8F63C03ED5B59BB8DA47D5C1ACA9F37438F71F35633ACD6CD ] ProfSvc C:\Windows\system32\profsvc.dll
16:24:51.0001 0x0d38 ProfSvc - ok
16:24:51.0016 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:24:51.0032 0x0d38 ProtectedStorage - ok
16:24:51.0048 0x0d38 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
16:24:51.0094 0x0d38 Psched - ok
16:24:51.0157 0x0d38 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
16:24:51.0204 0x0d38 ql2300 - ok
16:24:51.0219 0x0d38 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
16:24:51.0235 0x0d38 ql40xx - ok
16:24:51.0266 0x0d38 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
16:24:51.0297 0x0d38 QWAVE - ok
16:24:51.0297 0x0d38 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
16:24:51.0313 0x0d38 QWAVEdrv - ok
16:24:51.0344 0x0d38 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
16:24:51.0391 0x0d38 RasAcd - ok
16:24:51.0422 0x0d38 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
16:24:51.0469 0x0d38 RasAgileVpn - ok
16:24:51.0500 0x0d38 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
16:24:51.0516 0x0d38 RasAuto - ok
16:24:51.0547 0x0d38 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
16:24:51.0594 0x0d38 Rasl2tp - ok
16:24:51.0625 0x0d38 [ 0CE66EC736B7FC526D78F7624C7D2A94, D70B45AA413691CF84B24E966EBA1689955E54BDDA206380CAB7CD50F56D5CEB ] RasMan C:\Windows\System32\rasmans.dll
16:24:51.0656 0x0d38 RasMan - ok
16:24:51.0656 0x0d38 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
16:24:51.0703 0x0d38 RasPppoe - ok
16:24:51.0734 0x0d38 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
16:24:51.0750 0x0d38 RasSstp - ok
16:24:51.0765 0x0d38 [ 835D7E81BF517A3B72384BDCC85E1CE6, DC855AF17150C1B27926293115C01B5E1FD00FABCE18AFAEAB3DC68BDE4C908B ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
16:24:51.0812 0x0d38 rdbss - ok
16:24:51.0828 0x0d38 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
16:24:51.0843 0x0d38 rdpbus - ok
16:24:51.0859 0x0d38 [ 1E016846895B15A99F9A176A05029075, 78AE674B6E7D3A69099B24AC07E06563A4C867F9DCD8548E4DAAE6FC5ACA4E29 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
16:24:51.0874 0x0d38 RDPCDD - ok
16:24:51.0906 0x0d38 [ C5FF95883FFEF704D50C40D21CFB3AB5, 26CC53DDE126A6BD99F606695F063BB7FDC4BBABB9F75F7AD7A84B58C837EEAA ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
16:24:51.0968 0x0d38 RDPDR - ok
16:24:51.0999 0x0d38 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
16:24:52.0015 0x0d38 RDPENCDD - ok
16:24:52.0030 0x0d38 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
16:24:52.0077 0x0d38 RDPREFMP - ok
16:24:52.0093 0x0d38 [ 801371BA9782282892D00AADB08EE367, 884DDC24B8400E76F65F54C249053333AD29543224F9EC156C64A6BDF584DDCD ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
16:24:52.0124 0x0d38 RDPWD - ok
16:24:52.0155 0x0d38 [ 4EA225BF1CF05E158853F30A99CA29A7, F211480F13E2FE36C31110AE67ABE74E9D572D3A36BEEDE29E14ECBD8C246878 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
16:24:52.0171 0x0d38 rdyboost - ok
16:24:52.0186 0x0d38 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
16:24:52.0233 0x0d38 RemoteAccess - ok
16:24:52.0264 0x0d38 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
16:24:52.0296 0x0d38 RemoteRegistry - ok
16:24:52.0311 0x0d38 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
16:24:52.0358 0x0d38 RpcEptMapper - ok
16:24:52.0374 0x0d38 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
16:24:52.0405 0x0d38 RpcLocator - ok
16:24:52.0436 0x0d38 [ B82CD39E336973359D7C9BF911E8E84F, 45DB8F1E88FC25A81D2F3C2F8A8CDB6B34C44950B038E24FB71DCDD9823DB22A ] RpcSs C:\Windows\system32\rpcss.dll
16:24:52.0483 0x0d38 RpcSs - ok
16:24:52.0498 0x0d38 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
16:24:52.0530 0x0d38 rspndr - ok
16:24:52.0545 0x0d38 [ 5423D8437051E89DD34749F242C98648, 28FD190E13676B0FD452A73C3069B72206E2938DB2240BAA9BDB56687C748A2B ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
16:24:52.0576 0x0d38 s3cap - ok
16:24:52.0576 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] SamSs C:\Windows\system32\lsass.exe
16:24:52.0592 0x0d38 SamSs - ok
16:24:52.0608 0x0d38 [ 34EE0C44B724E3E4CE2EFF29126DE5B5, D27AAF77CB8830893558A600E19CDBF9A6AA7D69DE4B34F317ED4AFD38E8CAFB ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
16:24:52.0608 0x0d38 sbp2port - ok
16:24:52.0639 0x0d38 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
16:24:52.0701 0x0d38 SCardSvr - ok
16:24:52.0717 0x0d38 [ A95C54B2AC3CC9C73FCDF9E51A1D6B51, 8C0189A6AF9AEC46CBA4DA422C52B2D3E4858B2F2658DB6CA7996B5F368D2503 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
16:24:52.0764 0x0d38 scfilter - ok
16:24:52.0826 0x0d38 [ 3E8B0C453E25613A1F59762A5C42AA75, 86801C49664441A08F7E95031E52AD2518D61CCB945A857A18F0714351A8158C ] Schedule C:\Windows\system32\schedsvc.dll
16:24:52.0904 0x0d38 Schedule - ok
16:24:52.0920 0x0d38 [ 628A9E30EC5E18DD5DE6BE4DBDC12198, DDA43DCCB195440D6BD5752BD00D984F45BD6D23DBE2A656C33E3CD1E5D17AD7 ] SCPolicySvc C:\Windows\System32\certprop.dll
16:24:52.0951 0x0d38 SCPolicySvc - ok
16:24:52.0966 0x0d38 [ 5FD90ABDBFAEE85986802622CBB03446, 0A8D9DC09C2ACA9EAABED04737E9EBF6EFB92BB2B9E5F37F10BFDF47CBF7DEDB ] SDRSVC C:\Windows\System32\SDRSVC.dll
16:24:53.0013 0x0d38 SDRSVC - ok
16:24:53.0044 0x0d38 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
16:24:53.0091 0x0d38 secdrv - ok
16:24:53.0107 0x0d38 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
16:24:53.0154 0x0d38 seclogon - ok
16:24:53.0169 0x0d38 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\System32\sens.dll
16:24:53.0200 0x0d38 SENS - ok
16:24:53.0247 0x0d38 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
16:24:53.0294 0x0d38 SensrSvc - ok
16:24:53.0294 0x0d38 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
16:24:53.0310 0x0d38 Serenum - ok
16:24:53.0325 0x0d38 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\DRIVERS\serial.sys
16:24:53.0356 0x0d38 Serial - ok
16:24:53.0372 0x0d38 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
16:24:53.0388 0x0d38 sermouse - ok
16:24:53.0419 0x0d38 [ 8F55CE568C543D5ADF45C409D16718FC, 64D45854A91B656C1AF36EB272FDC54E9B5FB0200CB93E20F7D997DDA109EF7F ] SessionEnv C:\Windows\system32\sessenv.dll
16:24:53.0434 0x0d38 SessionEnv - ok
16:24:53.0450 0x0d38 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
16:24:53.0481 0x0d38 sffdisk - ok
16:24:53.0497 0x0d38 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
16:24:53.0528 0x0d38 sffp_mmc - ok
16:24:53.0544 0x0d38 [ 4F1E5B0FE7C8050668DBFADE8999AEFB, E36DAACC3D11F004808A3F44C471BBFDC2F33411D9F5C18B55B0DB2A6DA6E74C ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
16:24:53.0559 0x0d38 sffp_sd - ok
16:24:53.0559 0x0d38 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
16:24:53.0575 0x0d38 sfloppy - ok
16:24:53.0622 0x0d38 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
16:24:53.0653 0x0d38 SharedAccess - ok
16:24:53.0684 0x0d38 [ CD2E48FA5B29EE2B3B5858056D246EF2, B743F92D0121CF3D827753C85F1F5A14C2DAA1CAFD42C7810C3BECB853DB6175 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:24:53.0746 0x0d38 ShellHWDetection - ok
16:24:53.0778 0x0d38 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\DRIVERS\sisagp.sys
16:24:53.0778 0x0d38 sisagp - ok
16:24:53.0809 0x0d38 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:24:53.0809 0x0d38 SiSRaid2 - ok
16:24:53.0824 0x0d38 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
16:24:53.0824 0x0d38 SiSRaid4 - ok
16:24:53.0840 0x0d38 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
16:24:53.0887 0x0d38 Smb - ok
16:24:53.0934 0x0d38 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
16:24:53.0949 0x0d38 SNMPTRAP - ok
16:24:53.0949 0x0d38 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
16:24:53.0949 0x0d38 spldr - ok
16:24:53.0980 0x0d38 [ 49B6DD6AB3715B7A67965F17194E98A9, 331D69F3630BA978AC13471A2E7465351D04416343A595C62B94BADFFCD02B3A ] Spooler C:\Windows\System32\spoolsv.exe
16:24:53.0996 0x0d38 Spooler - ok
16:24:54.0090 0x0d38 [ 4C287F9069FEDBD791178876EE9DE536, 6099E76FF6FBA002EBA2BA7BE4E3238D91332E077524D1DD402E0C9ADA22E852 ] sppsvc C:\Windows\system32\sppsvc.exe
16:24:54.0214 0x0d38 sppsvc - ok
16:24:54.0230 0x0d38 [ D8E3E19EEBDAB49DD4A8D3062EAD4EC7, E7A8A5774C62DC12B56DC3E0A385ACA9069F3A5E6AC664AD0C383EF44DCF81B3 ] sppuinotify C:\Windows\system32\sppuinotify.dll
16:24:54.0277 0x0d38 sppuinotify - ok
16:24:54.0324 0x0d38 [ 2BA4EBC7DFBA845A1EDBE1F75913BE33, 58D0B957469D55026A53C3963508C8B36BDB360A0A5B870332B79A39200DB3AC ] srv C:\Windows\system32\DRIVERS\srv.sys
16:24:54.0355 0x0d38 srv - ok
16:24:54.0355 0x0d38 [ DCE7E10FEAABD4CAE95948B3DE5340BB, B1E9CD14DC24BB161EFC83D83CE95D0A98008AD790041785C6C8B87564A491D7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
16:24:54.0386 0x0d38 srv2 - ok
16:24:54.0402 0x0d38 [ B5665BAA2120B8A54E22E9CD07C05106, 86E50853D412ACDC752AD182ED52B49DD679D75843E1E9D6A6425E750594692C ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
16:24:54.0433 0x0d38 srvnet - ok
16:24:54.0448 0x0d38 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
16:24:54.0480 0x0d38 SSDPSRV - ok
16:24:54.0495 0x0d38 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
16:24:54.0542 0x0d38 SstpSvc - ok
16:24:54.0542 0x0d38 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
16:24:54.0558 0x0d38 stexstor - ok
16:24:54.0589 0x0d38 [ A22825E7BB7018E8AF3E229A5AF17221, 5C97557F8BC6ABBB5BE624AE41AAC22C3D845F76C3E930337A4C07B2381086D7 ] StiSvc C:\Windows\System32\wiaservc.dll
16:24:54.0636 0x0d38 StiSvc - ok
16:24:54.0651 0x0d38 [ 957E346CA948668F2496A6CCF6FF82CC, 5C0E0F0E0F2D36E3213885C60BC3B075AFD2257FEB4B8186FC1FE253E0C218AF ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
16:24:54.0667 0x0d38 storflt - ok
16:24:54.0682 0x0d38 [ 0BF669F0A910BEDA4A32258D363AF2A5, 83EEBACDE4F69A2866B69CAA633F5C8B3CB01D88CEDB01B6EA5988E0A25CEE47 ] StorSvc C:\Windows\system32\storsvc.dll
16:24:54.0698 0x0d38 StorSvc - ok
16:24:54.0714 0x0d38 [ D5751969DC3E4B88BF482AC8EC9FE019, DAEB50C0045364C75965B0E94744C6E2E1E85C8D00F1E8A5593F3EC780BDD7D9 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
16:24:54.0729 0x0d38 storvsc - ok
16:24:54.0745 0x0d38 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
16:24:54.0745 0x0d38 swenum - ok
16:24:54.0776 0x0d38 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
16:24:54.0823 0x0d38 swprv - ok
16:24:54.0870 0x0d38 [ 04105C8DA62353589C29BDAEB8D88BD8, CC7A3A779A143E09FE5C0AA6795A7B13496C4E121347949CB23F7946EE5E2DED ] SysMain C:\Windows\system32\sysmain.dll
16:24:54.0948 0x0d38 SysMain - ok
16:24:54.0948 0x0d38 [ FCFB6C552FBC0DA299799CBD50AD9FD4, A2A90829087B1A7F9B57D6F184EB4AE38D10B2986B0DC8D2ACA5EE9412CA3976 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:24:54.0979 0x0d38 TabletInputService - ok
16:24:55.0010 0x0d38 [ 2F46B0C70A4ADC8C90CF825DA3B4FEAF, FF66CBA014F3F8B721088F5AB3D004C1711E7F587CC8D4AC3DCFB45CDB746800 ] TapiSrv C:\Windows\System32\tapisrv.dll
16:24:55.0057 0x0d38 TapiSrv - ok
16:24:55.0088 0x0d38 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
16:24:55.0135 0x0d38 TBS - ok
16:24:55.0197 0x0d38 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
16:24:55.0306 0x0d38 Tcpip - ok
16:24:55.0353 0x0d38 [ 2CC3D75488ABD3EC628BBB9A4FC84EFC, 62917CDBC6529D1CC3D7F6E211C717DC44033955749333DCBD052F9BF6639767 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
16:24:55.0384 0x0d38 TCPIP6 - ok
16:24:55.0416 0x0d38 [ E64444523ADD154F86567C469BC0B17F, FBE8A1DC28C102068183754F6BF0D03F5D18FD24BEB7E4B57D1CFCEBB13B381F ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
16:24:55.0447 0x0d38 tcpipreg - ok
16:24:55.0478 0x0d38 [ 1875C1490D99E70E449E3AFAE9FCBADF, FFDF03826DAB748D51B53B648B632E79B3CD6238F684FDEA749B4D0F93BE5A77 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
16:24:55.0494 0x0d38 TDPIPE - ok
16:24:55.0494 0x0d38 [ 7551E91EA999EE9A8E9C331D5A9C31F3, C98C97DFD6C7276CD999545A7BC67B56E1BDDFB2886412E9198012322F95A10D ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
16:24:55.0540 0x0d38 TDTCP - ok
16:24:55.0556 0x0d38 [ CB39E896A2A83702D1737BFD402B3542, FA77D98EA3606CA2FCEF0E0949FDE2C32A080B47CAFDE46CE903CA3CBFC5DF35 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
16:24:55.0572 0x0d38 tdx - ok
16:24:55.0587 0x0d38 [ C36F41EE20E6999DBF4B0425963268A5, 9DB789A17DF2C283D6E803EEA15F2BDFC56EE3BE342A5606DD5C179C3550ECA6 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
16:24:55.0587 0x0d38 TermDD - ok
16:24:55.0634 0x0d38 [ A01E50A04D7B1960B33E92B9080E6A94, 0512BF11F2FD62BDBD2B1AA34D509BE82AC374C37B925C8C0ED119C6331930FD ] TermService C:\Windows\System32\termsrv.dll
16:24:55.0712 0x0d38 TermService - ok
16:24:55.0728 0x0d38 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
16:24:55.0759 0x0d38 Themes - ok
16:24:55.0790 0x0d38 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
16:24:55.0806 0x0d38 THREADORDER - ok
16:24:55.0837 0x0d38 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
16:24:55.0868 0x0d38 TrkWks - ok
16:24:55.0915 0x0d38 [ 41A4C781D2286208D397D72099304133, 447CAAD5589AA499EEE49FBA2CB53210359DB76AFF1DF2F0BD4D92A397037C1D ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:24:55.0946 0x0d38 TrustedInstaller - ok
16:24:55.0962 0x0d38 [ 98AE6FA07D12CB4EC5CF4A9BFA5F4242, 9606DACB8CBDAF520282BE8C8F064535767405F138D9E9A215D2C59183E93CC1 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
16:24:55.0977 0x0d38 tssecsrv - ok
16:24:56.0008 0x0d38 [ 3E461D890A97F9D4C168F5FDA36E1D00, 82A8778F404F7AC5102802CF46F279F1E58AC74244665D06FD0C68A8BD887536 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
16:24:56.0040 0x0d38 tunnel - ok
16:24:56.0055 0x0d38 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
16:24:56.0055 0x0d38 uagp35 - ok
16:24:56.0086 0x0d38 [ 09CC3E16F8E5EE7168E01CF8FCBE061A, 81EEAC72A7C4D72666C743DEFF8096FDB465AA1FA8076C60D19CC192846F01CA ] udfs C:\Windows\system32\DRIVERS\udfs.sys
16:24:56.0118 0x0d38 udfs - ok
16:24:56.0133 0x0d38 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
16:24:56.0180 0x0d38 UI0Detect - ok
16:24:56.0196 0x0d38 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
16:24:56.0211 0x0d38 uliagpkx - ok
16:24:56.0289 0x0d38 [ 049B3A50B3D646BAEEEE9EEC9B0668DC, 5774438BBD0976424C20559E14BA2AC158D9FF5D4E1FDC1C9C9F4D7A5CE8C377 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
16:24:56.0320 0x0d38 umbus - ok
16:24:56.0352 0x0d38 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
16:24:56.0383 0x0d38 UmPass - ok
16:24:56.0414 0x0d38 [ 8ECACA5454844F66386F7BE4AE0D7CD1, F3B02A9F598C6A9EFA019F5833959DD1A86FDFDB9FDDF99A8687BBB6211AAD00 ] UmRdpService C:\Windows\System32\umrdp.dll
16:24:56.0445 0x0d38 UmRdpService - ok
16:24:56.0461 0x0d38 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
16:24:56.0508 0x0d38 upnphost - ok
16:24:56.0523 0x0d38 [ 8455C4ED038EFD09E99327F9D2D48FFA, D166F98EA3D85F7DD6B5258949C186714A17EF89B6FDC9804165F7B4FA811C30 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
16:24:56.0554 0x0d38 usbccgp - ok
16:24:56.0601 0x0d38 [ 04EC7CEC62EC3B6D9354EEE93327FC82, 6CB41D8644618A5F701F6CA91FB65BB94AA83EA48992133B5262DC539B334B2E ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
16:24:56.0617 0x0d38 usbcir - ok
16:24:56.0617 0x0d38 [ 1C333BFD60F2FED2C7AD5DAF533CB742, 97AE9CA39482B886FCD063E80B8AB153E1FC1459452657393D8B1745EF69E1C3 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
16:24:56.0648 0x0d38 usbehci - ok
16:24:56.0679 0x0d38 [ EE6EF93CCFA94FAE8C6AB298273D8AE2, CBEE16CEAD02E994F0C2AD77DD8C01CB9964C6B42DE49FF7A787849CD25767B4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
16:24:56.0695 0x0d38 usbhub - ok
16:24:56.0710 0x0d38 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
16:24:56.0742 0x0d38 usbohci - ok
16:24:56.0742 0x0d38 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
16:24:56.0757 0x0d38 usbprint - ok
16:24:56.0773 0x0d38 [ D8889D56E0D27E57ED4591837FE71D27, DB1B65EEBFB036086EC3347C1181D9D01FF65870EAEC4A1BA08AF43C35075647 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:24:56.0788 0x0d38 USBSTOR - ok
16:24:56.0804 0x0d38 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
16:24:56.0820 0x0d38 usbuhci - ok
16:24:56.0851 0x0d38 [ F642A7E4BF78CFA359CCA0A3557C28D7, 12F1ABDD5C871147AFC682BCEF099F319A4F542AC3F0B647D7A5DFE63EDAE061 ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
16:24:56.0866 0x0d38 usbvideo - ok
16:24:56.0898 0x0d38 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
16:24:56.0944 0x0d38 UxSms - ok
16:24:56.0976 0x0d38 [ F42309C4191C506B71DB5D1126D26318, 29B0A8889857CEBFA6CBD795D5EECDDFFA04E794BD3C73FC488725B2A160F326 ] VaultSvc C:\Windows\system32\lsass.exe
16:24:56.0976 0x0d38 VaultSvc - ok
16:24:57.0007 0x0d38 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
16:24:57.0007 0x0d38 vdrvroot - ok
16:24:57.0038 0x0d38 [ 8C4E7C49D3641BC9E299E466A7F8867D, 4F2E742EFE2DE47EE187B3BCDFDCB525FE484B74700A226D7894F9633F957AFA ] vds C:\Windows\System32\vds.exe
16:24:57.0100 0x0d38 vds - ok
16:24:57.0116 0x0d38 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
16:24:57.0132 0x0d38 vga - ok
16:24:57.0147 0x0d38 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
16:24:57.0163 0x0d38 VgaSave - ok
16:24:57.0178 0x0d38 [ 3BE6E1F3A4F1AFEC8CEE0D7883F93583, 33DF8F7C9A3176175113CA10D69FAF17A5412C055943F14DDC9923531FADB82D ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
16:24:57.0194 0x0d38 vhdmp - ok
16:24:57.0210 0x0d38 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\DRIVERS\viaagp.sys
16:24:57.0225 0x0d38 viaagp - ok
16:24:57.0225 0x0d38 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\DRIVERS\viac7.sys
16:24:57.0256 0x0d38 ViaC7 - ok
16:24:57.0272 0x0d38 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
16:24:57.0272 0x0d38 viaide - ok
16:24:57.0319 0x0d38 [ 379B349F65F453D2A6E75EA6B7448E49, F52B1B3AE9F5D38B45C889A7B1EBE59533C17E73678D355D1466B5EF3338BF16 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
16:24:57.0319 0x0d38 vmbus - ok
16:24:57.0334 0x0d38 [ EC2BBAB4B84D0738C6C83D2234DC36FE, 8BA2FA187DAC6994D5A29897AE5F46E6424FB53C827553E0BB148E31825D6676 ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
16:24:57.0350 0x0d38 VMBusHID - ok
16:24:57.0350 0x0d38 [ 384E5A2AA49934295171E499F86BA6F3, C79271F98506392422325C075144F45436F9979FE1E002B57F9426F3DA96CEF0 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
16:24:57.0366 0x0d38 volmgr - ok
16:24:57.0381 0x0d38 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
16:24:57.0397 0x0d38 volmgrx - ok
16:24:57.0412 0x0d38 [ 58DF9D2481A56EDDE167E51B334D44FD, C77D7BE83CF1C0DEC80429C5A519E794FD2E8C1E6DAD6F5C92B5EB5694CEB8EA ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
16:24:57.0428 0x0d38 volsnap - ok
16:24:57.0428 0x0d38 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
16:24:57.0444 0x0d38 vsmraid - ok
16:24:57.0490 0x0d38 [ 7EA2BCD94D9CFAF4C556F5CC94532A6C, 7CD6637BE0A08E3B0F9991D79751DCA8AEC9224B83301821DAA29C9F42B7A9E3 ] VSS C:\Windows\system32\vssvc.exe
16:24:57.0553 0x0d38 VSS - ok
16:24:57.0568 0x0d38 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
16:24:57.0584 0x0d38 vwifibus - ok
16:24:57.0600 0x0d38 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
16:24:57.0631 0x0d38 W32Time - ok
16:24:57.0662 0x0d38 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
16:24:57.0662 0x0d38 WacomPen - ok
16:24:57.0693 0x0d38 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
16:24:57.0709 0x0d38 WANARP - ok
16:24:57.0724 0x0d38 [ 692A712062146E96D28BA0B7D75DE31B, B6D260272330E0C8EBFAD8F09212F48F1EFED42E6BD3F29A5780D0B691D55B34 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
16:24:57.0740 0x0d38 Wanarpv6 - ok
16:24:57.0787 0x0d38 [ 7790B77FE1E5EE47DCC66247095BB4C9, FFB541F83CDE32E65007D41217C2F46CDDF68121E2846B638EAB620ACA940B05 ] wbengine C:\Windows\system32\wbengine.exe
16:24:57.0865 0x0d38 wbengine - ok
16:24:57.0865 0x0d38 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
16:24:57.0880 0x0d38 WbioSrvc - ok
16:24:57.0896 0x0d38 [ D0F88AA11EE1A62BCC6D6A8A7783CA11, 3DBC1806E6F8CD58A9E93EA2A0CDC83C1A90E37B5E385209E4D9A0C81922F447 ] wcncsvc C:\Windows\System32\wcncsvc.dll
16:24:57.0943 0x0d38 wcncsvc - ok
16:24:57.0958 0x0d38 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:24:58.0005 0x0d38 WcsPlugInService - ok
16:24:58.0021 0x0d38 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\DRIVERS\wd.sys
16:24:58.0036 0x0d38 Wd - ok
16:24:58.0052 0x0d38 [ 9950E3D0F08141C7E89E64456AE7DC73, DE4B96812B305A63F5874BBF2DC40354FB45B3D96C1D33436E677099760BA448 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
16:24:58.0068 0x0d38 Wdf01000 - ok
16:24:58.0083 0x0d38 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
16:24:58.0130 0x0d38 WdiServiceHost - ok
16:24:58.0130 0x0d38 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
16:24:58.0146 0x0d38 WdiSystemHost - ok
16:24:58.0177 0x0d38 [ D87C7D2C517F82A5AB7A73E203063D9E, 8861AB4ECEDAE801008BE0406FCB19418AA2864E89D0776B94E25773E6DB5E88 ] WebClient C:\Windows\System32\webclnt.dll
16:24:58.0239 0x0d38 WebClient - ok
16:24:58.0255 0x0d38 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
16:24:58.0286 0x0d38 Wecsvc - ok
16:24:58.0286 0x0d38 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
16:24:58.0333 0x0d38 wercplsupport - ok
16:24:58.0380 0x0d38 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
16:24:58.0411 0x0d38 WerSvc - ok
16:24:58.0442 0x0d38 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
16:24:58.0458 0x0d38 WfpLwf - ok
16:24:58.0473 0x0d38 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
16:24:58.0489 0x0d38 WIMMount - ok
16:24:58.0536 0x0d38 [ 3FAE8F94296001C32EAB62CD7D82E0FD, 180FAECC426CF8F46700C855022E5865D528B1A20686F96D11080AB2FE2E0430 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
16:24:58.0582 0x0d38 WinDefend - ok
16:24:58.0582 0x0d38 WinHttpAutoProxySvc - ok
16:24:58.0629 0x0d38 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
16:24:58.0676 0x0d38 Winmgmt - ok
16:24:58.0738 0x0d38 [ C4F5D3901D1B41D602DDC196E0B95B51, 20FF2A9DEE3ECBFB163DFA62A407E30ED49F609EF46936F286C2A08A24EA3E7C ] WinRM C:\Windows\system32\WsmSvc.dll
16:24:58.0832 0x0d38 WinRM - ok
16:24:58.0879 0x0d38 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
16:24:58.0957 0x0d38 Wlansvc - ok
16:24:58.0988 0x0d38 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
16:24:58.0988 0x0d38 WmiAcpi - ok
16:24:59.0019 0x0d38 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
16:24:59.0050 0x0d38 wmiApSrv - ok
16:24:59.0128 0x0d38 [ 77FBD400984CF72BA0FC4B3489D65F74, 9AA404F17177FEB43A9EA1A86061B452E7C4A93C873E61B68269047519CD433E ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
16:24:59.0222 0x0d38 WMPNetworkSvc - ok
16:24:59.0253 0x0d38 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
16:24:59.0269 0x0d38 WPCSvc - ok
16:24:59.0284 0x0d38 [ B7F658A2EBC07129538AD9AB35212637, 86774A760189E4B126C972A778F890C00C1C30EDD28044DD43B40644A8778B4D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
16:24:59.0300 0x0d38 WPDBusEnum - ok
16:24:59.0300 0x0d38 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
16:24:59.0347 0x0d38 ws2ifsl - ok
16:24:59.0362 0x0d38 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\System32\wscsvc.dll
16:24:59.0409 0x0d38 wscsvc - ok
16:24:59.0409 0x0d38 WSearch - ok
16:24:59.0503 0x0d38 [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv C:\Windows\system32\wuaueng.dll
16:24:59.0581 0x0d38 wuauserv - ok
16:24:59.0596 0x0d38 [ 6F9B6C0C93232CFF47D0F72D6DB1D21E, C685A458951820ED0F09E6197251CE6FC55AAB75D4FBEFF2992805309239A47A ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
16:24:59.0643 0x0d38 WudfPf - ok
16:24:59.0674 0x0d38 [ F91FF1E51FCA30B3C3981DB7D5924252, D7052B58F22638CA8B59C6FD7408D6D6DD1C33910912CACC05C133472CE0DDCE ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
16:24:59.0706 0x0d38 WUDFRd - ok
16:24:59.0721 0x0d38 [ DDEE3682FE97037C45F4D7AB467CB8B6, D5A8F07AF4EDD9D7E17FEC6222D187E2981C177A479511E407756E0E5CB8D387 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
16:24:59.0768 0x0d38 wudfsvc - ok
16:24:59.0784 0x0d38 [ FF2D745B560F7C71B31F30F4D49F73D2, B2FBF7E5F58E34AC64FE6CF65800F1F07939279203BDE89375FAC92B884A4F37 ] WwanSvc C:\Windows\System32\wwansvc.dll
16:24:59.0830 0x0d38 WwanSvc - ok
16:24:59.0846 0x0d38 ================ Scan global ===============================
16:24:59.0877 0x0d38 [ 9A595DF601070DA78C40481120DD2C06, 4C2D6216F212DE9346339ED29152962A39E4435E70F18DD655156727E70818F6 ] C:\Windows\system32\basesrv.dll
16:24:59.0893 0x0d38 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
16:24:59.0908 0x0d38 [ 827E4F75901CA3F990B1487D3301841E, A0B17C83D52DB95EDBA81C6ABD78E5E4E3BB65CB57F977B07172A96D4C2B743B ] C:\Windows\system32\winsrv.dll
16:24:59.0924 0x0d38 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
16:24:59.0955 0x0d38 [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
16:24:59.0971 0x0d38 [ Global ] - ok
16:24:59.0971 0x0d38 ================ Scan MBR ==================================
16:24:59.0971 0x0d38 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:25:00.0205 0x0d38 \Device\Harddisk0\DR0 - ok
16:25:00.0220 0x0d38 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
16:25:00.0376 0x0d38 \Device\Harddisk1\DR1 - ok
16:25:00.0376 0x0d38 ================ Scan VBR ==================================
16:25:00.0392 0x0d38 [ B484DD4AEDC500EFC2B63563447978CD ] \Device\Harddisk0\DR0\Partition1
16:25:00.0392 0x0d38 \Device\Harddisk0\DR0\Partition1 - ok
16:25:00.0392 0x0d38 [ E7209B150E6B7ED08C57E02057C869BF ] \Device\Harddisk0\DR0\Partition2
16:25:00.0392 0x0d38 \Device\Harddisk0\DR0\Partition2 - ok
16:25:00.0392 0x0d38 [ CBC436868EFF78E88EE7E6F9A6C721EC ] \Device\Harddisk1\DR1\Partition1
16:25:00.0392 0x0d38 \Device\Harddisk1\DR1\Partition1 - ok
16:25:00.0392 0x0d38 [ C64103FFB18E3D49843A98B0714F3236 ] \Device\Harddisk1\DR1\Partition2
16:25:00.0454 0x0d38 \Device\Harddisk1\DR1\Partition2 - ok
16:25:00.0454 0x0d38 ================ Scan generic autorun ======================
16:25:00.0517 0x0d38 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:25:00.0579 0x0d38 Sidebar - ok
16:25:00.0595 0x0d38 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
16:25:00.0610 0x0d38 mctadmin - ok
16:25:00.0657 0x0d38 [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files\Windows Sidebar\Sidebar.exe
16:25:00.0688 0x0d38 Sidebar - ok
16:25:00.0704 0x0d38 [ BBA1A5B86134F496B926DDAF247DB871, 636990AE49C55189B7EF69C419787440B57EC0BAD98A9C280E1028F741BB222E ] C:\Windows\System32\mctadmin.exe
16:25:00.0720 0x0d38 mctadmin - ok
16:25:00.0720 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:01.0734 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:02.0748 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:03.0762 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:04.0776 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:05.0790 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:06.0804 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:07.0818 0x0d38 Waiting for KSN requests completion. In queue: 328
16:25:08.0832 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:09.0846 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:10.0860 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:11.0874 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:12.0888 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:13.0902 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:14.0916 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:15.0930 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:16.0944 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:17.0958 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:18.0972 0x0d38 Waiting for KSN requests completion. In queue: 309
16:25:19.0986 0x0d38 Win FW state via NFP2: enabled
16:25:22.0794 0x0d38 ============================================================
16:25:22.0794 0x0d38 Scan finished
16:25:22.0794 0x0d38 ============================================================
16:25:22.0794 0x07c8 Detected object count: 0
16:25:22.0794 0x07c8 Actual detected object count: 0
16:25:27.0754 0x0d5c Deinitialize success
Combofix Log: Code:
ATTFilter ComboFix 14-10-29.01 - Luca 06.11.2014 16:27:57.1.4 - x86
Microsoft Windows 7 Professional 6.1.7600.0.1252.49.1031.18.3070.2394 [GMT 1:00]
ausgeführt von:: c:\users\Luca\Desktop\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Neuer Wiederherstellungspunkt wurde erstellt
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
D:\Autorun.inf
.
.
((((((((((((((((((((((( Dateien erstellt von 2014-10-06 bis 2014-11-06 ))))))))))))))))))))))))))))))
.
.
2014-11-06 15:30 . 2014-11-06 15:30 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-11-05 20:38 . 2014-11-05 20:38 -------- d-----w- C:\TDSSKiller_Quarantine
2014-11-04 18:21 . 2014-11-04 18:22 -------- d-----w- C:\FRST
2014-11-04 16:26 . 2014-10-20 01:37 8901368 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{9BA8DCC2-66FF-4B8C-8E72-7D3A4B34B194}\mpengine.dll
2014-11-04 16:11 . 2014-11-04 16:12 -------- d-----w- c:\program files\Mozilla Maintenance Service
2014-11-04 16:11 . 2014-11-05 20:46 -------- d-----w- c:\windows\system32\wbem\Performance
2014-11-04 16:08 . 2012-06-02 22:19 53784 ----a-w- c:\windows\system32\wuauclt.exe
2014-11-04 16:08 . 2012-06-02 22:19 45080 ----a-w- c:\windows\system32\wups2.dll
2014-11-04 16:08 . 2012-06-02 22:19 1933848 ----a-w- c:\windows\system32\wuaueng.dll
2014-11-04 16:08 . 2012-06-02 22:12 2422272 ----a-w- c:\windows\system32\wucltux.dll
2014-11-04 16:08 . 2012-06-02 22:19 35864 ----a-w- c:\windows\system32\wups.dll
2014-11-04 16:08 . 2012-06-02 22:19 577048 ----a-w- c:\windows\system32\wuapi.dll
2014-11-04 16:08 . 2012-06-02 22:12 88576 ----a-w- c:\windows\system32\wudriver.dll
2014-11-04 16:08 . 2012-06-02 14:19 171904 ----a-w- c:\windows\system32\wuwebv.dll
2014-11-04 16:08 . 2012-06-02 14:12 33792 ----a-w- c:\windows\system32\wuapp.exe
2014-11-04 15:27 . 2014-11-04 16:07 -------- d-----w- c:\windows\Panther
2014-11-03 09:00 . 2014-11-04 16:07 -------- d-----w- C:\Recovery
2014-11-03 01:23 . 2014-11-03 02:09 -------- d-----w- C:\$WINDOWS.~Q
2014-11-03 01:15 . 2014-11-03 01:18 -------- d-----w- C:\$INPLACE.~TR
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - 35262835
*Deregistered* - 35262835
.
.
------- Zusätzlicher Suchlauf -------
.
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\gh1f46xm.default\
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-11-06 16:32:24
ComboFix-quarantined-files.txt 2014-11-06 15:32
.
Vor Suchlauf: 12 Verzeichnis(se), 403.778.854.912 Bytes frei
Nach Suchlauf: 19 Verzeichnis(se), 403.704.721.408 Bytes frei
.
- - End Of File - - 29E334A1DE38CD82255C007C7C5FEC7B
A36C5E4F47E84449FF07ED3517B43A31
|
|
07.11.2014, 08:44
| #8 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
07.11.2014, 11:46
| #9 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Und einmal alle logs. Mbam Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 07.11.2014 Suchlauf-Zeit: 11:01:03 Logdatei: mbam.txt Administrator: Ja Version: 2.00.3.1025 Malware Datenbank: v2014.11.07.02 Rootkit Datenbank: v2014.11.01.02 Lizenz: Kostenlos Malware Schutz: Deaktiviert Bösartiger Webseiten Schutz: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 CPU: x86 Dateisystem: NTFS Benutzer: Luca Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 285535 Verstrichene Zeit: 6 Min, 35 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 0 (Keine schädliche Elemente erkannt) Dateien: 0 (Keine schädliche Elemente erkannt) Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Code:
ATTFilter # AdwCleaner v4.002 - Bericht erstellt am 07/11/2014 um 11:13:32
# DB v2014-11-02.1
# Aktualisiert 27/10/2014 von Xplode
# Betriebssystem : Windows 7 Professional (32 bits)
# Benutzername : Luca - CEROX
# Gestartet von : C:\Users\Luca\Desktop\AdwCleaner_4.002.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
***** [ Browser ] *****
-\\ Internet Explorer v8.0.7600.16385
-\\ Mozilla Firefox v33.0.2 (x86 de)
*************************
AdwCleaner[R0].txt - [871 octets] - [07/11/2014 11:12:28]
AdwCleaner[S0].txt - [785 octets] - [07/11/2014 11:13:32]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [844 octets] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.6 (11.05.2014:1)
OS: Windows 7 Professional x86
Ran by Luca on 07.11.2014 at 11:24:02,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 07.11.2014 at 11:25:10,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 04-11-2014 Ran by Luca (administrator) on CEROX on 07-11-2014 11:41:28 Running from C:\Users\Luca\Downloads Loaded Profile: Luca (Available profiles: Luca) Platform: Microsoft Windows 7 Professional (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe (Microsoft Corporation) C:\Windows\System32\mobsync.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B9E38A949F8CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4223536495-2468334825-2304086249-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\gh1f46xm.default FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 catchme; \??\C:\Users\Luca\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 11:25 - 2014-11-07 11:25 - 00000624 _____ () C:\Users\Luca\Desktop\JRT.txt 2014-11-07 11:24 - 2014-11-07 11:24 - 00000000 ____D () C:\Windows\ERUNT 2014-11-07 11:22 - 2014-11-07 11:22 - 01706939 _____ (Thisisu) C:\Users\Luca\Downloads\JRT.exe 2014-11-07 11:20 - 2014-11-07 11:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-07 11:16 - 2014-11-07 11:16 - 00000923 _____ () C:\Users\Luca\Desktop\AdwCleaner[S0].txt 2014-11-07 11:14 - 2014-11-07 11:14 - 00001018 _____ () C:\Windows\PFRO.log 2014-11-07 11:12 - 2014-11-07 11:13 - 00000000 ____D () C:\AdwCleaner 2014-11-07 11:11 - 2014-11-07 11:11 - 01998336 _____ () C:\Users\Luca\Desktop\AdwCleaner_4.002.exe 2014-11-07 11:10 - 2014-11-07 11:10 - 00001186 _____ () C:\Users\Luca\Desktop\mbam.txt 2014-11-07 10:59 - 2014-11-07 11:00 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-07 10:59 - 2014-11-07 10:59 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-11-07 10:59 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-07 10:59 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-07 10:59 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-07 10:58 - 2014-11-07 10:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Luca\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-06 16:40 - 2014-11-06 16:40 - 00093636 _____ () C:\Users\Luca\Desktop\kopie.txt 2014-11-06 16:32 - 2014-11-06 16:32 - 00003616 _____ () C:\ComboFix.txt 2014-11-06 16:26 - 2014-11-06 16:32 - 00000000 ____D () C:\Qoobox 2014-11-06 16:26 - 2014-11-06 16:31 - 00000000 ____D () C:\Windows\erdnt 2014-11-06 16:26 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-06 16:26 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-06 16:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-06 16:25 - 2014-11-06 16:25 - 05591672 ____R (Swearware) C:\Users\Luca\Desktop\ComboFix.exe 2014-11-05 21:38 - 2014-11-05 21:38 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-11-04 21:51 - 2014-11-04 21:51 - 00057560 _____ () C:\Users\Luca\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-04 20:14 - 2014-11-04 20:14 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Luca\Desktop\tdsskiller.exe 2014-11-04 19:23 - 2014-11-04 19:23 - 00380416 _____ () C:\Users\Luca\Downloads\u9ef9q2k.exe 2014-11-04 19:22 - 2014-11-04 19:22 - 00004793 _____ () C:\Users\Luca\Downloads\Addition.txt 2014-11-04 19:21 - 2014-11-07 11:41 - 00002963 _____ () C:\Users\Luca\Downloads\FRST.txt 2014-11-04 19:21 - 2014-11-07 11:41 - 00000000 ____D () C:\FRST 2014-11-04 19:20 - 2014-11-04 19:20 - 01106432 _____ (Farbar) C:\Users\Luca\Downloads\FRST.exe 2014-11-04 19:19 - 2014-11-04 19:19 - 00000470 _____ () C:\Users\Luca\Desktop\defogger_disable.log 2014-11-04 19:19 - 2014-11-04 19:19 - 00000000 _____ () C:\Users\Luca\defogger_reenable 2014-11-04 19:16 - 2014-11-04 19:16 - 00050477 _____ () C:\Users\Luca\Desktop\Defogger.exe 2014-11-04 17:13 - 2014-11-07 11:19 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 17:12 - 2014-11-04 17:12 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-04 17:12 - 2014-11-04 17:12 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Roaming\Mozilla 2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Local\Mozilla 2014-11-04 17:11 - 2014-11-07 11:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-04 17:11 - 2014-11-04 17:11 - 00000000 ____D () C:\ProgramData\Mozilla 2014-11-04 17:08 - 2014-11-04 17:08 - 00001419 _____ () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-04 17:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-04 17:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-04 17:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-04 17:08 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-04 17:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-04 17:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-04 17:07 - 2014-11-04 19:19 - 00000000 ____D () C:\Users\Luca 2014-11-04 17:07 - 2014-11-04 17:07 - 00000020 ___SH () C:\Users\Luca\ntuser.ini 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Netzwerkumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Druckumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 ____D () C:\Users\Luca\AppData\Local\VirtualStore 2014-11-04 17:07 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-04 17:07 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-04 16:33 - 2014-11-04 16:33 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-11-04 16:33 - 2014-11-04 16:33 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-11-04 16:32 - 2014-11-07 11:14 - 00115490 _____ () C:\Windows\WindowsUpdate.log 2014-11-04 16:32 - 2014-11-04 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-11-04 16:29 - 2014-11-04 16:33 - 00001313 _____ () C:\Windows\TSSysprep.log 2014-11-04 16:27 - 2014-11-04 17:07 - 00000000 ____D () C:\Windows\Panther 2014-11-03 10:00 - 2014-11-04 17:07 - 00000000 ____D () C:\Recovery 2014-11-03 02:23 - 2014-11-03 03:09 - 00000000 ____D () C:\$WINDOWS.~Q 2014-11-03 02:15 - 2014-11-03 02:18 - 00000000 ____D () C:\$INPLACE.~TR ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-07 11:14 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-07 11:14 - 2009-07-14 05:39 - 00022513 _____ () C:\Windows\setupact.log 2014-11-07 11:14 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-07 11:14 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-06 16:32 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default 2014-11-06 16:32 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public 2014-11-06 16:30 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2014-11-06 16:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-11-04 22:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-11-04 20:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-11-04 17:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-04 17:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore 2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery 2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-04 16:41 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-04 16:40 - 2009-07-14 05:39 - 00000269 _____ () C:\Windows\setuperr.log 2014-11-04 16:33 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-04 16:29 - 2009-07-14 09:57 - 00000000 ____D () C:\Windows\CSC 2014-11-04 16:29 - 2009-07-14 05:34 - 00001774 _____ () C:\Windows\DtcInstall.log 2014-11-04 16:27 - 2014-07-30 13:27 - 00008192 __RSH () C:\BOOTSECT.BAK 2014-11-04 16:27 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-11-04 16:27 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template Some content of TEMP: ==================== C:\Users\Luca\AppData\Local\temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-05 15:50 ==================== End Of Log ============================ |
|
08.11.2014, 07:34
| #10 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw GarnichtESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.11.2014, 12:44
| #11 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Hier der Eset Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=91f240ba852af04588c114ba830d2393
# engine=20990
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-08 11:33:18
# local_time=2014-11-08 12:33:18 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7600 NT
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 160106 167885141 0 0
# scanned=140692
# found=8
# cleaned=0
# scan_time=6713
sh=2D744A67C411FA675D9CF809A694F1D23F5C2202 ft=1 fh=d8a5a044dca8b57f vn="Win32/Olmarik.AFK Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\05.11.2014_15.28.53\tdlfs0000\tsk0003.dta"
sh=797AF4ED223C2105CA9EA784DE6E9E9DF057AD8F ft=1 fh=eed87f3eb17e6af1 vn="Win64/Olmarik.R Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\05.11.2014_15.28.53\tdlfs0000\tsk0004.dta"
sh=ADF8E07C15A188992917D3F1CC6DC0DF6009F136 ft=1 fh=2b0c26690541398a vn="Variante von Win32/Kryptik.ORF Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\05.11.2014_15.28.53\tdlfs0000\tsk0005.dta"
sh=9590CC855ED1FEEA5BC331C01FBFB9C803B4BE9B ft=1 fh=a2c3c251c69325d9 vn="Win32/Olmarik.ADZ Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\05.11.2014_15.28.53\tdlfs0000\tsk0006.dta"
sh=5DDCD3ADC731EECF0554C8CD62EE70A57E6ECA20 ft=1 fh=b8e8029d98b1e3c7 vn="Win64/Olmarik.A Trojaner" ac=I fn="C:\TDSSKiller_Quarantine\05.11.2014_15.28.53\tdlfs0000\tsk0007.dta"
sh=4875DAA51351A888129ED51DE91A972D9DC6DE4D ft=1 fh=c71c001154c0b59b vn="Variante von Win64/Adware.MultiPlug.D Anwendung" ac=I fn="G:\Neuer Ordner\Program Files (x86)\Adblocker\3tbh.x64.dll"
sh=827850885DA6B8794072D332CDD56E2BC113C4A9 ft=1 fh=c71c0011fce3c180 vn="Variante von Win32/AdWare.MultiPlug.AY Anwendung" ac=I fn="G:\Neuer Ordner\Program Files (x86)\Program Files (x86)\Adblocker\3tbh.dll"
sh=4875DAA51351A888129ED51DE91A972D9DC6DE4D ft=1 fh=c71c001154c0b59b vn="Variante von Win64/Adware.MultiPlug.D Anwendung" ac=I fn="G:\Neuer Ordner\Program Files (x86)\Program Files (x86)\Adblocker\3tbh.x64.dll"
FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-11-2014 01 Ran by Luca (administrator) on CEROX on 08-11-2014 12:39:25 Running from C:\Users\Luca\Downloads Loaded Profile: Luca (Available profiles: Luca) Platform: Microsoft Windows 7 Professional (X86) OS Language: Deutsch (Deutschland) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x2B9E38A949F8CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-4223536495-2468334825-2304086249-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION Tcpip\Parameters: [DhcpNameServer] 192.168.2.1 FireFox: ======== FF ProfilePath: C:\Users\Luca\AppData\Roaming\Mozilla\Firefox\Profiles\gh1f46xm.default FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\amazondotcom-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\eBay-de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\leo_ende_de.xml FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\yahoo-de.xml Chrome: ======= ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 catchme; \??\C:\Users\Luca\AppData\Local\Temp\catchme.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 12:39 - 2014-11-08 12:39 - 00000000 ____D () C:\Users\Luca\Downloads\FRST-OlderVersion 2014-11-08 12:36 - 2014-11-08 12:36 - 00854448 _____ () C:\Users\Luca\Downloads\SecurityCheck.exe 2014-11-08 10:36 - 2014-11-08 10:36 - 02347384 _____ (ESET) C:\Users\Luca\Desktop\esetsmartinstaller_deu.exe 2014-11-07 11:24 - 2014-11-07 11:24 - 00000000 ____D () C:\Windows\ERUNT 2014-11-07 11:22 - 2014-11-07 11:22 - 01706939 _____ (Thisisu) C:\Users\Luca\Downloads\JRT.exe 2014-11-07 11:20 - 2014-11-07 11:20 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-11-07 11:14 - 2014-11-07 11:14 - 00001018 _____ () C:\Windows\PFRO.log 2014-11-07 11:12 - 2014-11-07 11:13 - 00000000 ____D () C:\AdwCleaner 2014-11-07 11:11 - 2014-11-07 11:11 - 01998336 _____ () C:\Users\Luca\Desktop\AdwCleaner_4.002.exe 2014-11-07 10:59 - 2014-11-07 11:00 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-11-07 10:59 - 2014-11-07 10:59 - 00001070 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-11-07 10:59 - 2014-11-07 10:59 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-11-07 10:59 - 2014-10-01 11:11 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-11-07 10:59 - 2014-10-01 11:11 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-11-07 10:59 - 2014-10-01 11:11 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-11-07 10:58 - 2014-11-07 10:58 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Luca\Downloads\mbam-setup-2.0.3.1025.exe 2014-11-06 16:40 - 2014-11-07 11:44 - 00018344 _____ () C:\Users\Luca\Desktop\kopie.txt 2014-11-06 16:32 - 2014-11-06 16:32 - 00003616 _____ () C:\ComboFix.txt 2014-11-06 16:26 - 2014-11-06 16:32 - 00000000 ____D () C:\Qoobox 2014-11-06 16:26 - 2014-11-06 16:31 - 00000000 ____D () C:\Windows\erdnt 2014-11-06 16:26 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe 2014-11-06 16:26 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe 2014-11-06 16:26 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe 2014-11-06 16:26 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe 2014-11-06 16:25 - 2014-11-06 16:25 - 05591672 ____R (Swearware) C:\Users\Luca\Desktop\ComboFix.exe 2014-11-05 21:38 - 2014-11-05 21:38 - 00000000 ____D () C:\TDSSKiller_Quarantine 2014-11-04 21:51 - 2014-11-04 21:51 - 00057560 _____ () C:\Users\Luca\AppData\Local\GDIPFONTCACHEV1.DAT 2014-11-04 20:14 - 2014-11-04 20:14 - 04184008 _____ (Kaspersky Lab ZAO) C:\Users\Luca\Desktop\tdsskiller.exe 2014-11-04 19:23 - 2014-11-04 19:23 - 00380416 _____ () C:\Users\Luca\Downloads\u9ef9q2k.exe 2014-11-04 19:22 - 2014-11-04 19:22 - 00004793 _____ () C:\Users\Luca\Downloads\Addition.txt 2014-11-04 19:21 - 2014-11-08 12:39 - 00002909 _____ () C:\Users\Luca\Downloads\FRST.txt 2014-11-04 19:21 - 2014-11-08 12:39 - 00000000 ____D () C:\FRST 2014-11-04 19:20 - 2014-11-08 12:39 - 01107968 _____ (Farbar) C:\Users\Luca\Downloads\FRST.exe 2014-11-04 19:19 - 2014-11-04 19:19 - 00000470 _____ () C:\Users\Luca\Desktop\defogger_disable.log 2014-11-04 19:19 - 2014-11-04 19:19 - 00000000 _____ () C:\Users\Luca\defogger_reenable 2014-11-04 19:16 - 2014-11-04 19:16 - 00050477 _____ () C:\Users\Luca\Desktop\Defogger.exe 2014-11-04 17:13 - 2014-11-08 10:36 - 01472002 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-11-04 17:12 - 2014-11-04 17:12 - 00001127 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk 2014-11-04 17:12 - 2014-11-04 17:12 - 00001115 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk 2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Roaming\Mozilla 2014-11-04 17:12 - 2014-11-04 17:12 - 00000000 ____D () C:\Users\Luca\AppData\Local\Mozilla 2014-11-04 17:11 - 2014-11-07 11:40 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service 2014-11-04 17:11 - 2014-11-04 17:11 - 00000000 ____D () C:\ProgramData\Mozilla 2014-11-04 17:08 - 2014-11-04 17:08 - 00001419 _____ () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk 2014-11-04 17:08 - 2012-06-02 23:19 - 01933848 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00577048 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00053784 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-11-04 17:08 - 2012-06-02 23:19 - 00045080 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-11-04 17:08 - 2012-06-02 23:19 - 00035864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-11-04 17:08 - 2012-06-02 23:12 - 02422272 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-11-04 17:08 - 2012-06-02 23:12 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-11-04 17:08 - 2012-06-02 15:19 - 00171904 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-11-04 17:08 - 2012-06-02 15:12 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-11-04 17:07 - 2014-11-04 19:19 - 00000000 ____D () C:\Users\Luca 2014-11-04 17:07 - 2014-11-04 17:07 - 00000020 ___SH () C:\Users\Luca\ntuser.ini 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Public\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Netzwerkumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Druckumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Luca\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Netzwerkumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Druckumgebung 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Musik 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\Documents\Eigene Bilder 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\Users\Default User\AppData\Local\Verlauf 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Startmenü 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Microsoft\Windows\Start Menu\Programme 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 _SHDL () C:\ProgramData\Dokumente 2014-11-04 17:07 - 2014-11-04 17:07 - 00000000 ____D () C:\Users\Luca\AppData\Local\VirtualStore 2014-11-04 17:07 - 2009-07-14 05:42 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-04 17:07 - 2009-07-14 05:37 - 00000000 ___RD () C:\Users\Luca\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2014-11-04 16:33 - 2014-11-04 16:33 - 00001345 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk 2014-11-04 16:33 - 2014-11-04 16:33 - 00001326 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk 2014-11-04 16:32 - 2014-11-08 10:54 - 00124327 _____ () C:\Windows\WindowsUpdate.log 2014-11-04 16:32 - 2014-11-04 16:32 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf 2014-11-04 16:29 - 2014-11-04 16:33 - 00001313 _____ () C:\Windows\TSSysprep.log 2014-11-04 16:27 - 2014-11-04 17:07 - 00000000 ____D () C:\Windows\Panther 2014-11-03 10:00 - 2014-11-04 17:07 - 00000000 ____D () C:\Recovery 2014-11-03 02:23 - 2014-11-03 03:09 - 00000000 ____D () C:\$WINDOWS.~Q 2014-11-03 02:15 - 2014-11-03 02:18 - 00000000 ____D () C:\$INPLACE.~TR ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-11-08 12:29 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-11-08 12:29 - 2009-07-14 05:34 - 00009600 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-11-07 11:14 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-11-07 11:14 - 2009-07-14 05:39 - 00022513 _____ () C:\Windows\setupact.log 2014-11-06 16:32 - 2009-07-14 03:37 - 00000000 __RHD () C:\Users\Default 2014-11-06 16:32 - 2009-07-14 03:37 - 00000000 ___RD () C:\Users\Public 2014-11-06 16:30 - 2009-07-14 03:04 - 00000215 _____ () C:\Windows\system.ini 2014-11-06 16:26 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-11-04 22:51 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\rescache 2014-11-04 20:33 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-11-04 17:22 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-11-04 17:07 - 2009-07-14 05:52 - 00000000 ____D () C:\Windows\system32\restore 2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\system32\Recovery 2014-11-04 17:07 - 2009-07-14 03:37 - 00000000 ____D () C:\Program Files\Windows NT 2014-11-04 16:41 - 2009-07-14 05:33 - 00265640 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-11-04 16:40 - 2009-07-14 05:39 - 00000269 _____ () C:\Windows\setuperr.log 2014-11-04 16:33 - 2009-07-14 03:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories 2014-11-04 16:29 - 2009-07-14 09:57 - 00000000 ____D () C:\Windows\CSC 2014-11-04 16:29 - 2009-07-14 05:34 - 00001774 _____ () C:\Windows\DtcInstall.log 2014-11-04 16:27 - 2014-07-30 13:27 - 00008192 __RSH () C:\BOOTSECT.BAK 2014-11-04 16:27 - 2009-07-14 05:57 - 00025600 ___SH () C:\Windows\system32\config\BCD-Template.LOG 2014-11-04 16:27 - 2009-07-14 05:52 - 00028672 _____ () C:\Windows\system32\config\BCD-Template Some content of TEMP: ==================== C:\Users\Luca\AppData\Local\temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-11-05 15:50 ==================== End Of Log ============================ --- --- --- Und den Security Check, konnte ich nicht machen, da kam dann: Unsupported Operating system! Aborded. Und problem besteht immernoch... |
|
09.11.2014, 07:31
| #12 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Andere Rechner im gleichen Netzwerk haben diese Probleme nicht? Malware ist jetzt runter. Downloade dir bitte Farbar's MiniToolBox auf deinen Desktop und starte das Tool Setze einen Haken bei folgenden Einträgen
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
09.11.2014, 18:54
| #13 |
| | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht Niemand anderes im Netzwerk hat das Problem, nur ich... Code:
ATTFilter MiniToolBox by Farbar Version: 21-07-2014
Ran by Luca (administrator) on 09-11-2014 at 13:14:12
Running from "C:\Users\Luca\Desktop"
Microsoft Windows 7 Professional (X86)
Boot Mode: Normal
***************************************************************************
========================= Flush DNS: ===================================
Windows-IP-Konfiguration
Der DNS-Aufl?sungscache wurde geleert.
========================= IE Proxy Settings: ==============================
Proxy is not enabled.
No Proxy Server is set.
"Reset IE Proxy Settings": IE Proxy Settings were reset.
========================= FF Proxy Settings: ==============================
"Reset FF Proxy Settings": Firefox Proxy settings were reset.
========================= Hosts content: =================================
127.0.0.1 localhost
========================= IP Configuration: ================================
Intel(R) 82562V-2 10/100-Netzwerkverbindung = LAN-Verbindung (Connected)
# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4
reset
set global icmpredirects=enabled
popd
# Ende der IPv4-Konfiguration
Windows-IP-Konfiguration
Hostname . . . . . . . . . . . . : CeroX
Prim?res DNS-Suffix . . . . . . . :
Knotentyp . . . . . . . . . . . . : Hybrid
IP-Routing aktiviert . . . . . . : Nein
WINS-Proxy aktiviert . . . . . . : Nein
DNS-Suffixsuchliste . . . . . . . : Belkin
Ethernet-Adapter LAN-Verbindung:
Verbindungsspezifisches DNS-Suffix: Belkin
Beschreibung. . . . . . . . . . . : Intel(R) 82562V-2 10/100-Netzwerkverbindung
Physikalische Adresse . . . . . . : 00-1D-92-73-99-29
DHCP aktiviert. . . . . . . . . . : Ja
Autokonfiguration aktiviert . . . : Ja
Verbindungslokale IPv6-Adresse . : fe80::99d1:b1cb:4ddb:2ca7%11(Bevorzugt)
IPv4-Adresse . . . . . . . . . . : 192.168.2.13(Bevorzugt)
Subnetzmaske . . . . . . . . . . : 255.255.255.0
Lease erhalten. . . . . . . . . . : Freitag, 7. November 2014 11:14:52
Lease l?uft ab. . . . . . . . . . : Mittwoch, 16. Dezember 2150 19:42:33
Standardgateway . . . . . . . . . : 192.168.2.1
DHCP-Server . . . . . . . . . . . : 192.168.2.1
DHCPv6-IAID . . . . . . . . . . . : 234888594
DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-1B-EA-A9-AC-00-1D-92-73-99-29
DNS-Server . . . . . . . . . . . : 192.168.2.1
NetBIOS ?ber TCP/IP . . . . . . . : Aktiviert
Tunneladapter isatap.Belkin:
Medienstatus. . . . . . . . . . . : Medium getrennt
Verbindungsspezifisches DNS-Suffix: Belkin
Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
Tunneladapter LAN-Verbindung*:
Verbindungsspezifisches DNS-Suffix:
Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
DHCP aktiviert. . . . . . . . . . : Nein
Autokonfiguration aktiviert . . . : Ja
IPv6-Adresse. . . . . . . . . . . : 2001:0:5ef5:79fb:38a3:3a21:3f57:fdf2(Bevorzugt)
Verbindungslokale IPv6-Adresse . : fe80::38a3:3a21:3f57:fdf2%13(Bevorzugt)
Standardgateway . . . . . . . . . : ::
NetBIOS ?ber TCP/IP . . . . . . . : Deaktiviert
Server: F5d8233-4v3
Address: 192.168.2.1
DNS request timed out.
timeout was 2 seconds.
Name: google.com
Addresses: 64.15.112.44
64.15.112.45
64.15.112.30
64.15.112.59
64.15.112.40
64.15.112.39
64.15.112.50
64.15.112.54
64.15.112.34
64.15.112.35
64.15.112.49
64.15.112.24
64.15.112.55
64.15.112.29
64.15.112.25
64.15.112.20
Ping wird ausgef?hrt f?r google.com [64.15.112.20] mit 32 Bytes Daten:
Antwort von 64.15.112.20: Bytes=32 Zeit=24ms TTL=54
Antwort von 64.15.112.20: Bytes=32 Zeit=17ms TTL=54
Ping-Statistik f?r 64.15.112.20:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 17ms, Maximum = 24ms, Mittelwert = 20ms
Server: F5d8233-4v3
Address: 192.168.2.1
DNS request timed out.
timeout was 2 seconds.
Name: yahoo.com
Addresses: 206.190.36.45
98.139.183.24
98.138.253.109
Ping wird ausgef?hrt f?r yahoo.com [206.190.36.45] mit 32 Bytes Daten:
Antwort von 206.190.36.45: Bytes=32 Zeit=199ms TTL=42
Antwort von 206.190.36.45: Bytes=32 Zeit=189ms TTL=42
Ping-Statistik f?r 206.190.36.45:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 189ms, Maximum = 199ms, Mittelwert = 194ms
Ping wird ausgef?hrt f?r 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Ping-Statistik f?r 127.0.0.1:
Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
(0% Verlust),
Ca. Zeitangaben in Millisek.:
Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
11...00 1d 92 73 99 29 ......Intel(R) 82562V-2 10/100-Netzwerkverbindung
1...........................Software Loopback Interface 1
12...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================
IPv4-Routentabelle
===========================================================================
Aktive Routen:
Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.13 20
127.0.0.0 255.0.0.0 Auf Verbindung 127.0.0.1 306
127.0.0.1 255.255.255.255 Auf Verbindung 127.0.0.1 306
127.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
192.168.2.0 255.255.255.0 Auf Verbindung 192.168.2.13 276
192.168.2.13 255.255.255.255 Auf Verbindung 192.168.2.13 276
192.168.2.255 255.255.255.255 Auf Verbindung 192.168.2.13 276
224.0.0.0 240.0.0.0 Auf Verbindung 127.0.0.1 306
224.0.0.0 240.0.0.0 Auf Verbindung 192.168.2.13 276
255.255.255.255 255.255.255.255 Auf Verbindung 127.0.0.1 306
255.255.255.255 255.255.255.255 Auf Verbindung 192.168.2.13 276
===========================================================================
St?ndige Routen:
Keine
IPv6-Routentabelle
===========================================================================
Aktive Routen:
If Metrik Netzwerkziel Gateway
13 58 ::/0 Auf Verbindung
1 306 ::1/128 Auf Verbindung
13 58 2001::/32 Auf Verbindung
13 306 2001:0:5ef5:79fb:38a3:3a21:3f57:fdf2/128
Auf Verbindung
11 276 fe80::/64 Auf Verbindung
13 306 fe80::/64 Auf Verbindung
13 306 fe80::38a3:3a21:3f57:fdf2/128
Auf Verbindung
11 276 fe80::99d1:b1cb:4ddb:2ca7/128
Auf Verbindung
1 306 ff00::/8 Auf Verbindung
13 306 ff00::/8 Auf Verbindung
11 276 ff00::/8 Auf Verbindung
===========================================================================
St?ndige Routen:
Keine
========================= Winsock entries =====================================
Catalog5 01 C:\Windows\system32\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [232448] (Microsoft Corporation)
========================= Event log errors: ===============================
Application errors:
==================
System errors:
=============
Error: (11/09/2014 01:11:55 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (11/08/2014 08:52:40 PM) (Source: NetBT) (User: )
Description: Der Name "WORKGROUP :1d" konnte nicht auf der Schnittstelle mit IP-Adresse 192.168.2.13
registriert werden. Der Computer mit IP-Adresse 192.168.2.5 hat nicht
zugelassen, dass dieser Computer diesen Namen verwendet.
Error: (11/08/2014 00:43:26 PM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Error: (11/07/2014 11:45:34 AM) (Source: DCOM) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
=========================== Installed Programs ============================
Malwarebytes Anti-Malware Version 2.0.3.1025 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Mozilla Firefox 33.0.3 (x86 de) (HKLM\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 33.0.2 - Mozilla)
========================= Memory info: ===================================
Percentage of memory in use: 17%
Total physical RAM: 3070.18 MB
Available physical RAM: 2522.22 MB
Total Pagefile: 6138.63 MB
Available Pagefile: 5197.16 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.73 MB
========================= Partitions: =====================================
1 Drive c: (System) (Fixed) (Total:445.75 GB) (Free:207.21 GB) NTFS
2 Drive d: (RECOVER) (Fixed) (Total:20 GB) (Free:11.63 GB) FAT32
3 Drive e: (GSP1RMCPRXFRER_DE_DVD) (CDROM) (Total:3.04 GB) (Free:0 GB) UDF
4 Drive f: () (Fixed) (Total:0.1 GB) (Free:0.04 GB) NTFS
5 Drive g: (Luca) (Fixed) (Total:454.84 GB) (Free:454.74 GB) NTFS
========================= Users: ========================================
Benutzerkonten fr \\CEROX
Administrator Gast Luca
Der Befehl wurde erfolgreich ausgefhrt.
========================= Minidump Files ==================================
No minidump file found
**** End of log ****
Und das alles immer relativ schnell geklappt hat. Nun hab ich aber einfach mal Windows auf meine 2 Platte gezogen und darüber gebootet. Jetzt funktionier komischer weiße alles wieder. Ich werde die C formatieren und dann ist gut. Wollte halt nur eben bescheid geben, das dass Problem behoben ist. Vielen Dank |
|
10.11.2014, 16:39
| #14 |
| /// the machine /// TB-Ausbilder | Sämtliche Browser laden Websites sehr Langsam bzw Garnicht ok.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Sämtliche Browser laden Websites sehr Langsam bzw Garnicht |
| aufgegeben, booten, defender, desktop, fehler, fehlercode 0x5, fehlercode windows, festplatte, langsam, log's, problem, security, services.exe, stick, svchost.exe, tdss file system, usb, win32/adware.multiplug.ay, win32/kryptik.orf, win32/olmarik.adz, win32/olmarik.afk, win64/adware.multiplug.d, win64/olmarik.a, win64/olmarik.r, windows.old, winlogon.exe |
WARNUNG an die MITLESER: 
Linear-Darstellung
